Twerking robot assistants, an app from Saudi Arabia that lets men track women, and a gnarly skiing security snarl-up!
Oh, and find out how a didgeridoo could change your life and that of your loved ones.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.
0:00
0:00
0:00
0:00
Show full transcript ▼
This transcript was generated automatically, probably contains mistakes, and has not been manually verified.
What we need is a march. What we need is a parade of Jibos twerking their way to Trafalgar Square demanding that they be put back online.
Yeah, what do you want, Jibo? When do you want it? At some stage in the future.
Smashing Security, Episode 118: The S in IoT. Stands for Security with Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security episode 118.
My name is Graham Cluley.
My name is Graham Cluley.
And I'm the lovely Carole Theriault.
The lovely Carole Theriault?
Well, I've decided—
What's all this about? Bring back the old Carole Theriault.
I'm going to be very nice today. I've decided all day I'm nice to all people and I've not been great at it. So this is going to be the true test this episode.
What's brought this on? Have you had a bad review on iTunes or something? What's changed your character?
No, I just, I don't know.
I just didn't want to be grisly.
Oh, okay. All right. Well, we're joined this week by a special guest. It's technology journalist and star of the Cybercrime Investigations podcast, Geoff White. Hello, Geoff.
Hi, how are you guys doing?
All right. Not too bad.
Great. Thanks for coming on the show, Geoff. I know you're super busy. So nice to have you here.
No, it's really nice. It's really nice. I am, as some people know, writing a book about cybercrime at the moment.
So frankly, any excuse to do anything other than write a book is— if anybody's got any ironing, I'll take that in. Oh, do you iron?
So frankly, any excuse to do anything other than write a book is— if anybody's got any ironing, I'll take that in. Oh, do you iron?
Because I hate ironing.
I hate it, but only marginally less than I hate writing a book.
So are you writing it longhand or are you typing it?
Have you got a quill? Are you carving it into a piece of stone?
I'm doing it in semaphore, which just makes the whole thing a lot much easier. It's my preferred medium. I tried modern dance, but that was quite— that was more difficult.
Well, Carole, what have we got coming up on this week's show?
Another doozy is lined up this week. Graham, you are going to be introducing us to the Jibo or Jibo. Geoff, you're off to Saudi Arabia and looking at a slightly creepy app.
And I'm hitting the slopes with a new not-so-smart toy that fits into your brain bucket or helmet. All this coming up on Smashing Security.
And I'm hitting the slopes with a new not-so-smart toy that fits into your brain bucket or helmet. All this coming up on Smashing Security.
Right, well, chaps, we are all familiar, aren't we, with digital assistants or dinguses, or maybe it should be ding guy, things like Siri, Google Assistant, or dare I whisper it, A-L-X-A.
Well, they're not the only digital assistants that people have in their homes. Have either of you ever heard of the Jibo? No.
Well, they're not the only digital assistants that people have in their homes. Have either of you ever heard of the Jibo? No.
No. Oh, but hang on. Does this— oh, because I'm called Geoff with a G, I'm already interested. Because it sounds like Jibo sounds like something that G White should have.
I'm afraid it's Jibo with a J. Oh, is it? Obviously, I imagine you look down at Geoff spelt with a J.
It's the inferior spelling, but—
Yeah, it's like Graham with an E. I tend to look down on them as well. I totally understand what you're talking about. You just feel like a better person.
I let— yeah, Carole with an E. Exactly.
Oh, see, I pronounce that Jibo then. Wouldn't that make—
Oh, I don't know.
Anyway, sorry.
As if this podcast is about pronouncing names properly. Right, Carole?
Exactly, Graham.
So the Jibo is a chubby robo-buddy developed by robotics boffins who came from MIT. And it was an attempt to make home-based robots more social and, well, just generally cuter.
And the Jibo is kind of cute. It's animated. It's got more character than the likes of Siri and Alexa.
And the Jibo is kind of cute. It's animated. It's got more character than the likes of Siri and Alexa.
You mean animated like it moves around?
Oh, yes, Carole, it does.
Okay.
Let me point you towards a video of the Jibo, not just looking at you and blinking and taking photos and having a conversation with you, but also dancing.
Bops around.
Wow. Oh, I see.
Better dancer than my husband. That wasn't very nice.
Ah, cute. You say cute. I say slightly vulgar. It's a little bit like twerking, I think, is what it appears to be doing.
You think that looks vulgar?
Yes, I do. Definitely twerking.
Yeah, I kinda see that.
Sorry to interrupt, but I've just looked at a picture of this thing. It's been bugging me what it reminds me of.
This thing is the bastard lovechild of HAL from 2001: A Space Odyssey and a Minion.
This thing is the bastard lovechild of HAL from 2001: A Space Odyssey and a Minion.
Yes.
That's what it looks— it's a cross. HAL meets Minion in space.
Yes, it is HAL though.
The one eye, the one glowing eye.
Anyway.
Exactly.
Sorry, Graham, I've interrupted. Sorry about that.
No, no, no, no, no, no.
It made the story much more interesting.
Absolutely. It's much better than what I was thinking.
That wasn't nice, Carole.
Oh, sorry. Please, please be nice, Carole. Anyway, some people loved the Jibo. It could do cool things like facial recognition.
We're big fans of facial recognition on this podcast, aren't we? It could learn your name.
Could turn towards you when you entered the room and sort of knew where you were and how to address you. But it wasn't all fun.
Jibo couldn't make phone calls or read you notifications or give you directions or read the kids a bedtime story.
You couldn't disable its camera or microphone other than to completely and utterly shut it off.
We're big fans of facial recognition on this podcast, aren't we? It could learn your name.
Could turn towards you when you entered the room and sort of knew where you were and how to address you. But it wasn't all fun.
Jibo couldn't make phone calls or read you notifications or give you directions or read the kids a bedtime story.
You couldn't disable its camera or microphone other than to completely and utterly shut it off.
So it was out of the race when you compare it to the other home assistants.
And it cost $899.
Ooh, that's an expensive widget.
It's a lot more than an Amazon Echo, isn't it? Or a Google Home, which can arguably do a lot more.
So for some time, despite new features occasionally being added to the Jibo, people have been worried about its future because it costs so much money and how could it compete with Google and Amazon?
And those fears were only compounded late last year because Jibo's intellectual property got gobbled up by an investment firm.
Which clearly had no interest in really keeping the devices alive.
And this week, and this is why I'm talking about it now, this week the axe appears to have finally fallen on this social robot because a new update was pushed out to Jibo.
And as with any other update pushed out to Jibo, the owners could ask it, well, what does your new update do?
Because as it installed, it would say, fantastic, wonderful new things are being installed, it would say. But to get the details, you had to press a button.
And some of the owners made a video of the robot explaining what its update was going to do.
So for some time, despite new features occasionally being added to the Jibo, people have been worried about its future because it costs so much money and how could it compete with Google and Amazon?
