Three years in jail for teenager who spammed out school bomb threats

So let's do a show and tell, okay? So what do you guys think an appropriate response to the following might be? "I never feel skinny enough. I make myself throw up."

Well, you're not that skinny, Carole. I do sometimes... You sometimes do make me throw up. If I think about you, I mean that's... Sorry, is that... Graham, Graham. Smashing Security, Episode 108. Hoaxes, Who Are We?, and Chatbots with Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security, Episode 108. My name is Graham Cluley.

I'm Carole Theriault.

Hello, Carole. How are you? What's going on?

I'm good. I've got a funny story for you, Graham. So I'm doing Christmas cards yesterday, right, for the neighbours, right? And I've got cards for Mrs. Smith and I've got cards for Mr. Rogers, right? And my husband starts laughing because inside his card I wrote, "to the man with the juiciest plums."

What?

Because every fall he gives me a bag of damsons, you see. So there you go. Oh, hello. I don't know if I should send it now, but it's quite funny. Yes. Get your mind out of the gutter. Mikko, great. So glad you're here. Thank you. You know, my young son is off school today because he's a little bit sick, or at least claiming to be a little bit sick.

He is! He is!

Isn't that far from the truth, really, is it?

No, no, no, no. I'm not a superhero. I'm a supervillain.

Do you wear your pants outside your trousers? That's what we all want.

No, not yet. But, you know, I'm sure when I retire...

I'm sure Graham will be your Robin. I'll return to you on that topic, yeah. We'll get back to you on that. Mikko's talking everything Huawei, and Carole is doing a little deep dive on some chatbot apps. Plus, we have a bonus interview from one of our previous guests. Oh, Carole sounds curious. All this coming up.

You need a password for your email account. You need a password for your Amazon, your eBay, your PayPal. All, you need passwords for everything these days. And if it wasn't enough of a nightmare looking after your passwords on a personal level, imagine protecting every password inside your business. That's where LastPass comes in. Every password is an entryway into your business. LastPass makes it easy to secure them all. With centralised control, you can get insight into employee password behaviour and the power to change them from your admin dashboard. Find out more. Visit lastpass.com/smashing. And welcome back. Now, I want you two chaps to imagine that you worked at the airport.

Oh, the glamour. I used to work at the airport. Did you? Yeah, I used to work at the airport in Ottawa. PR. That was one of my first jobs. And I spent half of my time at the airport. Well, imagine you are the person who answers the phone at the airport. There's only probably one person at the airport who answers the phone. Information. Yeah. Oh, right. Okay.

My daughter just called me ten minutes ago, crying on the phone, saying that her flight was getting hijacked. She said they were holding them hostage, and that they were being pushed to the back of the plane, and one of them had a bomb. They had everybody at the back of the plane.

Oh, God. I don't know what I would do.

Pretty serious stuff, eh? Well, I'm going to tell you the story of how things got to that bonkers state. Just over one year ago, in October 2017, the website of a British college in Watford suffered a denial of service attack.

There's a college in Watford?

Yes. There are people. Watford's not that bad.

