Researchers at DomainTools have issued an alert about a malicious Android app that pretends to warn users about those infected with the COVID-19 Coronavirus in their vicinity.
In truth, the app locks users out of their devices and demands that $100 worth of Bitcoin ransom payment is made within 48 hours. If payment is not made, the ransomware claims, the phone will be completely erased and pictures, videos, and social media accounts shared online:
YOUR PHONE IS ENCRYPTED: YOU HAVE 48 HOURS TO PAY 100$ in BITCOIN OR EVERYTHING WILL BE ERASED
1. What will be deleted? your contacts, your pictures and videos, all social media accounts will be leaked publicly and the phone memory will be completely erased
2. How to save it? you need a decryption code that will disarm the app and unlock your data back as it was before
3. How to get the decryption code? you need to send the 100$ in bitcoin to the adress below, click the button below to see the code
NOTE: YOU GPS IS WATCHED AND YOUR LOCATION IS KNOWN, IF YOU TRY ANYTHING STUPID YOUR PHONE WILL BE AUTOMATICALLY ERASED
The researchers at DomainTools discovered the malware – which they have named CovidLock – after investigating the increased number of domain registered in the past few weeks related to Coronvavirus and COVID-19, many of which have been used to spread scams or false information.
In this particular case, the researchers discovered the malicious Android app was being distributed from a site called coronavirusapp[.]site (I don’t recommend visiting it), rather than via the official Google Play marketplace.
The fact that the app is only available from a third-party source does limit its ability to infect Android devices, as only users who visit the site, ignore the many warnings issued in the past about “side-loading” apps from unknown sources, and grant the app permissions to access the device’s accessibility settings and lock screen will be at risk.
Activate lock screen to get instant alert when a coronavirus patient is near you
DomainTools says that CovidLock’s screen-lock attack will not work on devices running Android Nougat or higher (Android 7.0 or later) if an unlock password has already been set by the user.
Fortunately, CovidLock does not appear to be the most accomplished ransomware ever written – and so even if you are unlucky enough to have had your phone infected it may be possible to recover access to your data without paying a ransom. Reddit users report that they have successfully analysed the app and determined the decryption password.
As ever, despite its shortcomings, Google’s official Play Store is a safer source for apps than third-party unofficial sites. Furthermore, if you’re an Android user always be very careful about what permissions you grant an app. One careless choice could lead to your data and privacy being put at risk.
For more discussion of this topic, listen to the “Smashing Security” podcast:
0:00
0:00
0:00
0:00
Show full transcript ▼
This transcript was generated automatically, probably contains mistakes, and has not been manually verified.
But I think that if I wanted to make money fast, this is a good scam. I mean, it's fast and you make some money.
So listeners, please don't take Ran Levi's advice.
The hosts of Smashing Security do not necessarily agree with the opinions or support in any way the views of the guest.
Smashing Security, Episode 170: Pornhub, Coronavirus Apps, and Remote Working with Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security, Episode 170.
My name's Graham Cluley.
Smashing Security, Episode 170: Pornhub, Coronavirus Apps, and Remote Working with Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security, Episode 170.
My name's Graham Cluley.
And I'm Carole Theriault.
And Carole, we are joined this week.
We are very lucky to be joined this week.
Well, it's not like he had anything else to do because he's been isolated in his Tel Aviv apartment Ran Levi from the Malicious Life podcast. Hello, Ran.
Hello. Hello. It's great to be back.
Ran, how are you handling doing your own podcast being locked in in your flat with your family?
Oh, man, it's difficult.
Actually, in the last week and a half, I'm just releasing reruns because recording in my attic, the sound quality is not too bad, but it's different than the usual sound quality, different environment.
So I'm leaving the quarantine in like 2, 3 days. And then I'll return to normal scheduling.
Actually, in the last week and a half, I'm just releasing reruns because recording in my attic, the sound quality is not too bad, but it's different than the usual sound quality, different environment.
So I'm leaving the quarantine in like 2, 3 days. And then I'll return to normal scheduling.
But tell us what happened. How have you ended up in self-isolated quarantine? What occurred to you?
Yeah, such bad luck. I commute by train every day. And there are, I don't know how many tens of trains every day to and from my house to Tel Aviv.
But apparently a corona patient, one of the very first corona patients in Israel, boarded my train at exactly the same time. And you know how it is.
I mean, it's a long train, probably 1,000-plus people on the train.
But apparently a corona patient, one of the very first corona patients in Israel, boarded my train at exactly the same time. And you know how it is.
I mean, it's a long train, probably 1,000-plus people on the train.
All right.
And they just said, you know what, all of you quarantine now. And actually, it was my wife who kicked me up to the attic.
She said, what is that? Something she's done before? She banished you to the attic in the past?
Have you been up there for like 10 days?
Yes, I have.
Really?
Seriously?
Yeah, it's not too bad because this is basically my home office day to day. But if you don't leave the same room for like 10 days.
At some point, I kept forgetting what day it was, because every day seemed like the last one.
At some point, I kept forgetting what day it was, because every day seemed like the last one.
So is it Sunday?
Or is it Monday?
I don't remember.
Does it even matter?
I remember this podcast about this guy who went and lived on his own in a cave to see how long it would take him to go mad. No light, nothing, sensory deprivation, effectively.
It was in France somewhere in a cave. And he went apeshit, I think, after a few weeks.
It was in France somewhere in a cave. And he went apeshit, I think, after a few weeks.
I can relate.
Don't worry, we've got you.
You know what's worse than the isolation? Because, you know, I've got internet and computer and everything.
You have no bugs.
You have no toilet.
It's going out the window.
I've got a toilet.
Thank God.
I can handle that.
Thank goodness.
It's the lack of contact, personal contact. I haven't touched a human being for almost two weeks. And I mean, I can feel it. I want to touch my kids and you want to hold something.
Ran, you know sometimes you can sleep on your arm and you get a dead arm.
Have you?
I mean, if you're desperate.
I do have my cat who's not afraid of me.
Poor cat, poor cat. I think we should move on. Carole, what have we got coming up on the show this week?
First, thanks to this week's sponsors, LastPass and Domain Tools. Their support helps us give you this show for free.
Now on today's COVID-19 special, Graham tells us how to avoid being duped by scammy apps.
Ran is gonna talk about how Israel is using anti-terror tech to help combat the invisible enemy that is corona.
And I will help you newbie homeworkers out there make sure you have all your cyber bases covered. All this and much more coming up on this episode of Smashing Security.
COVID's Diary.
Now on today's COVID-19 special, Graham tells us how to avoid being duped by scammy apps.
Ran is gonna talk about how Israel is using anti-terror tech to help combat the invisible enemy that is corona.
And I will help you newbie homeworkers out there make sure you have all your cyber bases covered. All this and much more coming up on this episode of Smashing Security.
COVID's Diary.
Now, chums, chums, we live in rather scary times.
Yeah, I've been saying it for a month.