And those fears were only compounded late last year because Jibo's intellectual property got gobbled up by an investment firm.
Which clearly had no interest in really keeping the devices alive.
And this week, and this is why I'm talking about it now, this week the axe appears to have finally fallen on this social robot because a new update was pushed out to Jibo.
And as with any other update pushed out to Jibo, the owners could ask it, well, what does your new update do?
Because as it installed, it would say, fantastic, wonderful new things are being installed, it would say. But to get the details, you had to press a button.
And some of the owners made a video of the robot explaining what its update was going to do.
While it's not great news, the servers out there that let me do what I do are going to be turned off soon.
Once that happens, our interactions with each other are going to be limited.
I want to say I've really enjoyed our time together.
Thank you very, very much for having me around.
Owners are getting dumped by their Jibo?
Maybe someday, when robots are way more advanced than today and everyone has them in their homes, you can tell yours that I said hello. I wonder if they'll be able to do this.
And at that point, the robot began to dance. Aww.
Swan song. Death dance.
I've got issues with it.
You've got issues with it, Geoff. You should check out the Jibo owners Facebook group.
According to Motherboard, some owners have been explaining to their young children that Jibo was dying.
And how they hugged Jibo hard, and how parents and children were left in tears at the loss. Can you imagine?
According to Motherboard, some owners have been explaining to their young children that Jibo was dying.
And how they hugged Jibo hard, and how parents and children were left in tears at the loss. Can you imagine?
Right, so people have paid $900 for this thing, right? They have, at that point, they've bought a product which functions at the time you buy it in a certain way.
Later, because it's connected to the internet, it's then effectively disabled. That surely, that's got to be against trading standards, hasn't it?
I mean, you can't disable a product somebody's bought that was functioning at the time they bought it. Where'd you get your money back? Yeah, this is insane.
Later, because it's connected to the internet, it's then effectively disabled. That surely, that's got to be against trading standards, hasn't it?
I mean, you can't disable a product somebody's bought that was functioning at the time they bought it. Where'd you get your money back? Yeah, this is insane.
I wonder if you could decouple it from its software so you could just actually play around with it, basically unbrick it.
Maybe then it— you separate the software from the hardware. But yeah, you're right, but you don't have it. You don't have your money back.
Maybe then it— you separate the software from the hardware. But yeah, you're right, but you don't have it. You don't have your money back.
We don't have an ongoing contract. No, it's not like you pay them each month. This is— you bought, you paid your money, you connected to the server.
Was it in the contract that at some stage— I mean, I just think, you know, I think legally we need to sort this out because this will happen to other things, won't it?
Unless we Jibo is a line in the sand. We've got to kind of, we've got to make a decision here. Are we happy with this or not?
Was it in the contract that at some stage— I mean, I just think, you know, I think legally we need to sort this out because this will happen to other things, won't it?
Unless we Jibo is a line in the sand. We've got to kind of, we've got to make a decision here. Are we happy with this or not?
What we need is a march. What we need is a parade of Jibos twerking their way to Trafalgar Square demanding that they be put back online.
Yeah, to the High Court. What do you want, Jibo? When do you want it? At some stage in the future.
From my understanding, they will still be able to twerk and tell jokes and purr and laugh and all those important things.
But anything which required internet access, like telling the weather report or offering you a word for the day or giving you a, looking up stuff on Bing search engine that used, that's all going to be disabled.
You're not gonna be able to do that anymore. And I think you're right, Geoff. I think you're right. There's lots of IoT gadgets out there, which are reliant on external services.
And you're sort of in the lap of the gods as to whether they ever get turned off or not. This company appears to basically be going kaput. Its intellectual property has been bought.
So someone may be able to adapt it and sell it onto others, who knows in the future.
But anything which required internet access, like telling the weather report or offering you a word for the day or giving you a, looking up stuff on Bing search engine that used, that's all going to be disabled.
You're not gonna be able to do that anymore. And I think you're right, Geoff. I think you're right. There's lots of IoT gadgets out there, which are reliant on external services.
And you're sort of in the lap of the gods as to whether they ever get turned off or not. This company appears to basically be going kaput. Its intellectual property has been bought.
So someone may be able to adapt it and sell it onto others, who knows in the future.
Yeah, but that's not what you purchased it for. Wasn't your understanding at the time. And there's no recourse. Basically, Geoff, they've gone bust.
And therefore, like any store, all the support and consumer service is gone.
And therefore, like any store, all the support and consumer service is gone.
But it's interesting in that normally I buy a product, I take it home. If the store closes, I'm not bothered because I've got the product.
If what you're saying is the product is an ongoing product that's continually supplied to me after a one-off payment, well, then you can't withdraw the continuous supply because that's what I paid for.
But I don't know. It's interesting. I don't think this is covered by law, is it?
If what you're saying is the product is an ongoing product that's continually supplied to me after a one-off payment, well, then you can't withdraw the continuous supply because that's what I paid for.
But I don't know. It's interesting. I don't think this is covered by law, is it?
IoT 101, yeah.
Yeah, I've just got this lovely image of, you know, a line of Jibos, you know, making their way through the snow back to home, back to the home base, you know, go home, Jibo, go home.
Crying.
They're all sobbing, twerking occasionally really miserably.
They're twerking miserably.
Twerking miserably as they sob their way back to Jibo HQ.
But it's true though, isn't it? I mean, you buy a product, but you're not actually owning all of it, are you?
Because some of it is out of your control, and someone else can pull the plug on that bit. And the impact— we saw this thing with the Nike Adapt BB trainers.
We spoke about them a couple of episodes ago predicting that they might cause problems.
Sure enough, right after we published the episode, there was an update pushed out which bricked the trainers so people couldn't unlace their trainers any longer.
But the other thought which came to me the other day was these trainers were costing $350, which is about a third of a Jibo, isn't it?
But they're still trainers, you know, they're still shoes, which means they're going to wear out in a year to 18 months.
And you'll have to spend another $350 in order to have self-lacing trainers.
Whenever you buy an IoT gadget, you're not just buying the gadget itself, you're buying into its infrastructure.
And if the company goes kaput, as Jibo appears to have done, or the servers are turned off, your gadget isn't going to behave the same anymore or at all.
Because some of it is out of your control, and someone else can pull the plug on that bit. And the impact— we saw this thing with the Nike Adapt BB trainers.
We spoke about them a couple of episodes ago predicting that they might cause problems.
Sure enough, right after we published the episode, there was an update pushed out which bricked the trainers so people couldn't unlace their trainers any longer.
But the other thought which came to me the other day was these trainers were costing $350, which is about a third of a Jibo, isn't it?
But they're still trainers, you know, they're still shoes, which means they're going to wear out in a year to 18 months.
And you'll have to spend another $350 in order to have self-lacing trainers.