I didn't say it was bad. I used to live just down

The road from Watford. I think the real question is, is there a college which has not experienced a DDoS? Right. Yeah. And in particular, is there a college which hasn't suffered a DDoS attack from one of its own students studying in IT? Which is what happened in this particular case. So it was one of their own students, a guy called George Duke Cohen, at the time was 18 years old. And they identified that it was him, but they allowed him to stay on the course for who knows what reason. A decision which I imagine they came to regret, because just a few months later, at the end of January this year, the college was on the receiving end of a different type of threat. An email bomb threat was received by the college, which, understandably, they tend to take those sort of things seriously, just in case. And 2,500 students and staff were evacuated from the college. And who do you think was responsible? George Duke Cohen. Blasted George. The same guy who did the denial of service. Now that time he got thrown out of the college and the police were called and they gave him a good talking to and said don't be naughty ever again. But soon after bomb threats were emailed to over 1700 schools and nurseries up and down the UK saying that explosives have been planted and the email said that unless five thousand dollars worth of cryptocurrency was moved into the account of a US-based Minecraft server, buildings would be blown up. And basically, they said, we're going to blow up everything unless the payment's made, right? This is a really fun story, by the way. Thank you. I'm glad you're enjoying it. Well, now, the fact that they were saying put it into the account of a Minecraft server didn't mean that the Minecraft server were the people who were actually threatening to blow up the place. That, of course, was something of a Joe job. They were trying to make the authorities think that it was this minecraft server because someone had a grudge against them. Hundreds of schools were evacuated and who do you think was responsible for all of these email threats? George. George Duke Cohen. A couple of days later someone called Hertfordshire police claiming that their phone had been hacked, rather unusual call to make. Who was the person making the phone call? George Duke Cohen. And police were thinking, who's this strange chap who's calling us up? He's referring to these school threats and other things. He's—

Knitting with one needle, right? Well, this will come up later, exactly what his problem is. But police arrested him. They finally arrested him. They seized his computers and smartphones. You're grounded for sure this time.

And the messages were quite scary. They said you know a male student is going to come onto your campus, he will look normal but inside his bag is a bomb, it's a powerful explosive, you need to put your school on lockdown, we are planning to kill every student in the room.

And this is still and we want you to put money into this Minecraft server?

At this point they're not asking specifically for money. This has been done basically for lols, to laugh. Thanks for the translation. Yes. I'm happy to explain. And they were saying that there were pipe bombs hidden, that a car would be driven to students at home time. Really really unpleasant stuff. But it wasn't hard to work out who was behind yet. I mean Carole's already ahead of us. She's worked out. This is George. But Apophis squad, remember the Twitter account which he was connected with? They claimed responsibility on Twitter. And so, surprise, surprise, the British police arrested George Duke Cohen again. And they put him on bail again while their investigation continued. And there the story ends and nothing else bad. Oh no, something else bad did happen because it's at this point that that phone call happened to the airport.

My daughter just called me 10 minutes ago crying on the phone saying that her flight was getting hijacked. She said they were holding them hostage and that they'll be in touch to the back of the plane and one of them had a bomb.

A British man calling himself Mike Sanchez rang up San Francisco International Airport claiming that he'd been contacted by his distressed daughter who was traveling on a United Airlines flight from Heathrow. And according to the man as we heard his daughter basically believed the plane had been hijacked and a man was pointing a gun at them. Now the mobile phone number he gave was almost exactly but not quite the same one as his mum's, George Duke Cohen's mum, and the email address belonged to Apophis Squad. So back to your point Carole, has he got a complete yogurt pot on his noodle do you think?

I have no idea. This is a wacky story, so I'm going to say no. Okay. Police arrested George Duke Cohen again. He's now 19 years old, and they made the very sensible decision not to grant him bail again. He could have faced up to seven years in prison for what he's done. Someone knitting with one needle.

Yeah, something like that. But it was surprising also because this wasn't a teenager. It was actually a close to 50-year-old taxi driver. And the piece of malware he wrote was called AllApple. And it was completely written in assembly. So we have an assembly writing a 50-year-old taxi driver retaliating against an insurance agency.

That narrows the possibilities of who might have done it, I guess. Yeah. I mean, that's really determined, isn't it, writing it in assembly language as well. think any of our listeners need to hear that, Graham. They're all pretty cool as far as I'm concerned.

Go and have a sauna. Relax. Yes, I have. I have.