Yeah, yes, like Cassandra, you've been warning us, Carole, and now it's happened. They are walking amongst us.
Some of them have the sniffles, some have sore throats, some aren't showing any signs of infection at all. They might be a bus driver, a cleaning lady, neighbours, partners.
Some of them have the sniffles, some have sore throats, some aren't showing any signs of infection at all. They might be a bus driver, a cleaning lady, neighbours, partners.
It's like a zombie apocalypse.
It is. Even the hosts of rival security podcasts banished to their attics.
Now, for a day or two, it seemed even the germaphobe-in-chief at the White House— he might be one of them, but he's now been given the all-clear— we are all quite understandably worried and concerned about not only catching the coronavirus, but also running out of toilet paper.
Yeah, exactly. I've just— I've literally just come back from the supermarket again completely bereft of all loo paper.
Now, for a day or two, it seemed even the germaphobe-in-chief at the White House— he might be one of them, but he's now been given the all-clear— we are all quite understandably worried and concerned about not only catching the coronavirus, but also running out of toilet paper.
Yeah, exactly. I've just— I've literally just come back from the supermarket again completely bereft of all loo paper.
But didn't you just score a stash there, Mr. Cluley?
My wife has ordered some loo paper online. It hasn't arrived yet.
Oh, so he got scammed.
But I don't know. Anyway, crazy, crazy times, right? The Health Authority boffins, they're warning us that most of us will catch it.
But if enough of us manage to hold it off for long enough, maybe we'll be able to give the hospitals the best chance to cope with the increased demand.
It's like, like you said, Carole, it's like a zombie apocalypse movie.
Wouldn't it be wonderful to have a magic wand that we could use to wave in front of people to determine if they're catching a virus? Maybe— That isn't a dolphin impression.
That's my Geiger counter, being able to tell who's got it. I would love one of those.
But if enough of us manage to hold it off for long enough, maybe we'll be able to give the hospitals the best chance to cope with the increased demand.
It's like, like you said, Carole, it's like a zombie apocalypse movie.
Wouldn't it be wonderful to have a magic wand that we could use to wave in front of people to determine if they're catching a virus? Maybe— That isn't a dolphin impression.
That's my Geiger counter, being able to tell who's got it. I would love one of those.
Yeah, it's just called virus testing kits, which, you know, our government didn't think it was important to have them.
They're a little bit difficult to come by at the moment.
Is it hard in Israel to get them, Ran?
Yeah, and we don't have them. Only the government has them.
Because they're the important people, and what would we do without them being in charge?
So if you say you suspected that you had contracted the illness, right? You got a fever, whatever. What is your Israeli national advice?
You don't go to the hospital because then you infect everybody around you. You call an ambulance.
They come and they test you at home and you don't leave your home unless real life danger.
They come and they test you at home and you don't leave your home unless real life danger.
Is there a little bit of you though, Ran? Because I have met Israeli people before and I know what they can be like. They're beautiful people.
They are beautiful people, but they're also rather tough. You don't want to get on the wrong side of an Israeli.
Is there a bit of a macho bit of you which kind of thinks, oh, we can just sort of rough this out? Is that so?
They are beautiful people, but they're also rather tough. You don't want to get on the wrong side of an Israeli.
Is there a bit of a macho bit of you which kind of thinks, oh, we can just sort of rough this out? Is that so?
No, that's a lot of them. I can rough it out. I don't need to go to the hospital. I mean, it's only the flu for most people. So yeah, I can rough it out.
Yeah, exactly. If you don't have a magic wand or a Geiger counter to be able to tell if someone's infected, maybe these days an app would be the solution, right?
And turns out there are apps which claim to do that. They actually exist.
And turns out there are apps which claim to do that. They actually exist.
What do you mean, like an app that tells me whether I have the virus or not?
No, they tell you if there's someone near you who has it.
Oh, like confirmed cases. This is how close you are.
It's like Tinder.
It's like Tinder.
It's like, cross the road, cross the road!
It's the opposite of Tinder. It's the anti-Tinder.
So it tells you there's a guy called Ran. He's got brown eyes. He's 6'2". He likes to live in the attic. You know, he's been virulent for this long.
He's been shitting in a bucket.
Now, there is a website called — do not go to it! Do not go to it.
People, do not type in that name of that website, because that website, which is by the way also run by a group of people who also run a website called Dating for Sex, which feels like tautology.
People, do not type in that name of that website, because that website, which is by the way also run by a group of people who also run a website called Dating for Sex, which feels like tautology.
I'm sure I've gone to that site before. I'm sure.
But anyway, don't visit it. If you go there, you will be greeted by a world map of coronavirus infections, which you can zoom in on.
Oh, I'm totally addicted to those.
I've been looking at the Johns Hopkins one daily. Johns Hopkins one is legitimate, that's fair enough.
But at the top of this particular one, it has a banner which pops up, which invites Android users to get a real-time number of coronavirus cases based upon your GPS location.
Sneaky, sneaky.
But at the top of this particular one, it has a banner which pops up, which invites Android users to get a real-time number of coronavirus cases based upon your GPS location.
Sneaky, sneaky.
That is so preying on people's—
Yeah. Social engineering at its best.
And it says, for the best experience, if you download the app, you should enable accurate reporting. So you basically turn on all the features.
And of course, this is something people want right now, right?
I would love to know if I should go down the bottom of the hill or not, or whether I should stay up here at the top of it, right? Where it's going to be safer.
Now, this isn't a Google Play app. This is an app which you get from a third-party site. So it's a sideloaded app.
And as we all know, although Google Play isn't perfect and there are malicious apps which get in it sometimes, it's a heck lot safer than downloading apps to your Android phone from any Thom, Dick, or Harry site.
And of course, this is something people want right now, right?
I would love to know if I should go down the bottom of the hill or not, or whether I should stay up here at the top of it, right? Where it's going to be safer.
Now, this isn't a Google Play app. This is an app which you get from a third-party site. So it's a sideloaded app.
And as we all know, although Google Play isn't perfect and there are malicious apps which get in it sometimes, it's a heck lot safer than downloading apps to your Android phone from any Thom, Dick, or Harry site.
Sorry, I'm really ignorant here, right? So I don't have an Android phone. I rarely download apps because I'm paranoid Android. Funny, funny. So how does that work?
So I would just assume if it's not in the Play Store, don't get it. So how do people download that? How does that happen?
So I would just assume if it's not in the Play Store, don't get it. So how do people download that? How does that happen?
Well, there is an option in the Android operating system, which if you just click the button or uncheck it, then it allows you to download apps from anywhere.
So basically, I could borrow — you know, you could borrow your mom's phone, right, your teen, and go, hey, this is cool.
Do you want to have a map to know if— and then mom would be like, wicked. Yeah, as long as it's free. Okay, got you.
Do you want to have a map to know if— and then mom would be like, wicked. Yeah, as long as it's free. Okay, got you.
All you have to have is an APK file, and it's a regular application.
I mean, you remember Steve Jobs, you know, was a complete control freak, right?
