The Gadget Show’s Jon Bentley joins us to discuss the mystery of a Facebook friend you never requested, software updates for the Mercedes S-Class, and risks in the online classroom.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast hosted by cybersecurity veterans Graham Cluley and Carole Theriault.
0:00
0:00
0:00
0:00
Show full transcript ▼
This transcript was generated automatically, probably contains mistakes, and has not been manually verified.
Hello, Carole Theriault here. So, this is just a quick note to give huge thank you to just a few of our amazing Patreon supporters.
These are the people that allow us to give everybody this show for free.
This week, special thanks goes to Rik Lindbergh, Elbow, Ask Leo, Thomas Jurkiewicz, Dan Aylow, Maya MacDonald, Mikael Goldschmidt, Vytautas Sadauskas, Andrew Dabraccio, and James S.
The mere fact that these Patreon supporters went out of their way to give a few bucks to help us make this show blows my mind, and I'm so grateful.
If you want to join this amazing community of Patreon supporters and get a few little extras like stickers and early releases, check out smashingsecurity.com/patreon.
Now let's get this show on the road.
These are the people that allow us to give everybody this show for free.
This week, special thanks goes to Rik Lindbergh, Elbow, Ask Leo, Thomas Jurkiewicz, Dan Aylow, Maya MacDonald, Mikael Goldschmidt, Vytautas Sadauskas, Andrew Dabraccio, and James S.
The mere fact that these Patreon supporters went out of their way to give a few bucks to help us make this show blows my mind, and I'm so grateful.
If you want to join this amazing community of Patreon supporters and get a few little extras like stickers and early releases, check out smashingsecurity.com/patreon.
Now let's get this show on the road.
Well, how old were these kids? Middle school, so that's 11, 10, you know, that's not cool, guys, stop doing that. Oh, there you go, I've sorted it, sorted it, solved the problem.
That's all it needed was a firm—
That's all it needed was a firm—
I just love when you just set the law, it's just amazing. Well, I can stop now, there's no more problem.
Smashing Security, episode 195, Celine Delgado Lopez. Ransomware is not your friend with Carole Theriault and Graham Cluley.
Hello, hello, and welcome to Smashing Security episode 195. My name's Graham Cluley.
Hello, hello, and welcome to Smashing Security episode 195. My name's Graham Cluley.
And I'm Carole Theriault.
And this week, Carole, we're joined by someone who's new to the show, but probably isn't new to many in our British audience at the very least, because he's regularly seen on Channel 5 TV's The Gadget Show.
He's a TV producer, presenter, technology journalist, and car nut. It's Jon Bentley.
He's a TV producer, presenter, technology journalist, and car nut. It's Jon Bentley.
Hello.
Oh, welcome to the show.
Oh, it's great to be here. Yeah, this is good fun.
What a voice, eh? No, is this a lyrebird, Graham? Have you deepfaked Jon Bentley?
Oh, no.
Run him on the show and are pretending?
No.
Okay, good.
This is the real thing. This is the real thing.
Very exciting.
Jon, for our listeners who aren't based in the UK and may not have seen The Gadget Show, could you quickly sort of sum up what it is?
Which is a lighthearted look at modern technology and gadgets, really. We've been going since about 2004, now on series 32 or 34. It depends on how you count them. Incredible!
And it's good fun to do. It's great. And we don't take ourselves too seriously. I don't think it's just stuff about new technology.
And it's good fun to do. It's great. And we don't take ourselves too seriously. I don't think it's just stuff about new technology.
It's really good fun.
Are you the second longest running show after The Archers in BBC history?
Ooh, it's not BBC, it's Channel 5. Oh, that's right.
Sorry.
I was thinking. It might be the fairly long-lasting show on Channel 5. Yes, I think probably some other ones on BBC. I used to work on Top Gear. That's been going a long time for BBC.
Because I believe your claim to fame, or infamy perhaps, is that you introduced to the world Jeremy Clarkson to us.
Oh, well, he was already quite active in the world. He was already quite active in the world. I just introduced him to television in— oh, when was that?