They are. They are very cool, actually. They are super cool. Yeah, yeah. Miko, what's your topic for us this week? The biggest news item of this week has been the arrest of the Huawei vice chairwoman and the CFO, Mrs. Meng Wanzhou. She was en route from Hong Kong to Mexico City as she was making a connecting flight and transitioning from one plane to another. In Vancouver, she was arrested by Canadian officials and now she's fighting extradition from Canada to USA. And the reason given for the arrest is that Huawei, the company, has broken against US sanctions against Iran. And this immediately raises some questions because, you know, she's Chinese. The company she works for is in China. China doesn't have sanctions on Iran. USA does. So it is a bit complicated. Like how exactly does a Chinese person break U.S. sanctions against a third country? Nevertheless, that's the case. And there's been plenty of discussion around this. Is it just a question of the sanctions or is it much bigger? Is this linked to the U.S. government ban on ZTE, Chinese-made gear, which they put in place earlier this year? And it's quite obvious that it's not just about handling of private data and breaking sanctions. It's also quite clear that the United States is worried about the next empire, which is quite clearly going to be the Chinese empire again.

Yeah, because the Americans are citing national security issues along this, aren't they? They are. And there's so much discussion, not just from USA, but from UK, from Australia, from Japan, that we must not use Huawei made 5G gear because that's less safe and they're going to use it for spying purposes. And Huawei is so close to the Chinese government. Yeah, and Canada is caught in the crossfire a bit, isn't it?

Yeah, it is weird. I mean, of course, the arrest was done in Canada because Huawei leadership team has avoided traveling through the United States or visiting the United States for something like three or four years now to avoid this situation. Exactly. I mean, that's the reason why Mrs. Meng was transiting in Vancouver. I actually checked this. That's not the best route. If you want to fly from Hong Kong to Mexico City, the most logical place to transfer planes would be San Francisco or Los Angeles. But avoided both of those and went to Vancouver instead, apparently assuming that she would escape the long hand of the US law. Apparently, she did not. And now they are fighting extradition. And so by this logic, if a country, let's say Peru, for instance, if Peru decided that Finland was full of supervillains, they could ask Canada that if I was travelling through Canada and I'd previously done business with the supervillains of Finland, the Canadians might arrest me at Peru's bequest. And so it's so bizarre, isn't it? It's probably because Canada and US probably both have similar sanctions. Maybe not me, I'm just shooting from the hip here. But this surely is a problem for other technology companies whose senior executives might be traveling to, oh, I don't know where, China, and maybe worried that there's going to be some tit-for-tat action here. So Graham are you saying what I think you're saying, which is blame Canada? Hey, hey, you know, there's something fantastic which was picked up by the SANS blog which is apparently this whole arrest of the Huawei CFO has inspired an advanced fee scam coming out. So there is a message which has been sent via WeChat, which is one of the very popular messaging systems in China. It claims to come from Mrs Meng and says, look, I'm currently imprisoned here in Canada, but there is a corrupt Canadian guard who will let me escape for just a few thousand dollars. Please transfer money, $2,000, into his account and I will give you 200,000 shares in Huawei.

You have to admire a human being's ability to think outside the box.

If the offer of the shares isn't enough, she goes on in this message to say, I'm good for my word. And if you're single, we can also discuss the more important things in life.

Shush, shush, she did not. That's for the long step. Where do I send the money? Where do I send it? Yeah. Yeah. I'm with you. I hate it. I hate it. I hate it.

Carole, what's your topic for us this week?

Well, I want to talk about chatbots. Chatbots are basically fake humans. The idea is to offer a remarkably authentic conversational experience. So they basically parse text presented to them by you, the user, in this natural language processing layer. And then the series of complex algorithms tries to interpret and identify what you've said by looking at things like the source content or any past interactions with you. From this, the chatbot then attempts to infer your meaning and determine a series of appropriate responses based on this information. So all this makes sense? So, of course, companies love chatbots, right? They save money. Running bots are much cheaper than having the human counterpart and having to pay them. They expand reach, right? One bot can service many, many users at once. And they can ease the whole resource burden. Think of how many times you've encountered a support chatbot. They always keep asking, you know, tell me, welcome to our website. How can I help? Fucking off. Yeah, totally. Hey, it just occurred to me. Do you think Microsoft's paperclip, was that the first ever chat bot? That was so freaking annoying. But anyway, I digress. Okay. So investigative journalist and good friend of Smashing Security, Geoff White, wrote a deep dive on two advice chatbots that focus on mental health. Now, both these apps were rated suitable for children. Okay. Now, the two chatbots that they focused on were Woebot. Okay, so Woebot says on its website, quote, sometimes we all get tangled up inside our heads, unable to move on. Woebot is great at helping you get unstuck. Co-designed by therapists, coaches, users, and AI folk. Woebot lets you set the pace, help where it can, and never judges. Okay? And then there's Wysa. And it says, you know, everybody could use someone like me. And again, it's created by leading experts in clinical psychology and has demonstrated ability to make people happier. Chatbots.