So when he built the iPhone and the iOS operating system, it was all about incredible levels of control.
So when he built the iPhone and the iOS operating system, it was all about incredible levels of control.
Just because he wore a turtleneck does not make him a control freak, Graham.
Anyway, if you run this particular app, if you install it onto your Android, you are greeted by a message which has a sort of anonymous logo on it.
And it says, "Your phone is encrypted.
You have 48 hours to pay $100 in bitcoin or everything will be erased." And it claims to have grabbed your contacts, your pictures, your videos, all your social media accounts.
And it says it will leak them publicly and the entire phone will be completely erased and it locks your phone.
You can't use your phone anymore 'cause you have to enter the magic number, which it says you will only get if you pay the ransom.
And it says, "Your phone is encrypted.
You have 48 hours to pay $100 in bitcoin or everything will be erased." And it claims to have grabbed your contacts, your pictures, your videos, all your social media accounts.
And it says it will leak them publicly and the entire phone will be completely erased and it locks your phone.
You can't use your phone anymore 'cause you have to enter the magic number, which it says you will only get if you pay the ransom.
Okay, another question. So I've lost a number of phones and broken a number of phones in my life.
Right? 'Cause you're a klutz.
But what I've learned from that experience, certainly on iPhone, is that you could just reset it and everything gets downloaded from your cloud account.
Well, yeah, I guess if you've got a backup, then big whoop.
Don't be afraid if this happens to you. Just go, "Fine, screw off, I'll just reset."
I was always wondering how effective are ransomwares in general on mobile devices, because I mean, for most people, I think it's a given that your phone will fall down toilet at some point.
Yes, you're spending a lot of time there right now, of course, because you're dreaming you had a toilet, Ran.
Or down the bucket, whatever works at particular times. And then everybody, everything will be lost anyway. So I wonder if people actually pay these kinds of ransomware.
It is an excellent question, Ran, and we have the information. I'm so impressed.
You've got so much time to do research these days.
Don't be so impressed. This was because of some research done by the folks at Domain Tools who first alerted about this particular piece of ransomware.
Turns out that this ransomware, which they've called Covid Lock, doesn't actually encrypt or steal your files at all. The ransomware is lying.
All it has done is locked your Android phone.
Turns out that this ransomware, which they've called Covid Lock, doesn't actually encrypt or steal your files at all. The ransomware is lying.
All it has done is locked your Android phone.
Well, it's not like they've built a huge trust relationship with me already, since the app is a big pile of poop.
Oh, I see. So you're not feeling too let down by it. You're not disappointed. Once burnt, twice shy, dudes. Apparently, after you start the app, it just waits for about 60 seconds.
So it's sort of mimicking that it's doing something. Doing things in the background. And then displays the ransom note.
And so you think, "Oh crikey, it must have done all this stuff in the background." It's done nothing of the sort.
And a new variant of the ransomware is now asking for $250 as opposed to $100. So the price has gone up.
But according to the researchers, and this is where we come back to Ran's point, the bitcoin wallet which it's asking to be paid has so far received absolutely nothing.
So it's sort of mimicking that it's doing something. Doing things in the background. And then displays the ransom note.
And so you think, "Oh crikey, it must have done all this stuff in the background." It's done nothing of the sort.
And a new variant of the ransomware is now asking for $250 as opposed to $100. So the price has gone up.
But according to the researchers, and this is where we come back to Ran's point, the bitcoin wallet which it's asking to be paid has so far received absolutely nothing.
Zero. It's been a failure. Nobody's buying it.
It's been a disaster. A complete disaster.
If you thought the world was having enough disaster, here's another disaster compounded, which is that the ransomware authors are a load of old rubbish.
They're not fulfilling their promises. They're not encrypting your data. They're not actually stealing your files, and they're not even making any money. Okay, but do—
If you thought the world was having enough disaster, here's another disaster compounded, which is that the ransomware authors are a load of old rubbish.
They're not fulfilling their promises. They're not encrypting your data. They're not actually stealing your files, and they're not even making any money. Okay, but do—
Despite all their attempts. Graham, or chum, chum.
I don't know if it's a two-way chum thing.
Well, I could call you what I normally call you, but— Could you please stay at least civil?
Six feet away, yes. Okay, clueless.
Okay, now couldn't this have been a test?
Oh, maybe.
Couldn't this just be test malware just to see if the whole thing kind of works and people download it and they're going, "See, I told you, boss. People are gonna fall for this.
Let's do it for real." Well, I suppose so. Certainly, it doesn't appear to be the most professional piece of Android ransomware ever seen.
One of the interesting things, of course, is that if you were infected by this, and at the moment it looks like it's just security researchers downloading it, rather than actual real victims of this.
But if you were to have your phone locked, the interesting thing is that the unlock code is actually hardcoded within it and is available for anyone to find.
So it's not even something which changes. So the unlock code, I can tell you right now, is 4865083501.
So all you have to do if you were unlucky enough to get infected, that's the solution. If only it was so easy to fix coronavirus, eh? Wouldn't that be good?
One of the interesting things, of course, is that if you were infected by this, and at the moment it looks like it's just security researchers downloading it, rather than actual real victims of this.
But if you were to have your phone locked, the interesting thing is that the unlock code is actually hardcoded within it and is available for anyone to find.
So it's not even something which changes. So the unlock code, I can tell you right now, is 4865083501.
So all you have to do if you were unlucky enough to get infected, that's the solution. If only it was so easy to fix coronavirus, eh? Wouldn't that be good?
Actually, you know what? I think it's very smart for the crooks to use social engineering in that way and not invest any time or effort in actually creating ransomware.
Because think about it, I mean, they probably invested like, I don't know, 1, 2 hours, few hours working on that app and the website. And that's all.
And if they get, I don't know, $100, $250, maybe $1,000 from like 4 or 5 people who really fell for that really silly scam, it's good money for a few hours of work.
They didn't invest any time in actually creating ransomware. So yeah, it could be smart.
Because think about it, I mean, they probably invested like, I don't know, 1, 2 hours, few hours working on that app and the website. And that's all.
And if they get, I don't know, $100, $250, maybe $1,000 from like 4 or 5 people who really fell for that really silly scam, it's good money for a few hours of work.
They didn't invest any time in actually creating ransomware. So yeah, it could be smart.
The ROI is huge.
They've probably spent so much time washing their hands 48 times a day that they haven't had time to finish the coding, which is good news for all of us, isn't it?
And it actually gives you some hope for the future of humanity.
This gives us hope that the economy will be restored, that we won't face financial apocalypse because of all this horror which is going on right now.
Because we see actual entrepreneurial spirit in action, don't we? Because we're seeing these guys taking advantage of an opportunity.
And it actually gives you some hope for the future of humanity.
This gives us hope that the economy will be restored, that we won't face financial apocalypse because of all this horror which is going on right now.
Because we see actual entrepreneurial spirit in action, don't we? Because we're seeing these guys taking advantage of an opportunity.