Whenever you buy an IoT gadget, you're not just buying the gadget itself, you're buying into its infrastructure.
And if the company goes kaput, as Jibo appears to have done, or the servers are turned off, your gadget isn't going to behave the same anymore or at all.
I'm actually talking about IoT gadget too, so we can do a twofer on the advice at the end of my section, if you like.
Twofer, what do you like, twofer?
Well, you'll see I'm getting cool on my lingo.
As well as being nice, you're now being cool with your lingo as well. Wow, it's all changed.
I'm lying on my story. But first—
Yes, Geoff, what's your story for us this week?
Well, I was going to talk about not IoT stuff, but app stuff, and particularly an app that's been making news recently, which is a Saudi Arabian app called Abshare.
It's interesting.
What this app does is what I think a lot of governments are getting quite interested in, which is whereby citizens can sort of interact with their government digitally.
And I do see the win there as a broad trend, you know, not having to queue at post offices for driver's licences and that kind of thing.
A lot of our interactions with the state can now be carried out.
It's interesting.
What this app does is what I think a lot of governments are getting quite interested in, which is whereby citizens can sort of interact with their government digitally.
And I do see the win there as a broad trend, you know, not having to queue at post offices for driver's licences and that kind of thing.
A lot of our interactions with the state can now be carried out.
India has done a lot of headway in this area, hasn't it?
With mixed success. You're talking about the Aadhaar card, the Aadhaar system.
Yes, which I think is an instructional lesson to any government thinking of introducing any kind of digital identity or ID card, because there have been many, many instances where that's gone wrong.
I mean, brave effort to try that in a country as populous and complicated as India. That really was one to watch.
But Saudi Arabia's gone a slightly different route, has looked at this app and what citizens, as I say, can interact with it, can do various government sort of interactions.
And one of the things they can do is talk about renewing driver's licences and also travel documentation, travel permits and so on.
And this is where it gets slightly difficult because in Saudi Arabia, under the country's rules, women before they travel need to get it seems, a guardian, either husband or father, a male figure, to sanction and to permit that travel movement.
Yes, which I think is an instructional lesson to any government thinking of introducing any kind of digital identity or ID card, because there have been many, many instances where that's gone wrong.
I mean, brave effort to try that in a country as populous and complicated as India. That really was one to watch.
But Saudi Arabia's gone a slightly different route, has looked at this app and what citizens, as I say, can interact with it, can do various government sort of interactions.
And one of the things they can do is talk about renewing driver's licences and also travel documentation, travel permits and so on.
And this is where it gets slightly difficult because in Saudi Arabia, under the country's rules, women before they travel need to get it seems, a guardian, either husband or father, a male figure, to sanction and to permit that travel movement.
Grief.
Yeah, but now they can drive. I think it was last year, the year before, they were okay, you can drive a car.
I think they're only allowed to drive if they have a Jibo in the passenger seat next to them, or a man.
Drive me home. Yeah, I'm broken now. Yes, so there have been changes across the Middle East in terms of that. You're right.
But the actual travel outside of borders and getting on a plane, flying out of Saudi Arabia, still needs to be sanctioned, it seems, under current rules.
Now what this app does is gives the person who owns the app the ability to permit or deny that travel almost instantaneously, and it seems get text messages, SMS messages, when the person tries to attempt to travel.
But the actual travel outside of borders and getting on a plane, flying out of Saudi Arabia, still needs to be sanctioned, it seems, under current rules.
Now what this app does is gives the person who owns the app the ability to permit or deny that travel almost instantaneously, and it seems get text messages, SMS messages, when the person tries to attempt to travel.
My goodness.
Yes, so it is sort of a kind of remote control operation of that.
What I find interesting about this is, and there is some difference of opinion on this, so for some people they say, well, actually this is good because this rule does exist and this app speeds it up, so no longer do you have to go to your husband, with your husband to the airport or the visa place or whatever, he can just sanction your travel immediately on the app.
So I get that line of argument slightly. What I find interesting about this is this rule in Saudi Arabia existed way before this app.
This is not a new rule that's been introduced with the app.
What I find interesting is the app's one of these examples where technology just highlights, brings something to the surface which is already there, but the technology just kicks it on and puts the fast forward on it to the point where suddenly everybody thinks, oh, actually, yes, that is quite a concerning rule.
So this is the case with the app. There is also now an ongoing row about whether this app breaches the terms and conditions for Google Play Store and for Apple's App Store.
It seems there was a conversation between Google and the US representative, political representative, during which Google said, well, no, we don't think it breaches our rules.
There's some doubt over whether that's Google's official position. And the question is, well, this is the laws of the land. This is the laws of Saudi Arabia.
You know, if all the app is doing is allowing people to use those rules as they're written, does that breach the terms and conditions? Under what terms would you do it?
So I find it's an interesting gnarly one, this gnarly thorn, nest of thorns or whatever you call it.
What I find interesting about this is, and there is some difference of opinion on this, so for some people they say, well, actually this is good because this rule does exist and this app speeds it up, so no longer do you have to go to your husband, with your husband to the airport or the visa place or whatever, he can just sanction your travel immediately on the app.
So I get that line of argument slightly. What I find interesting about this is this rule in Saudi Arabia existed way before this app.
This is not a new rule that's been introduced with the app.
What I find interesting is the app's one of these examples where technology just highlights, brings something to the surface which is already there, but the technology just kicks it on and puts the fast forward on it to the point where suddenly everybody thinks, oh, actually, yes, that is quite a concerning rule.
So this is the case with the app. There is also now an ongoing row about whether this app breaches the terms and conditions for Google Play Store and for Apple's App Store.
It seems there was a conversation between Google and the US representative, political representative, during which Google said, well, no, we don't think it breaches our rules.
There's some doubt over whether that's Google's official position. And the question is, well, this is the laws of the land. This is the laws of Saudi Arabia.
You know, if all the app is doing is allowing people to use those rules as they're written, does that breach the terms and conditions? Under what terms would you do it?
So I find it's an interesting gnarly one, this gnarly thorn, nest of thorns or whatever you call it.
It brings to mind China's social credit system. They've banned millions and millions, but this is for domestic travel, right? You know, it's almost a punishment for bad behavior.
It's interesting. I think as governments move into this space, I mean, in the UK, obviously, we are nowhere near what's happening in China and Saudi Arabia.
Oh, give it a few months, Geoff.
Come on.
So if there's one or two cameras around.
Yeah, yeah, there might be, being increasingly equipped with facial recognition.
I mean, I know that, you know, Government Digital Services, which sits at the heart of British government, is trying to bring everything together.
And again, I do see the logic of that.
We've had instances, haven't we, where social services know about somebody but the health service didn't know about them and the police didn't know about— you know, linking bits of government up and making it easier.
Yes.
I mean, I know that, you know, Government Digital Services, which sits at the heart of British government, is trying to bring everything together.