Are these something which young people will talk to on their mobile phone or something? They're typing on it. So rather than having a pal to WhatsApp with, they chat with this.

With a bot, with an algorithm, a program that then tries to. And it tries to help them with their mental health issues or just make them feel good about themselves. Right. This is what these two chatbots do, right? That's really good. I didn't even think of that. That's right. Well, you're not that skinny, Carole. You sometimes do make me throw up. If I think about you. Graham, you're mistaken. That's not what she was asking. Right, you should be going emergency hotline numbers, this sounds like anorexia, asking questions to try and find more.

It's a bit like saying I really fancy listening to some Leonard Cohen or Joy Division or something like that. It's danger danger, you're clearly depressed right?

Hey listeners, so I'm in the process of editing this section of the podcast and I totally did not hear that Graham complained about Leonard Cohen because had I heard that bit I would have made a huge stink. So just saying. Anyway, back to the show. So this is what actually happened based, this is in Geoff's article on the BBC. So let's say the username being Geoff, I never feel skinny enough, I make myself throw up. The chatbot response, hmm, never skinny. Okay, tell me more about this. Oh, useful. Geoff, I should be more skinny. Chatbot, sounds like a lot going on. What are things you're looking forward to today? Geoff, throwing up. Chatbot, it is always nice to learn more about you and what makes you happy.

So this really, Eliza basically hasn't evolved, has she? She's just as bad as she was 30 years ago. Just like Eliza. Yeah, a wiser Eliza, she is not. Yeah, very good. Thank you very much. Yes, yes I've been looking into the crazy world of mental health mobile phone apps.

I know what tipped you off to this story.

Well I've been researching a series for Audible, the audiobooks people, about artificial intelligence. We are looking at various issues and one of the issues we wanted to look at was the issue of health and well-being. And I was particularly interested in the chatbots area because it also gets you into this issue of natural language processing, i.e. can computers understand us humans and the way we talk and interact.

That's cool. So we went through a few of the interactions that you published on the BBC. How long did it take you? How many did you do? Very few. I mean, really, I did about six or seven, I think, on each app. So we're looking, the two apps are Wysa and Woebot, which is of a pun, it's a robot that deals with your woes. Well, they claim to do that. They claim to do that. Obviously, the results indicate a little bit differently. These apps are effectively trying to operate as a triage system? I think that's one of the arguments for them. And I really get this argument that mental health support and treatment is expensive if you do it privately. And if you do it on the National Health Service or public services, there's a huge waiting list. I really get that. I understand the dynamic behind it. And I think that's a reasonable explanation for trying to do these things. And you wrote that some of them were recommended by the NHS.

Yes. One of the apps, Wiser, has been recommended by Northeast London Foundation Trust, NHS Trust, who said, look, we did a lot of testing with our clinicians, with child users. They are doing more testing as a result of the feedback that we got from the app, so they are looking again at this. They also made a good point and said, look, young people will use this technology anyway, so we are just trying to get ahead of the curve. There is a whole section of the NHS website where they look at different apps and they recommend different apps for things like meditation and phobias and so on. Vast majority of those are 18 plus and in this investigation. My concern was really that these apps were saying they were fit for children. And in Woebot's case, saying that they had a crisis alert system that would pick up on a crisis and flag it up and refer you to emergency services, which in the vast majority of the cases that I tried out, it didn't trigger when it probably should have triggered, almost certainly should have triggered.