They're so incredibly creative in their deception. We're going to give them a little award.
Well, not a physical award, Carole.
Right, but you sound impressed. I'm just saying.
No, I am actually quite impressed. I mean, this is— This is how bored you are.
We're not surprised you are impressed. You've been sitting in the same room for 10 days.
Yeah. I mean, any entertainment in my case is good entertainment.
This is one of the best things you've done all week.
We know that.
But I think that if I wanted to make money fast, this is a good scam. I mean, it's fast and you make some money.
So listeners, please don't take Ran Levi's advice.
The hosts of Smashing Security do not necessarily agree with the opinions or support in any way the views of the guests.
Well, it's with some dread now that I say, Ran, what's your story for us?
Well, it's with some dread now that I say, Ran, what's your story for us?
Yeah, okay. So now I'll give you a story straight out of Israel, of course.
I think it was the last time that we spoke, I also gave an example story from Israel because we've got lots of interesting news going around.
And actually, I think it was 8 hours ago, the government approved in a kind of a very hush-hush move and very quick decision for the, it's called, just a second.
I think it was the last time that we spoke, I also gave an example story from Israel because we've got lots of interesting news going around.
And actually, I think it was 8 hours ago, the government approved in a kind of a very hush-hush move and very quick decision for the, it's called, just a second.
There's thunder. Hang on. What is going on? Is that the Palestinians? What's going on, man?
It's the apocalypse. The four horses of the apocalypse. One just landed above my house. Anyway, the government approved the Shin Bet, which is the equivalent of the FBI in Israel.
It's the internal security force to track Corona patients' cell phones and report to people around them if they were in the vicinity of someone who was infected.
It's the internal security force to track Corona patients' cell phones and report to people around them if they were in the vicinity of someone who was infected.
I just feel like I've been in a time warp. How does this, Graham, this sounds very—
This sounds very much like the app which the ransomware guys were promising. Turns out the Israelis have actually written it.
It works. What they are doing, and that's, I mean, the headline of most news stories about it were kind of Israel uses anti-terror technology to counter coronavirus.
This is a bit clickbaity because it's not actually anti-terror technology.
It's a simple, you know, mobile tracking technology that you can contact the mobile companies, the mobile service providers.
And if you have the, you know, from the court, you have the proper documents, they'll give you the information about whoever is their client and where in the world he is moving around.
Basically the same technology that they use every day.
This is a bit clickbaity because it's not actually anti-terror technology.
It's a simple, you know, mobile tracking technology that you can contact the mobile companies, the mobile service providers.
And if you have the, you know, from the court, you have the proper documents, they'll give you the information about whoever is their client and where in the world he is moving around.
Basically the same technology that they use every day.
So how do you think this will be used in principle? Will it be used against individuals?
So for instance, imagine there is a train where a known coronavirus victim has been on the train, and would they use this to track other people who had been on the train to identify them?
Is that the sort of thing which is—
So for instance, imagine there is a train where a known coronavirus victim has been on the train, and would they use this to track other people who had been on the train to identify them?
Is that the sort of thing which is—
Yeah, the way they are planning to use it, and as I said, it's really just in the last few hours that the announcement was made is that when somebody is tested and is seen to be positive infected with coronavirus, they go back and see the records of all the places he was in the last 14 days.
And then automatically they send messages to all the people whose phones were around this guy while he was moving around the world.
So if, for example, in my case, if the corona patient that was on my train was say in my immediate vicinity in the train, they probably could tell that from the geolocation of the mobile device and they could have sent me immediately SMS saying, you know, this guy who right now was tested positive, a week ago he was near you in the train.
So now go and test yourself or be quarantined. And I think it's a great idea basically because now you can really control the infection vectors.
If somebody is detected, you can get ahold of the people who were near him and everybody's got a cell phone.
And then automatically they send messages to all the people whose phones were around this guy while he was moving around the world.
So if, for example, in my case, if the corona patient that was on my train was say in my immediate vicinity in the train, they probably could tell that from the geolocation of the mobile device and they could have sent me immediately SMS saying, you know, this guy who right now was tested positive, a week ago he was near you in the train.
So now go and test yourself or be quarantined. And I think it's a great idea basically because now you can really control the infection vectors.
If somebody is detected, you can get ahold of the people who were near him and everybody's got a cell phone.
But think about it, it's crazy as well though. Don't think the world's not going to change. If one person in one train impacts what, 80 people?
And they are then all in quarantine for two weeks, and that happens everywhere, it's going to be an interesting time for us all.
And they are then all in quarantine for two weeks, and that happens everywhere, it's going to be an interesting time for us all.
It is already. I mean, think about my case. I was in a train with some 1,000 other people.
All of them were quarantined because we don't know where that guy's been specifically on the train. Exactly.
If I knew he was in the same car as me in the train, I would be quarantined.
But if we knew that he was in the back of the train, I was in the front of the train, I would probably be safe. I wouldn't have to be quarantined.
So I think the potential of that kind of technology to really help control the epidemic sounds great. Really sounds great.
I think the only caveat here is that that decision, specific decision, which is a good decision basically, it was gotten to in a way which is very problematic because there's no parliamentary oversight over that decision.
And nobody prevents the government from abusing that. They just decided it. There's no oversight from judiciary system or the parliamentary system.
So nothing stops the government from tracking political rivals, you know, abusing the power as we are always afraid of governments.
So I think it's the process that's problematic here and maybe the practical use.
All of them were quarantined because we don't know where that guy's been specifically on the train. Exactly.
If I knew he was in the same car as me in the train, I would be quarantined.
But if we knew that he was in the back of the train, I was in the front of the train, I would probably be safe. I wouldn't have to be quarantined.
So I think the potential of that kind of technology to really help control the epidemic sounds great. Really sounds great.
I think the only caveat here is that that decision, specific decision, which is a good decision basically, it was gotten to in a way which is very problematic because there's no parliamentary oversight over that decision.
And nobody prevents the government from abusing that. They just decided it. There's no oversight from judiciary system or the parliamentary system.
So nothing stops the government from tracking political rivals, you know, abusing the power as we are always afraid of governments.
So I think it's the process that's problematic here and maybe the practical use.
Yeah, I mean, I can imagine if this was used outside of Israel in the rest of the world. Maybe other countries will.
Let's take an example, for instance, Justin Trudeau, the boss of Canada, he's been self-isolating and his wife, I believe, was infected by coronavirus.
Now, I then heard that Idris Elba, the actor, also infected. He's also infected. Turns out he met up with Justin Trudeau's wife.
And now I'm not pointing any fingers here, but we all know what Idris Elba's a bit with the ladies in terms of the ladies' reaction.
I'm just saying, they were clearly in proximity, and that's possibly how it happened. Maybe it happened at a conference instead.
Let's take an example, for instance, Justin Trudeau, the boss of Canada, he's been self-isolating and his wife, I believe, was infected by coronavirus.