And again, I do see the logic of that.
We've had instances, haven't we, where social services know about somebody but the health service didn't know about them and the police didn't know about— you know, linking bits of government up and making it easier.
Yes.
Yeah.
The danger is that just allows government a lot more oversight, a lot more insight, and potentially control over what you do as a citizen.
And I think, you know, we can look places like, as you say, India, China, but also Saudi Arabia to see the ramifications this kind of tech can have.
And I think, you know, we can look places like, as you say, India, China, but also Saudi Arabia to see the ramifications this kind of tech can have.
And it comes down to trust, doesn't it? And government trust and, you know, trust in your government in order whether you decide it's a good thing or not thing.
But as governments change fairly regularly, it's a difficult thing to set a precedent on for the rest of time.
But as governments change fairly regularly, it's a difficult thing to set a precedent on for the rest of time.
Ages ago, I interviewed the wonderful Sir Tim Berners-Lee, wonderful man, a very difficult interview. It has to be said, his mind is about in 15 different places at once.
And if you're lucky, you'll keep up with 7 of them.
And if you're lucky, you'll keep up with 7 of them.
But he said—
He made an interesting point. He said, look, he said, in the UK, we trust governments and distrust corporations. In the US, they trust corporations and distrust governments.
What worries me about things like AppShare is we're now in a situation where no matter who you distrust, they're involved— governments and tech companies coming together.
And I do find that interesting space, interesting territory.
What worries me about things like AppShare is we're now in a situation where no matter who you distrust, they're involved— governments and tech companies coming together.
And I do find that interesting space, interesting territory.
And what do you think is the right position for the likes of Google and Apple, who are obviously providing these apps through the app stores?
I mean, traditionally, their attitude has been Well, your app has to follow the rules and the laws and the legislation of the country in which it's been distributed.
This is putting them potentially in hot water as well.
You can imagine many people being upset about this kind of app being allowed or some of the things which could appear in other countries around the world.
Is that them just being pragmatic or should they take more of a stance, say, actually, we don't really like the way you're treating women in your country?
I mean, traditionally, their attitude has been Well, your app has to follow the rules and the laws and the legislation of the country in which it's been distributed.
This is putting them potentially in hot water as well.
You can imagine many people being upset about this kind of app being allowed or some of the things which could appear in other countries around the world.
Is that them just being pragmatic or should they take more of a stance, say, actually, we don't really like the way you're treating women in your country?
Well, it's tricky, isn't it? And it's a slight replay of the trouble Google got into over China and still has been over China.
If you want a global service, if you want to be available globally, which obviously people Google do, you've got to, as you say, take account of the local laws.
But if the local laws are deeply undemocratic or anti-democratic, or if you're put under pressure as a company to go against your values, I mean, in China, Google's solution, certainly for a long time, has been just not to go there, not to get involved.
Well, yeah, subject to recent headlines. But what's interesting in this case is this is a particular app in a particular country.
I mean, for an entire country China, for an entire service Google, just to go, no, we don't go there, it's not an easy decision to make.
But once you've made it, it's blankets, Google, China, no. But if you'd go around and say, okay, it's Saudi Arabia, we don't do this app. Okay, Brazil, do we do this app?
Do we do that app? You have to start making really piecemeal decisions. I think that's where it gets difficult. And Google don't want to go there legally. We've seen this in the past.
Google don't want to get involved in these individual country disputes legally.
If you want a global service, if you want to be available globally, which obviously people Google do, you've got to, as you say, take account of the local laws.
But if the local laws are deeply undemocratic or anti-democratic, or if you're put under pressure as a company to go against your values, I mean, in China, Google's solution, certainly for a long time, has been just not to go there, not to get involved.
Well, yeah, subject to recent headlines. But what's interesting in this case is this is a particular app in a particular country.
I mean, for an entire country China, for an entire service Google, just to go, no, we don't go there, it's not an easy decision to make.
But once you've made it, it's blankets, Google, China, no. But if you'd go around and say, okay, it's Saudi Arabia, we don't do this app. Okay, Brazil, do we do this app?
Do we do that app? You have to start making really piecemeal decisions. I think that's where it gets difficult. And Google don't want to go there legally. We've seen this in the past.
Google don't want to get involved in these individual country disputes legally.
Fascinating.
That's a big one to chew on for a little podcast ours.
But I to throw raw meat your way.
Roar!
You can stodge it down, chew on it as you will.
Well, Kroll, let's munch on some more of your gristle right now.
Good God.
What have you got for us?
So downhill skiing, that's what I want to talk about today. Now downhill skiing has come a long way since my day of hitting the slopes every winter weekend.
First, there's the language or lingo. Now I'm going to test you guys out. So I want you to translate the skier lingo into English.
First, there's the language or lingo. Now I'm going to test you guys out. So I want you to translate the skier lingo into English.
Okay.
Watch out for those death cookies near the magic carpet.
This sounds a script from a Cheech and Chong movie. Well, what is it? Death cookies near the magic carpet.
So watch out for the ice near the chairlift.
What?
Death cookies being crystals of ice, magic carpet being the chairlift.
Oh, right, okay, kind of makes sense.
Okay, or whoa, I thought she was a ripper until I saw that yard sale. That means I thought she was a good skier until she tumbled over and lost her gear across the slope.
So yeah, ski language has evolved.
So yeah, ski language has evolved.
You litter all of your stuff over like a yard sale. I like that one.
All these examples you've been giving us are very kind of gnarly surf dude. They're all kind of that.
Isn't there another kind of skier who's like, oh yeah, absolutely bloody, bloody brilliant?
Isn't there another kind of skier who's like, oh yeah, absolutely bloody, bloody brilliant?
I don't think that's the kind of skier that's going to be buying the device I'm going to be introducing you to during this talk.
Another thing that's upgraded is, of course, equipment. There's so much fancy equipment today.
Like, you've got head-mounted cameras and ski airbags and smart boots and connected skis. And of course, you also have super cool headphones.
We're talking about The CHiPS 2.0 helmet speakers.
Another thing that's upgraded is, of course, equipment. There's so much fancy equipment today.
Like, you've got head-mounted cameras and ski airbags and smart boots and connected skis. And of course, you also have super cool headphones.
We're talking about The CHiPS 2.0 helmet speakers.
I hate them already, and I hate everybody who has them.
You've lost me at ski airbags.
So Graham, that would be wonderful for you because you don't really like falling over, right? We've been skating before.
I don't mind falling over, it's just hitting things having fallen over I have a problem with.
Exactly, right. So you could have this ski airbag, and if you were on the slopes and you took a tumble, it would just go— and protect you like the Michelin Man.
Roll down the mountain.
It's like a little snowball.
I could do with that most Saturday nights, actually.
Now, Geoff, you were saying you hate this already. What I hate is the name because it's called The Chips. So in telling the story, it gets very difficult.
The Chips?