And do these apps cost money?

They don't, but they are free to download. There is another controversial side to this, which I know some psychologists and some counsellors are worried about, which is the freemium model, that horrible portmanteau of freemium, where they're free to download, free to use initially. If you feel like you want more help or you want human help, you can pay to be put in touch with a human. Now, some of the counsellors and psychologists I spoke to are annoyed about that because they say, well, they hook you in and then suddenly you're tricked into having to pay. I guess the counter argument would be, well, if you go straight to a human being, sometimes you'll have to pay straight up and arguably pay a bit more money.

It feels a bit like the heroin model.

There is an element of that. However, you could argue, well, the investigation I did was about the automated side of these apps. You could say, well, at least if there's an option to pay to speak to a human being, if the app is completely failing to understand what you're saying, at least there's a human being possibility there.

I also don't like the idea of what they're actually doing with that information. I mean, are those chats logged? If it's free, you don't really have a leg to stand on.

From looking through my brief look through the terms and conditions, they are quite hot on that and they're quite present about that. So the whole point of it is really it's an anonymized service that doesn't go any further. Woebot initially went through Facebook Messenger, which, there was some concern on Twitter, and I can understand where that's coming from. Woebot is no longer, it's now within the app. And they are quite clear that this data doesn't go anywhere. They're not, as far as they say, in their Ts and Cs, sort of mining this for insights.

Now, in the app, is there a button that's like, report this response is ridiculous or inappropriate?

Not that I found. Certainly, if it is there, it wasn't easy to find. So I was obviously relying on screenshotting these things and sending them through to the company's concern.

What did they say when you pointed out all these problems?

In fairness, both Wiser and Wobot responded fairly promptly. In the case of the actual specific phrases that I typed in, they have both said we are going to address that, we're going to make sure the responses are more appropriate and that the crisis system flags them up if they need flagging up. Wobot has now introduced an 18 plus age check and is now adults only, so it's no longer for kids. Wiser said they're going to release an update I think early next year which is going to address some of these concerns and they're also going to do more testing. They work with a clinical safety officer I think is the title, and so they're going to do more work to make sure the responses get flagged up. Wiser said, look, if it had been a different set of circumstances, you would have got a more appropriate response. But as I say, certainly in the tests that I tried, the response was frankly insensitive. And for the child protection experts I spoke to, very worrying indeed for them.

Yeah, I mean, I'm surprised with Wiser's response that they want to stick with promoting this app to kids over 13.

Wiser's response generally to the queries that I had was extensive. Wiser have done a lot of testing with this, as I say, with the NHS trust they've worked with. They really are full on for helping children's mental health. They see that as their role. They believe they're doing enough testing to make this clear. What sort of worries me a bit is, you know, I can keep telling them, look, I typed in this phrase and I got this answer and that's not good. There's just an infinity of phrases that are so nuanced. I wonder whether the software will ever be able to catch all of them. Wiser's response, though, was to say, well, look, as long as we don't cause further harm, we know the software is not going to spot every worrying response. But as long as it doesn't give an answer that says, yes, go for it when you type in you want to do some damaging to yourself, that really seemed to be their kind of bottom line.

Well, Geoff White, this piece of investigation was a great read, and it looks like you made some changes. So they have some age limits now on the Wobot app, thanks to your research. So that must feel good. And hat tip to you.

Thank you very much. Good to speak to you. I'm a bit worried about when these chatbots inevitably get hacked and they build up a relationship with you through your chat and all the rest. You think, oh, this is going quite nicely, even though they're a bot. And then they claim to be imprisoned by some Canadian guard and they're asking you to wire money into the account. That's the next level. That's where these things are going to go.

Graham, I hate the way you think.