Now, I then heard that Idris Elba, the actor, also infected. He's also infected. Turns out he met up with Justin Trudeau's wife.
And now I'm not pointing any fingers here, but we all know what Idris Elba's a bit with the ladies in terms of the ladies' reaction.
I'm just saying, they were clearly in proximity, and that's possibly how it happened. Maybe it happened at a conference instead.
I cannot believe you're bringing my mother country's leaders into such disrepute.
Idris Elba isn't British Prime Minister yet, Carole. He's not actually our leader. But maybe one day, I'm sure it won't happen.
Anyway, I'm just saying there's clearly privacy angles here and this information could be used.
Anyway, I'm just saying there's clearly privacy angles here and this information could be used.
Who could blame her anyway?
If just for gossip. That's what I was expecting. That's what I was expecting.
I mean, it raises the question of what's the role of right for privacy in such extreme situations?
Even a normal day, it's hard, right?
Exactly.
And I mean, people in Israel, of course, are talking about it, saying, well, this is obviously an invasion of privacy, but the consensus is that, okay, this is probably a good idea in the short term, not a good idea in the long term.
And I mean, people in Israel, of course, are talking about it, saying, well, this is obviously an invasion of privacy, but the consensus is that, okay, this is probably a good idea in the short term, not a good idea in the long term.
Seriously, guys, you don't have to worry about that because we're all going to be dead anyway. So I think stop worrying about these hypotheticals.
I'm not going to be dead.
I haven't left my house in two weeks. Okay.
We're going to be all dead, but our butts are going to be very clean.
Everybody's buying toilet papers crazy.
What are they all doing with that?
I have a conspiracy theory about that.
Carole, what's your story first?
I'll tell you after the show. Okay.
You know, you guys though, you keep thinking about yourselves in this time of crisis, and you're forgetting a very important industry that is seriously impacted by this.
Can you think what it is?
You know, you guys though, you keep thinking about yourselves in this time of crisis, and you're forgetting a very important industry that is seriously impacted by this.
Can you think what it is?
Ice cream salesmen? What do we— well, I don't know.
The porn industry. Not only can they not get their hands on any antibac wipes, just the requirement of the job puts them at risk.
Maybe actually, maybe there's probably some niche hazmat suit smut somewhere or something.
Maybe actually, maybe there's probably some niche hazmat suit smut somewhere or something.
I bet there is. I bet there is too.
You think I'm kidding, really? You think I'm kidding?
But if the Free Speech Coalition said in an announcement that it's asking the producers to voluntarily cancel all shoots through to March first so that performers stop shooting new content with people who aren't part of their households.
I've never heard it called shooting new content.
But if the Free Speech Coalition said in an announcement that it's asking the producers to voluntarily cancel all shoots through to March first so that performers stop shooting new content with people who aren't part of their households.
I've never heard it called shooting new content.
Okay, but that is not my story today.
I know you wish it were. Good, good.
That's unthinkable. I can do without the economy, but the truth is that we have run out of porn, so we do need more to be made.
It's not like there isn't an awful lot out freely available. You don't have to go down the supermarket and find it on a shelf. It's everywhere, for goodness' sake.
Why would you need more?
It's not like there isn't an awful lot out freely available. You don't have to go down the supermarket and find it on a shelf. It's everywhere, for goodness' sake.
Why would you need more?
Well, there's something else to consider in all this, right? Especially if there's a dearth in porn.
Apparently China has announced a spike in divorce requests, claiming that the coronavirus has forced couples to spend too much time together during their quarantine, and they're just like, I have married a frickin' bozo.
Apparently China has announced a spike in divorce requests, claiming that the coronavirus has forced couples to spend too much time together during their quarantine, and they're just like, I have married a frickin' bozo.
I can relate. Ran's wife had the answer to that. She just sent him to the attic.
Put them in the attic.
Can someone divorce with their kids after two weeks though?
However, we digress. My story, which I've mentioned many, many, many times before, is about the need for social distancing.
And that's one of the ways we're trying to contain the spread of this contagion. And for a lot of us, that means working from home, which turns out is a big opportunity.
Those of us that have that opportunity should be feeling really blessed right now because there are millions of people that don't have that.
Now, for those of us that have been doing it for some time, we've inadvertently optimized our situations over the years, haven't we? And we've made our environments pretty bearable.
We know our neighbors, we have a snack cupboard, you know, we have hobbies and daily routines to try and manage all that stuff — entertainment, productivity, all that stuff, talking to people.
And that's one of the ways we're trying to contain the spread of this contagion. And for a lot of us, that means working from home, which turns out is a big opportunity.
Those of us that have that opportunity should be feeling really blessed right now because there are millions of people that don't have that.
Now, for those of us that have been doing it for some time, we've inadvertently optimized our situations over the years, haven't we? And we've made our environments pretty bearable.
We know our neighbors, we have a snack cupboard, you know, we have hobbies and daily routines to try and manage all that stuff — entertainment, productivity, all that stuff, talking to people.
Can I just say that the whole reason I started working from home was to stop talking to people?
Because in the office, it was kind of obvious that I was choosing not to talk to people, but now at home, I can get away with it much more easily.
Because in the office, it was kind of obvious that I was choosing not to talk to people, but now at home, I can get away with it much more easily.
Well, okay, so I wanted to know how many people do you think in the UK work from home as their main job? So I looked up 2019 statistics just to try and bypass this stuff.
I don't know, 1 in 10. So 1 in 40. Oh, really? So 1.5 million people work from home. So 1 in 40 of workers work from home. And in the States, it's closer to 1 in 30.
So that means there are millions of people out there that are currently being asked to work from home for the first time.
Twitter has told people to work from home, Amazon, Google, NASA, JP Morgan, Samsung, the list goes on.
I don't know, 1 in 10. So 1 in 40. Oh, really? So 1.5 million people work from home. So 1 in 40 of workers work from home. And in the States, it's closer to 1 in 30.
So that means there are millions of people out there that are currently being asked to work from home for the first time.
Twitter has told people to work from home, Amazon, Google, NASA, JP Morgan, Samsung, the list goes on.
My company's team is working from home.
Right. Yeah, yeah, yeah. Because you probably spread the disease, Ran.
No, nobody's sick, but everybody's been ordered home. Yeah.
As a precaution. Yeah, okay. So, you know, we make jest, but it is super stressful, right?
And I think all of us know something or two about security, and we know one or two things about working from home.
So, I thought we could share a few of our tidbit advice with our listeners to help them get through this. So, let's get the boring security stuff out of the way first.
So, my first piece would be that orgs really need to provide a to-do list for people to ensure that their home environment is safe for them to do work from and to access files and all the stuff they're supposed to do.
Some home workers are going to be asked to use their personal machines. Others will have dedicated working machines. Others will be waiting for machines to be delivered.
And the first big security nightmare, I think, is making sure that that home machine is safe to access work files and services.
So big companies out there are gonna know what to do, right? But there are some companies that are facing this for the very first time.
Yeah, I would say make sure you're not using the default password that was provided with your router.