The Chips.
Oh, I'm offended.
The Chips are Bluetooth headphones that fit inside your brain bucket or lid or hat and helmet.
Now, these do not resemble chips in the British sense of the word or in the North American sense. They kind of look like two Oreo cookies connected by a wet noodle.
Now, these do not resemble chips in the British sense of the word or in the North American sense. They kind of look like two Oreo cookies connected by a wet noodle.
Sorry, is noodle a term as well?
No, noodle is— here, I'm putting the link in here so you guys can take a quick look at these babies. Now, these babies cost around $130 American.
There's a rechargeable battery that gives you a full day of audio playtime.
And quoting the blurb on the website, that way you can listen to that heat playlist while you carve the pow pow.
There's a rechargeable battery that gives you a full day of audio playtime.
And quoting the blurb on the website, that way you can listen to that heat playlist while you carve the pow pow.
I hate these people.
It also has mitten-friendly tap button, right, to answer phone calls so you can lock in that après reservation, quote unquote.
I was really starting to realize I was not their target market in any way here.
I was really starting to realize I was not their target market in any way here.
Trevor, my man, it's Kyle. Jenna and I are on our way up to the slopes right now. I'll radio you on the chips when we get up there. Hey, Dr. Macarena, this is Speed Demon. You copy?
This is Dr. Macarena. I read you loud and clear, Speed Demon. Hey, how's it going on the mountain today? Have you been up to Chair 23? I heard it's pretty sweet.
I've just been checking out the park, but I'll have to go check out the top right now. How about we take two more laps and meet at the bottom for beers?
This is Dr. Macarena. I read you loud and clear, Speed Demon. Hey, how's it going on the mountain today? Have you been up to Chair 23? I heard it's pretty sweet.
I've just been checking out the park, but I'll have to go check out the top right now. How about we take two more laps and meet at the bottom for beers?
My treat.
Sounds like a plan. Two quick laps and I'll see you on the sundeck. Dr. Macarena, over.
However, I want you to meet Alan Mooney.
Now, Alan loves snow sports as much as he loves his tunes, so he said it was a no-brainer to buy the CHiPs, or a pair of CHiPs, I don't know.
He wrote, they fit into audio-equipped helmets and have these huge 40mm drivers. I'm not sure what that means, but he says warm ears and good bass.
Now, one of the wicked cool features that sets the CHiPs apart is its built-in walkie-talkie.
So this is a little gizmo that lets you push-to-talk communication with your crew with limitless range. It boasts this on the website.
Now, Alan loves snow sports as much as he loves his tunes, so he said it was a no-brainer to buy the CHiPs, or a pair of CHiPs, I don't know.
He wrote, they fit into audio-equipped helmets and have these huge 40mm drivers. I'm not sure what that means, but he says warm ears and good bass.
Now, one of the wicked cool features that sets the CHiPs apart is its built-in walkie-talkie.
So this is a little gizmo that lets you push-to-talk communication with your crew with limitless range. It boasts this on the website.
Limitless range.
Limitless.
So you're there at Zermatt, but you can speak to someone in Abu Dhabi.
Not a lot of skiing in Abu Dhabi though, I have to say.
No.
Well, I don't know, 'cause it's using the app. So I guess if you're registered, potentially, I don't know.
No. Oh, okay. Oh, all right. Okay.
All right. Okay. So this is all pretty sexy.
Imagine the three of us hitting the moguls, and with a simple touch of the EarGram, you could ping Geoff and say, dude, you totally stomped that 180 to faceplant.
Imagine the three of us hitting the moguls, and with a simple touch of the EarGram, you could ping Geoff and say, dude, you totally stomped that 180 to faceplant.
Yard sale.
No, according to that, means landing a trick in a super cool fashion.
So snow sport loving Alan is excited about his new purchase, the CHiPs, and he wants to start playing around with the short-range walkie-talkie feature on his new the chips.
So he starts setting it up, you know, his new ski group, and he discovers the chips have a glaring problem.
As Alan sets up the group, he notices that he can see all chip users, all of them. He searches his own name, and lo and behold, he finds himself.
It turns out that Alan was able to find out quite a bit of private info about all chip users.
Oh, I didn't mention this, but Alan actually works at Pentest Partners, so actually knows how to look into these things.
So snow sport loving Alan is excited about his new purchase, the CHiPs, and he wants to start playing around with the short-range walkie-talkie feature on his new the chips.
So he starts setting it up, you know, his new ski group, and he discovers the chips have a glaring problem.
As Alan sets up the group, he notices that he can see all chip users, all of them. He searches his own name, and lo and behold, he finds himself.
It turns out that Alan was able to find out quite a bit of private info about all chip users.
Oh, I didn't mention this, but Alan actually works at Pentest Partners, so actually knows how to look into these things.
So what kind of information were they storing? What details would they have about you?
So, you know, doing a bit of jiggery-pokery with the insecure direct object references, he was able to pull all the usernames and associated email addresses from the API.
Oh.
He retrieved their password hash and password reset code in plain text.
Oh.
He was able to view their phone number, extract users' real-time GPS positions, and even listen on private walkie-talkie chats.
Golly.
Now get this, it gets even worse. And I'm quoting Gareth Kornfield from The Register here.
When Alan queried the API with the letter A intending to find his own name and add it to a user group he wanted to set up, the API returned 19,000 results.
Every single registered user whose first name started with A.
So Alan, being a pen tester and all, does the right thing and contacts Outdoor Tech, the makers of the stupidly named CHiPs.
When Alan queried the API with the letter A intending to find his own name and add it to a user group he wanted to set up, the API returned 19,000 results.
Every single registered user whose first name started with A.
So Alan, being a pen tester and all, does the right thing and contacts Outdoor Tech, the makers of the stupidly named CHiPs.
Thank heavens for that. And so they were able to fix the problem promptly, resolve it? No.
Yeah, that's exactly what happened. Eh-eh. No, he got one response and then nothing. They waited 3 weeks and nothing, nothing, nothing.
So this is when Allan and his pen test team decided they just would go public with the vulnerability in the CHiPs 2.0, saying, quote, "The vulnerability hadn't been acknowledged and no remediation actions had been proposed." So the danger of this is that anyone would be able to potentially access details of all of these people who purchased the—
So this is when Allan and his pen test team decided they just would go public with the vulnerability in the CHiPs 2.0, saying, quote, "The vulnerability hadn't been acknowledged and no remediation actions had been proposed." So the danger of this is that anyone would be able to potentially access details of all of these people who purchased the—
I can't call them the chips, but anyway, this particular ski headphone things, right?
But would you really, even if you did manage to get all their email addresses and things, would you even want to contact them?
'Cause they'd be all like, bros and bumps and I'm carving, man. It's all about the death cookies.
But would you really, even if you did manage to get all their email addresses and things, would you even want to contact them?