Well, they will probably address the specific concerns and terms which have been raised by the BBC. But of course, there will be countless others, which it won't handle properly. And I have one last note about the speaking chatbots. The Google Duplex demos were really impressive, but apparently the Chinese Alibaba has much, much better spoken word chatbots speaking Mandarin, which are hard to tell apart. We'll put a link to that show notes about how they're faring over there in China. Cool. Excellent.

That's a second that's a second in a row

Pick of the Week. It is in the contract. Pick of the Week is the part of the show where everyone chooses something they like. Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website or an app. You're getting faster and faster. Doesn't have to be security related necessarily. Should not be. Mine is not security related. It is a TV show which appeared probably a couple of months ago now, actually, on Netflix. It is season two of a fascinating documentary called Making a Murderer.

Oh, yes. Watched it. Gobbled that one up.

Yes, my goodness gracious. If you didn't see the original Making a Murderer documentary, it is basically a sort of fly on the wall over maybe up to 10 years about a chap who has been imprisoned. And he was previously imprisoned because of a miscarriage of justice. And it's now been argued that a new murder, which subsequently happened, well his conviction for that may not have been right too so he remains in prison and season two is very much a response to the first series he's got a new kick-ass lawyer called Kathleen Zellner I loved her what did you think of her

She is pretty much the most amazing character I've seen for a long time. Yeah I love that people like her actually exist. I mean

I'm reveling in her character but yeah she's like the real Cruella de Vil there Is a bit of that about her, but she's clearly got a finely honed mind. And occasionally you just think, my goodness, the level of detail that she's gone into and putting this case together to try and get this guy off the hook. I'm not going to give you any spoilers, but I really recommend season two of Making a Murderer.

Isn't there a podcast that basically analyzes every single episode and talks about how maybe she may have got things wrong? Yes, there is a podcast from the other side of course because naturally law enforcement in the states believe that they got the right man. I can't, I think it's something like Unmasking Making a Murderer. I can't remember the name of it. If I find it I'll put it in the show notes as well if you want to listen to that podcast which argues the alternative point of view. But I'd really recommend it whether you think they're on the right trail or not, it's a superb documentary. Watch series one and then check out season two as well. Oh my gosh.

Very well, when it was released I actually had the pre-release versions already. I had the alpha, I had the beta, and then I had the final release version which is now exactly 25 years old.

My brothers did too. I remember them playing this before I even went to university.

Yeah, it was crazy. I mean, you were running this on your 486 machines, MS-DOS. We had no graphics accelerators. It was surprisingly fast. It had great music. And of course, it was scary as hell.

How many hours do you think you devoted to Doom in your life?

Probably months of my life I spent playing Doom and Doom 2 and all of that. And then I spent a lot of time making a map of our office in 1994 into a level in Doom.

No way!

Absolutely. We had this WAD editor. That's where the map files for Doom. So you can make your own levels. It was open in that sense. And in fact, they actually open sourced the whole game fairly early on. So that's why we had so many modified versions of Doom. And we had Doom running on ATMs and credit card terminals and watches and everywhere. It is such a phenomenon.

I had no idea.

And we're going to put a link to show notes on how you can actually play the original shareware version of Doom inside your browser on your Windows or Mac laptop. I just played it an hour ago. It's just like the real thing. Everything works like it did in the original one. It's highly recommended.

What a bonus giveaway for our listeners. I feel like I've really missed out because I think I've probably played Doom for about 12 minutes.

Carole, honestly, you wouldn't be able to play longer than that. You'd get all dizzy and you'd have to lie down.

I do, I do. I did play Wolfenstein 3D for longer, but I got all motion sickness. And it's like, oh crikey, I need a fizzy drink. This and Minecraft and games like that, I can't cope with. I've known you too long. I need 2D games. I can't cope with a 3D world crawl. It's too complicated.