And I think all of us know something or two about security, and we know one or two things about working from home.
So, I thought we could share a few of our tidbit advice with our listeners to help them get through this. So, let's get the boring security stuff out of the way first.
So, my first piece would be that orgs really need to provide a to-do list for people to ensure that their home environment is safe for them to do work from and to access files and all the stuff they're supposed to do.
Some home workers are going to be asked to use their personal machines. Others will have dedicated working machines. Others will be waiting for machines to be delivered.
And the first big security nightmare, I think, is making sure that that home machine is safe to access work files and services.
So big companies out there are gonna know what to do, right? But there are some companies that are facing this for the very first time.
Yeah, I would say make sure you're not using the default password that was provided with your router.
That's basic security. Yeah.
101. Yeah, you should always do that. Yeah, yeah, yeah.
And lots of people don't. So if you haven't, go do that. The other thing is locking your screen all the time.
Some of you with kids out there are gonna be having that problem of how do I get the kids, keep the kids off this machine so they don't play their games and don't get on it?
Because not everybody has a house full of tech and this might be the only piece of decent equipment in the house.
So making sure that the passwords are not known and not shared just because you can't be bothered to go put it in and don't let them play with it.
And if they do, I think you need to report it to IT.
Some of you with kids out there are gonna be having that problem of how do I get the kids, keep the kids off this machine so they don't play their games and don't get on it?
Because not everybody has a house full of tech and this might be the only piece of decent equipment in the house.
So making sure that the passwords are not known and not shared just because you can't be bothered to go put it in and don't let them play with it.
And if they do, I think you need to report it to IT.
I would even go a step further and disallow the employees from working from their own personal computers.
I think companies should provide them with laptops from work because for many people, I think the home machines are vulnerable because we download stuff and we browse unsafe websites, whatever.
And I mean, I have 6, 7 people working for me. I can never be sure what their home environment is. I can never trust it.
So I would probably give them laptops from work and you only say you only access the company's, you know, IT infrastructure from these computers.
Don't log in from your home computer. That's probably a corrupted and virusful environment in the day to day.
I think companies should provide them with laptops from work because for many people, I think the home machines are vulnerable because we download stuff and we browse unsafe websites, whatever.
And I mean, I have 6, 7 people working for me. I can never be sure what their home environment is. I can never trust it.
So I would probably give them laptops from work and you only say you only access the company's, you know, IT infrastructure from these computers.
Don't log in from your home computer. That's probably a corrupted and virusful environment in the day to day.
I think that's a sensible investment for companies to make. I mean, it may only cost them like £600 per computer.
But exactly. That's a ton of money if they're looking at being shut down if they don't get business ramped up in the next 8 weeks.
Well, yeah, and obviously they have to order these things and get them delivered.
The hardware manufacturers are going to do well at least if they manage to keep their supply chains going.
But I think from the security point of view, ideally they are going to be using an approved computer which has been checked over by the IT team rather than Lord knows what from Windows 95.
The hardware manufacturers are going to do well at least if they manage to keep their supply chains going.
But I think from the security point of view, ideally they are going to be using an approved computer which has been checked over by the IT team rather than Lord knows what from Windows 95.
Yes, and another option is to maybe provide some sort of a virtual machine on that home computer. So, it's technically more difficult.
You'd have to probably bring a technician to actually operate this or set up the install.
But that's another option because giving people the option to log in from, I mean, it's a horrible environment, the home computer with games from the kids and everything.
There's probably a large percentage of malware ransomware hiding in those files anywhere. So I wouldn't give them the option to log in from their personal computers.
That's too big a risk, I think.
You'd have to probably bring a technician to actually operate this or set up the install.
But that's another option because giving people the option to log in from, I mean, it's a horrible environment, the home computer with games from the kids and everything.
There's probably a large percentage of malware ransomware hiding in those files anywhere. So I wouldn't give them the option to log in from their personal computers.
That's too big a risk, I think.
It's a complicated one, but I think some will be forced to go down that route.
And one of the things to think about is organizations really ought to have a route so that staff know what to do in case there's problems, like who to call, what are the emergency procedures.
Think, for example, little Jimmy just stuffed a peanut butter sandwich into one of your laptops.
And one of the things to think about is organizations really ought to have a route so that staff know what to do in case there's problems, like who to call, what are the emergency procedures.
Think, for example, little Jimmy just stuffed a peanut butter sandwich into one of your laptops.
Right, so what do you do now? I'm on the IT support desk. Jimmy? Okay, oh yeah, it'd be the peanut butter thing, right?
Right, so even something as lame as that can put someone off work.
And give people the tools to do the job, right?
If they're running a computer, whether it's one that your company has provided or one which they have themselves, then it needs to be up to date with security patches.
It needs to be running up-to-date antivirus software.
You're probably going to have to have two-factor authentication in place to allow them to log into the company network remotely. You've got 3 of my 5.
If they're running a computer, whether it's one that your company has provided or one which they have themselves, then it needs to be up to date with security patches.
It needs to be running up-to-date antivirus software.
You're probably going to have to have two-factor authentication in place to allow them to log into the company network remotely. You've got 3 of my 5.
Carry on, you're doing great.
Password manager, have we mentioned? Anti-malware. Yeah, we mentioned that.
Full disk encryption as well, because if you've got the sensitive data, company data, you don't want that laptop being stolen or mislaid at some point.
And number— is— What haven't I mentioned?
Full disk encryption as well, because if you've got the sensitive data, company data, you don't want that laptop being stolen or mislaid at some point.
And number— is— What haven't I mentioned?
And the last one is backing up, backing up, backing up.
Backing up, backing up.
So in a worst-case scenario, as we've seen from Graham's story, there are people out there scouring around trying to dupe you and in some cases, fake you into thinking you have ransomware, but in some cases, you really will.
And in those cases, it is very nice to be able to wipe and reinstate from where you were. So keep a backup.
And in those cases, it is very nice to be able to wipe and reinstate from where you were. So keep a backup.
Carole, do you have any tips for porn stars who are worried about working from home?
Self-love is the way I'd go right now.
Oh, I guess so.
Over a webcam. And over to Pick of the Week!
This week's podcast is sponsored by Domain Tools. They help security analysts turn threat data into threat intelligence and help you assess threats and prevent future attacks.
They've got something very cool I think you're going to like a capture the flag competition which can win you $100 in the form of an Amazon gift card.
If you want to join in the fun, visit domaintools.com/smashing to enter the capture the flag competition before it closes on the 1st of April, and may the most geeky listener win.
They've got something very cool I think you're going to like a capture the flag competition which can win you $100 in the form of an Amazon gift card.
If you want to join in the fun, visit domaintools.com/smashing to enter the capture the flag competition before it closes on the 1st of April, and may the most geeky listener win.
So many of us now are realizing that moving to a fully work-from-home environment isn't always easy, but LastPass is here to make that transition easier without decreasing security.