'Cause they'd be all like, bros and bumps and I'm carving, man. It's all about the death cookies.
Drop it in the pow pow.
Why would anyone want to contact these people?
Well, that's a very, very good point. But I think it also goes— and same as your story, right?
It goes to say that these devices can have a lot of bells and whistles, but at the same time, if they don't have security down, it's a bit of a nightmare.
And I think there's a bigger moral of the story here, actually. What the heck are people doing listening to tunes as they barrel down steep, icy, snowing hills?
It goes to say that these devices can have a lot of bells and whistles, but at the same time, if they don't have security down, it's a bit of a nightmare.
And I think there's a bigger moral of the story here, actually. What the heck are people doing listening to tunes as they barrel down steep, icy, snowing hills?
Exactly.
Like, I skied for years. You would be crazy to do that. It's insane.
So it's also—
I mean, you know, that's not very nice of me.
I'm sorry, you're in a beautiful tranquil place having a lovely sport, and you're interrupting it with your tunes.
I mean, that's the whole point of skiing, is the tranquility and the being out there and stuff. It's insane.
I mean, that's the whole point of skiing, is the tranquility and the being out there and stuff. It's insane.
Yeah, I just think you're knitting with one needle when it comes to assessing risk if you're doing that. That's basically it.
Yeah, it's dangerous, isn't it, going off a mountain?
Yeah, knitting with one needle as well. Well, you should try it.
The other thing is, it's just depressing, isn't it?
You know, as a company, you get contacted. There's a really cynical equation goes on there, isn't there? Of like, hmm, we could do something about this.
It's clearly, you know, a problem. But we genuinely don't think our users give enough of a toss to actually care about this.
It's clearly, you know, a problem. But we genuinely don't think our users give enough of a toss to actually care about this.
What blows my mind is these guys are pen testers. So they call up, they must have identified themselves. We are pen testers. We saw this flaw.
We think you need to fix it before we go, you know, we go out to the public. And they reply once and then nothing. Now, I don't know what that reply said.
Who knows if they told them, "No, we don't." I don't know. Maybe they were disputing it. But at the same time, like, guys, if you've got a problem, don't do that.
It's just gonna blow up in their face.
We think you need to fix it before we go, you know, we go out to the public. And they reply once and then nothing. Now, I don't know what that reply said.
Who knows if they told them, "No, we don't." I don't know. Maybe they were disputing it. But at the same time, like, guys, if you've got a problem, don't do that.
It's just gonna blow up in their face.
Maybe there's a more innocent explanation. I mean, if their app and if their IoT device is so rubbishly put together, maybe they've also not configured their email system properly.
Maybe they're not actually expecting ever anybody to send them an email about some technical query. And so it's all ending up in the junk folder or in dev null.
Maybe they're not actually expecting ever anybody to send them an email about some technical query. And so it's all ending up in the junk folder or in dev null.
Well, okay, that's possible, but still, duh, don't make devices and sell them to the public.
Whoa, dude, we got an email. Dude, gnarly. That kind of thing.
I thought it was Carole who said that. They've got very similar voices.
Oh, wow. I thought we were all going to be nice on this.
I made no promises.
Stay nice, Carole.
I'm trying to challenge her. I'm smiling.
The ice, Graham, is getting thinner. I don't know if you've noticed the cookies. The cookies are getting thinner.
Ski this way, Graham.
If you're baffled by threat intelligence and how it might be able to help secure your company, the Threat Intelligence Handbook from Recorded Future is the book for you.
It'll tell you what threat intelligence is and what it isn't, and you'll learn how other firms are applying threat intelligence inside their organizations.
Grab it now for free at smashingsecurity.com/book. Smashingsecurity.com/intelligence.
It'll tell you what threat intelligence is and what it isn't, and you'll learn how other firms are applying threat intelligence inside their organizations.
Grab it now for free at smashingsecurity.com/book. Smashingsecurity.com/intelligence.
Quote: Most business security breaches are the result of one thing: sloppy password practices.
Effective enterprise password management is a must to ensure that your employees are properly protecting their accounts. Unquote. That's my co-host Graham Cluley.
This is what he says on the LastPass Enterprise page. And most of you know how much I hate to admit when he's right, but he is.
Sloppy passwords are a huge contributor to security breaches within an organization.
The way to manage that is get a password manager, and the one we recommend is LastPass Enterprise. Check it out at lastpass.com/smashing. On with the show.
Effective enterprise password management is a must to ensure that your employees are properly protecting their accounts. Unquote. That's my co-host Graham Cluley.
This is what he says on the LastPass Enterprise page. And most of you know how much I hate to admit when he's right, but he is.
Sloppy passwords are a huge contributor to security breaches within an organization.
The way to manage that is get a password manager, and the one we recommend is LastPass Enterprise. Check it out at lastpass.com/smashing. On with the show.
And welcome back. Can you join us on our favorite part of the show? The part of the show that we like to call Pick of the Week.
Pick of the Week.
Pick of the Week.
Thank you, Carole. Pick of the Week is the part of the show where everyone chooses something they like.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they like.
It doesn't have to be security-related necessarily.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they like.
It doesn't have to be security-related necessarily.
Shouldn't be.
Well, my pick of the week this week is not security-related.
Exquisite.
Necessarily or otherwise. There is a TV program which has come back to our screens here in Great Britain, and possibly you can use cheeky methods to access it yourself via iPlayer.
Who knows? It is the return this week of one of my favorite TV programs, Fleabag. Fleabag. Oh, it's come back. Series 2. It is back.
Who knows? It is the return this week of one of my favorite TV programs, Fleabag. Fleabag. Oh, it's come back. Series 2. It is back.
Well, my evening's set up.
Fleabag, if you haven't already seen it, check out Series 1 so that you're properly prepared for the brand new series. It's a comedy, dark, dark comedy.
I don't know why you led with comedy. It's wonderful, but dark, dark.
Oh, it makes me laugh. It's glorious. It's wonderful.
It stars a talented actress called Phoebe Waller-Bridge, who also writes it, Olivia Colman, who's just won the Oscar for something or other, and Bill Paterson, who is a regular Scottish actor who appears in all kinds of things.
And this year they've been joined by Andrew Scott, who you may remember was Moriarty in Sherlock Holmes.
It stars a talented actress called Phoebe Waller-Bridge, who also writes it, Olivia Colman, who's just won the Oscar for something or other, and Bill Paterson, who is a regular Scottish actor who appears in all kinds of things.
And this year they've been joined by Andrew Scott, who you may remember was Moriarty in Sherlock Holmes.
He was quite good at it.
Yes, he was wonderful. And so anyway, Andrew Scott is now a Catholic priest who I can only imagine Fleabag is going to end up shagging.
Now, what's the name of the star? What's the name of the star, the girl star again?
Phoebe Waller-Bridge.
So I have a really good friend who is the spitting image of her. Really, really? You know her? You've met her?