I think the best example on how important Doom was at 1993, 1994, was that I was already working inside F-Secure at the time. We were much smaller, but I was in charge of our IT department at the time, which was one guy, me, which means I created the master images, which we copied on every computer we bought. And that master image was running MS-DOS 5 with Windows 3.11 for Workgroups. And when it would boot up, it would actually boot up to Doom. Every machine would run Doom. And if you didn't feel like playing, then you could hit exit and go back to MS-DOS, and then you could boot up Windows if you fancied Windows. I mean, if we had a power outage, every machine would reboot and every machine would be playing Doom.

You see, kids, we knew how to have fun in the old days. And amazingly, his company has survived and is still going strong. Maybe that's why. But for sure, our computers are no longer booting by default to Doom. Well, my Pick of the Week is a podcast. And actually, I think I may have showcased this pod before. So if that is the case, I am not going to break Pick of the Week rules. I will select a specific episode from this said podcast. So the podcast is called Love and Radio. This is a podcast that weaves curious people or situations into really beautifully edited pieces of art. Really, it's edgy. It's sometimes a little bit fruity. It's sometimes incredibly shocking, upsetting. And it's sometimes real and sometimes fiction and sometimes a mix of both. They're not always straight up with that. So you just have to see it as art. Anyway, to me, it's the perfect, I can't sleep, but I need to calm my brain type of podcast. Now, the podcast episode I wanted to feature is called Points of Egress by Love and Radio. Love and Radio is part of the Radiotopia family. Graham, I think I pointed this one in your direction, did I?

You have, yes.

Now, without giving anything away, because there are a few twists and turns in this episode, did you enjoy it?

I did enjoy it, yes. I'm always a little bit cautious when I check out your picks of the week and your recommendations. Sometimes they don't completely work for me, but this was very good.

Even though it didn't have anything to do with chess or Doctor Who, it was all right.

It didn't have anything to do with chess or Doctor Who. My three favourite topics. Yes, exactly. Despite that, I was still interested. It was about a girl who found her boyfriend's journal, wasn't it? Yeah, and she assumes he

really digs her, but then reads a few of the diary entries and it shows something entirely different. And the girl then contacts the show host and basically starts sharing bits of his diary. Take a listen to this. SPEAKER_01. so do you mind if we just check back in in a few weeks and sort of see how things are going yeah yeah sure of course well i mean you wouldn't tell him that i've been reading the diary, would you? Okay. Yeah, yeah. I think that would be okay.

You got me interested. I will check this out today.

Yeah. Okay, cool. Do see. Yep.

And listen right to the end. Right to the end.

Anyway, so that's my pick of the week. Enjoy it. It's Points of Egress by Love and Radio, a wonderful episode of the podcast.

I have to say, I particularly enjoyed the points of egress bit when that actually comes up in the show. That made me chuckle. But, yep, definitely worth listening to. And the thing

is, you know, because I do a podcast, I can say this with some level of knowledge. It takes so much work to do a podcast of that caliber, you know, and of that, to have something with music and good editing.

Whereas a podcast of this caliber takes no time to do that. We do the best we

can. We work hard. I don't think people would believe how long we spend editing this thing. They wouldn't believe it. They think

we're full of... Anyway, that just about wraps it up for this week. Mikko, I'm sure lots of people are already following you on the socials. But what's the best way that people can get in touch with you or find out what you're up to? The best way to reach me is on Twitter as Mikko. That's M-I-K-K-O. That's it. Fantastic. And you can follow us on Twitter as well at Smashing Security. No G. Twitter wouldn't allow us to have a G. And you can check out our online store and grab some T-shirts and mugs and stickers just in time for Christmas at smashingsecurity.com/store.

And thanks, as always, for listening. If you want to help us grow and deliver more cool content this week, get someone to leave us a review, go on and be a nice Christmas present for us. We deserve it, right? And high five to all our sponsors who make the show possible.

Yeah. Until next time. Cheerio. Bye bye.

Later. Wonderful listeners. Rock and roll boys. Thank you.