LastPass ensures your employees have secure access to their work applications and provides remote employees the ability to securely share passwords across teams in order to stay on top of critical projects.
If you want to learn more, visit lastpass.com/smashing. On with the show.
LastPass ensures your employees have secure access to their work applications and provides remote employees the ability to securely share passwords across teams in order to stay on top of critical projects.
If you want to learn more, visit lastpass.com/smashing. On with the show.
And welcome back. Can you join us on our favorite part of the show, the part of the show that we like. It's called Pick of the Week.
Pick of the Week.
Pick of the Week. Pick of the Week is the part of the show where everyone chooses something they like.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. Doesn't have to be security-related necessarily.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. Doesn't have to be security-related necessarily.
Oh, is it? Not entirely. Oh, Graham. Not really.
Okay. Because of course, we've talked about coronavirus and it is causing hardship.
I think we should call it COVID-19.
I think the world is calling it coronavirus.
Yeah, except that, you know, Corona, the beer manufacturer's stock price has, along with everyone else's, but they've had a special nosedive because of people calling it Corona.
Let's call it the Diamond Princess cruise virus then, or the Chinese virus, as I believe the germaphobe-in-chief is calling it.
Chinese really don't like it.
Quite right too. I wouldn't eat it. No, no, it wasn't me who said it first. So obviously lots of hardship being caused around the world, and it's a serious problem.
And many people are like Ran, and they've been locked up in their houses. And we saw Italy—
And many people are like Ran, and they've been locked up in their houses. And we saw Italy—
We're watching Italy.
Yeah, Italy has been shut down and everyone's stuck in their homes.
And hence, I was rather bemused to see an announcement from a website which said that it would be giving free access to its premium version to everyone in Italy for the entire month.
And the name of that website is Pornhub. And so Pornhub, who are quite good in the PR department, they're quite good at getting their name in the press. Amazing. They are amazing.
They announced that everyone in Italy can have free access to— apparently there is some premium version of Pornhub. I can't imagine what that gets you.
But anyway, that's what more you need, really. But anyway. More porn. I suppose. But—
And hence, I was rather bemused to see an announcement from a website which said that it would be giving free access to its premium version to everyone in Italy for the entire month.
And the name of that website is Pornhub. And so Pornhub, who are quite good in the PR department, they're quite good at getting their name in the press. Amazing. They are amazing.
They announced that everyone in Italy can have free access to— apparently there is some premium version of Pornhub. I can't imagine what that gets you.
But anyway, that's what more you need, really. But anyway. More porn. I suppose. But—
Jesus, Franco, enough with the Pornhub. So there is an issue though.
They're not gonna be bored. Yes, what's that?
People are talking about the idea of can the internet handle all this high-def video streaming that people are doing around the world while, you know?
Steam apparently just celebrated 20 million users in one day, which broke all records.
Steam apparently just celebrated 20 million users in one day, which broke all records.
Yeah, will they be able to keep it up or not is always the problem, isn't it? That's the question.
So the Italians have free Pornhub for—
That's right. So if you have an Italian IP address— Yeah, or a VPN, Ran. Exactly. Because this is what has happened. He's alone. He's alone. The kids are not allowed near him.
Lots of people are using their VPN to pretend to be in Italy to access Pornhub.
Lots of people are using their VPN to pretend to be in Italy to access Pornhub.
It's going to be reruns though.
And in fact, the guys at ProtonVPN, they tweeted saying, we finally figured out why our Italian VPN servers are under such high load.
So apparently they're getting swamped by lots more requests than normal. And they've had to— apparently they are adding new servers as fast as possible to cope with the demand.
Obviously, there are supply chain issues.
So apparently they're getting swamped by lots more requests than normal. And they've had to— apparently they are adding new servers as fast as possible to cope with the demand.
Obviously, there are supply chain issues.
So basically, I understand from what you're saying is that the Italians right now are mostly either watching porn or singing from their balconies. That's the two.
See, they know how to live. I like the Italians. Actually, you know, I read another article. I think it was yesterday, something like that.
From Pornhub, they have what's called Pornhub Insights. It's a regular website. It's not, you know, it's just for research. Really, it's for research.
It doesn't have any porn, but it gives lots of interesting insights on statistics that they gather from the website.
See, they know how to live. I like the Italians. Actually, you know, I read another article. I think it was yesterday, something like that.
From Pornhub, they have what's called Pornhub Insights. It's a regular website. It's not, you know, it's just for research. Really, it's for research.
It doesn't have any porn, but it gives lots of interesting insights on statistics that they gather from the website.
And you just happened to be looking at that yesterday. Okay.
I'm a man of, you know, varied interests.
And bored out of your mind.
And bored out of my mind, exactly. And it turns out that, if I remember correctly, there has been about 7 million searches for the coronavirus in Pornhub in the last 30 days or so.
What? Corona porn?
COVID? Actually COVID porn? So rather than coming round pretending to be a plumber to fix the dishwasher, they're instead coming round in a hazmat suit.
Just need to check you for coronavirus. Just give you this little injection here.
Just need to check you for coronavirus. Just give you this little injection here.
It's something that. Yeah. If somebody is searching for coronavirus on Pornhub, it's really interesting to think about what are they trying to find there?
No, I mean, actually, Pornhub is a great place for statistics because that website gets tremendous amount of traffic. And browsing the insights is fascinating.
I mean, it's not my pick of the week, but it's fascinating. Oh my God.
No, I mean, actually, Pornhub is a great place for statistics because that website gets tremendous amount of traffic. And browsing the insights is fascinating.
I mean, it's not my pick of the week, but it's fascinating. Oh my God.
The insights, only the insights.
Ran, what's your pick of the week? Oh, my pick of the week is tamer. It's more down to earth. Oh, thank goodness. Literally.
It's called earth.nullschool.net and it's a Google Earth-like visualization of global weather, winds, atmospheric pressure, ocean currents, etc.
And I would really recommend visiting it. I mean, if you're a weather buff, it's amazingly pretty because the animation is fantastic. You can see winds and circulation.
It's called earth.nullschool.net and it's a Google Earth-like visualization of global weather, winds, atmospheric pressure, ocean currents, etc.
And I would really recommend visiting it. I mean, if you're a weather buff, it's amazingly pretty because the animation is fantastic. You can see winds and circulation.
I'm looking at it right now. Yeah.
Yeah. And it gives you a real sense of how the global weather systems are working together, how various oceans and lakes contribute to the overall weather patterns.
It's very interesting to watch that. I mean, everybody is usually focused on the weather in their specific location.
But when you zoom out, the weather over the Mediterranean, and how the weather in the UK is influenced by what's happening in Iceland. Is this live? Is this live? It is.
I think it's refreshed every few minutes or so. It's almost live. Maybe there's a short delay, but it's taking the data from lots of various resources.
It's very interesting to watch that. I mean, everybody is usually focused on the weather in their specific location.
But when you zoom out, the weather over the Mediterranean, and how the weather in the UK is influenced by what's happening in Iceland. Is this live? Is this live? It is.