I do know her. Yes, she does look a bit like her.
Yes. It's shocking sometimes how much she looks like her.
Yeah, very true. Very true.
There you go.
Anyway, it's exquisite. It's not for everyone. It's not for kids.
It's dark.
It's very dark.
Very dark.
Very funny.
Watch it though.
So Fleabag is my pick of the week, and I will put a link in the show notes as well.
What a wonderful pick of the week, Graham.
Geoff, what is your pick of the week?
I'm going to go for a book that I've been reading, because when you try and write a book, you try and read other people's books to find out what they did wrong.
Cut and paste? Cut and paste, Geoff?
No, no, no.
Like Jill Abramson, didn't she? She was being called out in the last month or so.
But it's interesting, obviously I am intensely aware now of plagiarism cases and I follow them quite—
What exactly made them realize it was plagiarism?
How much money did they lose? So it's interesting.
I can't guarantee that everything in my book will be original thoughts that you've never heard before, you know, that are like, oh my God.
But there are moments where you just look, well, hang on, you've taken paragraphs of somebody else's stuff and literally reproduced it.
It's one thing saying, well, actually, you kind of ripped off my idea there. It's another thing saying you've taken the words I put in my book and you've used them in your book.
I'm pretty sure I won't be falling into that trap.
I can't guarantee that everything in my book will be original thoughts that you've never heard before, you know, that are like, oh my God.
But there are moments where you just look, well, hang on, you've taken paragraphs of somebody else's stuff and literally reproduced it.
It's one thing saying, well, actually, you kind of ripped off my idea there. It's another thing saying you've taken the words I put in my book and you've used them in your book.
I'm pretty sure I won't be falling into that trap.
I once got approached, sorry to distract you. I once got approached by a guy who claimed that I had stolen his idea of people should use different passwords for different websites.
And he claimed that he had originated this idea and that I shouldn't be telling people in the press to do the same thing.
And he claimed that he had originated this idea and that I shouldn't be telling people in the press to do the same thing.
But anyway, so I've been reading different books and one of the books I've been reading recently, which I think is really interesting and I really like, is called Moneyland.
It's by a guy called Oliver. I think the surname is pronounced Bullough or Bullough. I'm not sure. B-U-L-L-O-U-G-H. It is about the international money system and finance system.
So basically, if you are mega rich, how do you— how do you steal your money? How do you hide your money? How do you transfer your money? And then how do you spend your money?
It's by a guy called Oliver. I think the surname is pronounced Bullough or Bullough. I'm not sure. B-U-L-L-O-U-G-H. It is about the international money system and finance system.
So basically, if you are mega rich, how do you— how do you steal your money? How do you hide your money? How do you transfer your money? And then how do you spend your money?
And so you just ask Trump.
More specifically, you ask his legal counsel.
Oh yes, yeah, I know where he is right now.
But no, so what's interesting about this is not that I feel a huge amount of sympathy for the filthy rich, but it is an interesting— there's a lot of work involved in making these things happen, you avoiding tax and so on.
And spending it, you've got to spend— you can't put these banknotes under the sofa, you've got to spend it.
So that the work and the effort involved with spending it becomes a whole industry in itself. It is fascinating, this book.
And spending it, you've got to spend— you can't put these banknotes under the sofa, you've got to spend it.
So that the work and the effort involved with spending it becomes a whole industry in itself. It is fascinating, this book.
You know, I was just talking about this with a friend yesterday.
I was talking about, you know, how when you're young you think the rich just kind of swan around having a life of leisure, right? I did.
And then you're thinking the richest people, like Geoff Bezos. I don't think— I'm sure he probably gets up at 5 AM every day. I don't want to be him.
I was talking about, you know, how when you're young you think the rich just kind of swan around having a life of leisure, right? I did.
And then you're thinking the richest people, like Geoff Bezos. I don't think— I'm sure he probably gets up at 5 AM every day. I don't want to be him.
He had certain number of extracurricular activities that he was recently getting involved in.
How— I mean, this is the thing, I'm just impressed by, I mean, you know, just having time to do the ironing and empty the dishwasher, let alone having an affair, and you run one of the world's richest companies.
How have you had time to— how did you iron your shirt?
How— I mean, this is the thing, I'm just impressed by, I mean, you know, just having time to do the ironing and empty the dishwasher, let alone having an affair, and you run one of the world's richest companies.
How have you had time to— how did you iron your shirt?
Exactly.
Exactly. Crisp shirts and an affair.
You hire someone.
Yes, true, true.
Maybe he hired someone to have the affair for him too.
But no, Moneyland is interesting. What's interesting is there's this analogy in the beginning which I love, which is you look at the world and its countries, right?
On the globe, the countries are marked out, right?
On the globe, the countries are marked out, right?
Okay.
Imagine you just get white spirit and you wash off all of that, and you have a smooth planet where you can literally pick the legal jurisdiction of one country, and you can pick the tax system of another country, and you can pick the banking system from where the countries no longer exist.
There's this smooth globe where none of it exists. Borders don't exist. That analogy, I think, is really interesting. Anyway, it's a fantastic book. I'm really enjoying it.
There's this smooth globe where none of it exists. Borders don't exist. That analogy, I think, is really interesting. Anyway, it's a fantastic book. I'm really enjoying it.
Cool.
I might check that out.
That sounds— Moneyland it's called.
Okay. Fantastic. Thank you very much, Geoff. Carole, what's your pick of the week?
Okay. I have a question for you. What is the one human condition that doesn't impact the person that has the condition, but everyone around him or her?
Oh, everyone?
Well, depending on how close you are to them, yeah. Maybe up to 10 meters in some cases, maybe 50.
Is it gonna be body odor or something?
Oh, that's a good one.
Something like that?
It's snoring.
Oh, right.
Right.
Now, have any of you, before I start, either of you been accused of snoring?
No, I'm not a snorer.
Well, I tend to— every time I've been accused of it, it's actually been by someone who snores themselves, who are trying to deflect the blame for the snoring.
I would argue that being accused of snoring is nothing compared to the sheer hell of sleeping next to a snorer every single night, especially if they have sleep apnea.
So no names, but someone in our household is a champion apnea-riddled snorer.
So no names, but someone in our household is a champion apnea-riddled snorer.
Is it your cat?
Could be. No names. He— I'm sorry, or she could win Olympic medals at snoring. Okay, I almost gave it away there.
There has been a desperate attempt in our household to nail down a solution.
There are widgets you stick into your nostrils, specialist pillows, tape to paste on the bridge of your nose, liquids you squirt in your throat. And in our home, these have failed.
There has been a desperate attempt in our household to nail down a solution.
There are widgets you stick into your nostrils, specialist pillows, tape to paste on the bridge of your nose, liquids you squirt in your throat. And in our home, these have failed.
Have you tried sewing it up? But have you— there's the whole thing about sewing ping pong balls into the back of your pyjamas.
Oh yeah. Oh yeah.
That's just so they don't—
You'll never sleep.
Isn't that the reason? Have you tried booking them into a hotel on the other side of town?
Guys, guys, guys. I've solved the problem. Years passed and countless attempts failed. But the last one did not. The last one succeeded.
And I'm going to share with you today my pick of the week. You ready? Drum roll, please. I can hear it.
And I'm going to share with you today my pick of the week. You ready? Drum roll, please. I can hear it.
Exciting.
Yes. The didgeridoo.
Is that a euphemism?
Nope.
A literal didgeridoo.
Now, didgeridoo, for those who don't know, is a super long wooden tube used in Australia as part of their mating rituals or something.
Australians have mating rituals? I don't think so. I wouldn't let that get in the way.
It's a musical instrument, okay? And it sounds a bit like this, okay? It's not for everyone, but take a listen.
Anyway, those dulcet tones you just heard— to make those dulcet tones, you need to master circular breathing.
And that, my friends, builds muscles and stresses out your jaw muscles in a way that certainly in my household has magically magicked the snoring away. No way, really?
Seriously, no joke. Now it's the circular breathing.
You actually could probably get away without buying the didgeridoo, but I suggest you get maybe a mini one, a short one, just to try. A semi-dooby-doo.
So you have to learn how to do the circular breathing. It's really useful to do with the didgeridoo, and then you can do it without the instrument at all.
So it can be a beautiful decorative object in your house. Choose one you like.
Anyway, those dulcet tones you just heard— to make those dulcet tones, you need to master circular breathing.
And that, my friends, builds muscles and stresses out your jaw muscles in a way that certainly in my household has magically magicked the snoring away. No way, really?
Seriously, no joke. Now it's the circular breathing.
You actually could probably get away without buying the didgeridoo, but I suggest you get maybe a mini one, a short one, just to try. A semi-dooby-doo.
So you have to learn how to do the circular breathing. It's really useful to do with the didgeridoo, and then you can do it without the instrument at all.
So it can be a beautiful decorative object in your house. Choose one you like.
Because I was saying, what you've done though is you've obviously got rid of the sound of awful snoring, but you've substituted it with the sound of a different instrument.
Well, exactly. Is that an improvement? That's what I'm thinking. You've improved sleep inside your house, but what about your neighbours?
As someone who's learning how to play the didgeridoo. Okay, I understand.
As someone who's learning how to play the didgeridoo. Okay, I understand.
I did spot that irony as well. However, the actual instrument was only used for about a week or so.
Because that person figured out how it all works to do the circular breathing, they can practice without having the confirmation of the noise.
So you only basically use it— get one, share it around the snoring neighborhood.
Because that person figured out how it all works to do the circular breathing, they can practice without having the confirmation of the noise.
So you only basically use it— get one, share it around the snoring neighborhood.
You know, on YouTube, some of the world's most popular videos involve cats doing unusual things.
If you take a video of your cat on the didgeridoo, playing it, if it's really got that good now that it doesn't snore, I think you're on to a winner.
Monetize that video, you're away. Did you emu? And on that bombshell, on that comedic bombshell, it's about time to wrap up the show.
Geoff, I'm sure lots of our listeners would love to follow you online. What's the best way for folks to do that?
If you take a video of your cat on the didgeridoo, playing it, if it's really got that good now that it doesn't snore, I think you're on to a winner.
Monetize that video, you're away. Did you emu? And on that bombshell, on that comedic bombshell, it's about time to wrap up the show.
Geoff, I'm sure lots of our listeners would love to follow you online. What's the best way for folks to do that?
Twitter. I am @geoffwhite247. Geoff with a G, remember? Geoff White 247. Yeah, not J. Geoff White 247 on Twitter.
And you can follow us on Twitter at Smashing Security, no G. Twitter wouldn't allow us to have a G. And we're on Reddit as well.
Well, you can carry on the discussion, things you've heard about on the show, on Reddit. Just go to smashingsecurity.com/reddit to find our area up there.
Well, you can carry on the discussion, things you've heard about on the show, on Reddit. Just go to smashingsecurity.com/reddit to find our area up there.
And hat tip to this week's Smashing Security sponsors, LastPass and Recorded Future. Their support helps us give you this show for free.
And high fives to all of you for listening, you crazy cats. Want to spread the love? Give us a smashing review or get a friend to subscribe. Subscribe. It all helps us grow.
Check out smashingsecurity.com for past episodes and for details on how to get in touch with us.
And high fives to all of you for listening, you crazy cats. Want to spread the love? Give us a smashing review or get a friend to subscribe. Subscribe. It all helps us grow.
Check out smashingsecurity.com for past episodes and for details on how to get in touch with us.
Fantastic. And until next time, cheerio. Bye-bye. Bye. Later, dudes.
Gnarly.
And welcome back. Can you join us on our favourite part of the show? The part of the show that we like to call Pick of the Week.
Geoff?
Oh, is it me? Right. What? I'm used to having a cue, somebody in my ear saying, part of the show that we like to call Pick of the Week.
Pick of the Week.
Oh, I see. Right. Okay. Hang on. Should we do that again then?
Right. Right. Part of the show that we like to call Pick of the Week. Pick of the Week. Pick of the Week. Thank you, Krum. Pick of the Week.
Hosts:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Carole Theriault:
Guest:
Geoff White – @geoffwhite247
Show notes:
- A Jibo twerking — YouTube.
- Tweet by Dylan Martin about Jibo — Twitter.
- After Being Sold to a VC Firm, this $899 IoT Robot Will Soon Brick Itself — Motherboard.
- Your $350 Nike self-lacing sneakers aren't as smart as you hoped — Graham Cluley.
- Absher app — Wikipedia.
- Apple and Google Urged to Dump Saudi App That Lets Men Track Women — New York Times.
- Hacking ski helmet audio — Pen Test Partners.
- That's a nice ski speaker you've got there. Shame if it got pwned — The Register.
- Fleabag is back – and she's found religion — BBC News.
- Fleabag — BBC iPlayer.
- Jill Abramson: Ex-New York Times editor accused of plagiarism — BBC News.
- Password advice. Don't tell people to not reuse passwords. You might get a letter from this guy's solicitors… — Twitter.
- Moneyland: Why Thieves And Crooks Now Rule The World And How To Take It Back — Amazon.com.
- Play the Didgeridoo for Sleep Apnea and Snoring Relief — YouTube.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
- Support us on Patreon!
Sponsor: LastPass
LastPass Enterprise makes password security effortless for your organization.
LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.
Sponsor: Recorded Future
For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you. “The Threat Intelligence Handbook” is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation’s defence against the latest cyber attacks.
Download it for free at www.smashingsecurity.com/intelligence now.
Follow the show:
Follow the show on Bluesky at @smashingsecurity.com, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