I think it's refreshed every few minutes or so. It's almost live. Maybe there's a short delay, but it's taking the data from lots of various resources.
I wonder if it'll change with the change in traffic, air traffic patterns and the like, if there'll be any spotted differences, if it had any impact at all. Interesting. Interesting.
Yeah. So it's very recommended. It's very beautiful and calming, actually. That's earth.nullschool.net. And if you didn't catch that, we'll put it in the show notes. Terrific.
Carole, what's your pick of the week?
Carole, what's your pick of the week?
Well, okay. I was going to not be— just because you lowered the tone, Graham, with your pick of the week.
So I asked my other half, right, what he thought my pick of the week should be. And he said, have more sex. What? So I'm just—
So I asked my other half, right, what he thought my pick of the week should be. And he said, have more sex. What? So I'm just—
Hang on, I think that's what your husband's answer is to everything, isn't it?
And then I said, "Oh, that's a good idea." I said, "That's a great idea. So people get pregnant and then they can't go to the doctors without risking infection?
And what are they going to be called? What's the generation going to be called?" Oh. "Millenovids?" The COVID generation.
And what are they going to be called? What's the generation going to be called?" Oh. "Millenovids?" The COVID generation.
Yeah. Deadly boomers?
COVID boomers? And so he was, well, what about safe sex then? And I was, where are you buying your paraphernalia? Where are you buying your safe sex paraphernalia?
Paraphernalia? Sorry, what does he use?
Condoms and other things. All he needs is a condom.
He doesn't need a cloak. He needs a Zorb.
That's what I told him. He needs a Zorb.
Is there a run on condoms there is a run on the toilet paper?
Okay, if you needed to take the train, you're going to be taking the train soon. And let's say that infection levels are at least 1 in 4, right?
And you can't find gloves to save your life anywhere, would you consider putting two condoms on each of your hands? I think I would.
And you can't find gloves to save your life anywhere, would you consider putting two condoms on each of your hands? I think I would.
I would probably be hospitalized in the psychiatric department.
I don't know how you get the second one on, to be fair. But anyway, that was my husband's recommendation. I am not taking his recommendation.
I'm recommending a podcast that should cool him down because it is called Cold.
I'm recommending a podcast that should cool him down because it is called Cold.
Oh, okay. What's that about?
Now it's about— okay, so let me just give you the premise here. So Susan Powell, okay, she vanished in 2009 and her body was never found.
From the very beginning, police suspected it was her husband Josh Powell, okay, that he was responsible for the murder, right? But they've never arrested him.
And this podcast is 24 episodes, each an hour long. And it's by this host who's an investigative journalist who I think is completely obsessed with this whole story.
From the very beginning, police suspected it was her husband Josh Powell, okay, that he was responsible for the murder, right? But they've never arrested him.
And this podcast is 24 episodes, each an hour long. And it's by this host who's an investigative journalist who I think is completely obsessed with this whole story.
If they've done 24 one-hour episodes, they probably are. Yes, right.
So his name's Dave Colley, and he seriously deep dives. He got all the paperwork from everybody.
So he plays the whole interview between the husband, the father, the one they suspect of murdering, and the cops. And you get to hear everything.
And he's also interviewing the detective at the same time, so you get to hear his view 10 years on, on what he did right and what he did wrong. I don't know.
There's just something quite glorious about it. You've got 24 hours of entertainment there if you need something to do other than talk about the virus. Sounds fantastic.
So he plays the whole interview between the husband, the father, the one they suspect of murdering, and the cops. And you get to hear everything.
And he's also interviewing the detective at the same time, so you get to hear his view 10 years on, on what he did right and what he did wrong. I don't know.
There's just something quite glorious about it. You've got 24 hours of entertainment there if you need something to do other than talk about the virus. Sounds fantastic.
Yeah. I love true crime podcasts.
Has the husband been arrested now, or has he been detained? Maybe now. I'm not through it all yet.
I'm only at episode 10.
I've listened to 10 hours, so I felt it was fair to come on the— So anyway, I recommend if you like true crime and it's an unusual— he's, you know, I love it when someone really is into their topic, right?
And you can tell they're just nuts for it and they've really gone into it. So not only will this calm my husband down, so I recommended it to him, but any of you. Yeah.
So if you need something hot, go to Pornhub. If you need something cold, check out Cold podcast from Wondery.
It's quite difficult to find via search, so I will put a link into the show notes for you.
I've listened to 10 hours, so I felt it was fair to come on the— So anyway, I recommend if you like true crime and it's an unusual— he's, you know, I love it when someone really is into their topic, right?
And you can tell they're just nuts for it and they've really gone into it. So not only will this calm my husband down, so I recommended it to him, but any of you. Yeah.
So if you need something hot, go to Pornhub. If you need something cold, check out Cold podcast from Wondery.
It's quite difficult to find via search, so I will put a link into the show notes for you.
Could this chap who's been accused, could he not take legal action against the podcast or something? I mean, if he has—
You know, that's a good question.
I mean, it's a little bit uncomfortable, isn't it? The thought that someone could start a podcast about me claiming that I had murdered someone.
I'm already working on it, dude. I'm on it. It's going live soon. I've got a lot more time now to work on it.
And on that note— We swiftly wrap up the show. Ran, I'm sure lots of our listeners would love to follow you online and find out more about what you're up to.
What's the best way for folks to do that?
What's the best way for folks to do that?
Yeah, so my podcast is called Malicious Life. It's about the history and the present and the future of cybersecurity.
And you can follow me on Twitter @MaliciousLife or @RanLevi, R-A-N-L-E-V-I.
And you can follow me on Twitter @MaliciousLife or @RanLevi, R-A-N-L-E-V-I.
Very cool stuff. And you can follow us on Twitter @SmashingSecurity, no G, Twitter must have a G. And you can also join us on Reddit. Join us up on the Smashing Security subreddit.
As always, a huge thank you for listening to us, especially during a bleeping pandemic. Your support and kind words will get us through.
Our aim is to keep going unless one of us gets sick. Also, a huge thank you to this week's Smashing Security sponsors, LastPass and DomainTools.
Their support helps us give you this show for free. Check out smashingsecurity.com for past episodes, sponsorship details, and information on how to get in touch with us.
Our aim is to keep going unless one of us gets sick. Also, a huge thank you to this week's Smashing Security sponsors, LastPass and DomainTools.
Their support helps us give you this show for free. Check out smashingsecurity.com for past episodes, sponsorship details, and information on how to get in touch with us.
Until next time, cheerio. Bye-bye. Bye-bye. Next week, guys.
See you then. Speak to you then. Don't see you. Graham, do you think maybe we should think about doing more than one show a week?
Do you think people would like that? I don't know.
Do you think people would tell us whether they would like that?
Probably not. They'd probably just be silent. They would get no feedback at all. Unless, unless you know different, dear listener. Yeah, interesting.
Come on, you want more episodes, let us know. Bye.