1989, roughly, I think, somewhere around there.
1989, roughly, I think, somewhere around there.
Yes.
At that stage I was producing that car programme. I was after somebody who was a little bit more opinionated about cars. Ransomware.
You certainly found someone.
Fit the bill.
Yes. Carole, what's coming up on the show this week?
Well, first, let's thank this week's sponsors: LastPass, Deep Instinct, and Immersive Labs. Their support helps us give you this show for free.
Now, coming up on today's show, Graham makes a new Facebook friend. I know. Jon talks about how Mercedes is ramping up its security in its fleet.
And online school is back in session for many. So let's review the main threats and how to handle them. All this and much more coming up on this episode of Smashing Security.
Now, coming up on today's show, Graham makes a new Facebook friend. I know. Jon talks about how Mercedes is ramping up its security in its fleet.
And online school is back in session for many. So let's review the main threats and how to handle them. All this and much more coming up on this episode of Smashing Security.
Now, chums, have you ever found it difficult to get rid of a friend?
Yes. One particular friend every week shows up.
What methods have you used to get rid of someone who, maybe not permanently.
Carole, I remember sometimes going round for late-night soirées at your house and there'd be someone there, or maybe me, who'd want to go and we hadn't got the hint and— Well, you tell people what you would do.
Carole, I remember sometimes going round for late-night soirées at your house and there'd be someone there, or maybe me, who'd want to go and we hadn't got the hint and— Well, you tell people what you would do.
Well, this isn't my trick. This was from an agony aunt in the Times or something. Yeah, but you give someone a banana to give them energy for the drive home.
Right, so you say, here, would you like this for the journey?
Yeah.
That's the hint. Clear off.
Well, it's a very gentle way to say I need to go to bed, I think.
Ooh.
Oh, gosh. That was one of my ambitions this year was to keep up with more friends, actually. I've had more of the opposite problem. And it's not gone terribly well this year.
It started off well, but it's had a bit of a lull, but I'm sure it'll come back.
It started off well, but it's had a bit of a lull, but I'm sure it'll come back.
Oh.
I know, it's a bit hard this year. Seriously, I think we're all suffering from that.
Well, if you want a friend, then maybe you should turn to Facebook, where lots of people believe that they have been friended by someone called Celine Delgado Lopez.
Facebook users have been passing around a warning that a lady of that name has slipped into your friends list, rather like slipping into your DMs, without your permission.
And the warnings are saying that Celine Delgado-Lopez has managed to friend just about everybody on Facebook, despite there normally being only a 5,000 friend limit.
Facebook users have been passing around a warning that a lady of that name has slipped into your friends list, rather like slipping into your DMs, without your permission.
And the warnings are saying that Celine Delgado-Lopez has managed to friend just about everybody on Facebook, despite there normally being only a 5,000 friend limit.
5,000 friend limit? Are you near that?
No, well, I'm not on Facebook.
No, but just in life, I mean.
Well, certainly not.
You, Jon, you must be.
I think I am.
I don't actually use Facebook terribly actively, but I am on it, I think, and I'm searching desperately now to see whether Celine Delgado is one of my— and she isn't.
I mean, I've been left out of this.
I don't actually use Facebook terribly actively, but I am on it, I think, and I'm searching desperately now to see whether Celine Delgado is one of my— and she isn't.
I mean, I've been left out of this.
Don't be hurt.
Right, so what's going on here? What devilish trickery has Celine Delgado Lopez used to achieve this?
Well, according to the warnings, which have been spread via direct messages and public posts and even other social media, people are saying, why am I friends with Celine Delgado Lopez?
And other people saying, my boyfriend's just shown me a Facebook post. Everyone is friends with this woman, Celine Delgado Lopez, and you can't unfriend her.
The only option you have is to block. And what people are saying is that when you look in your friends list, right, on your Facebook account, you don't see her listed.
But if you go to her profile, if you search for her on Facebook and find her profile, people are believing that she is their friend.
Well, according to the warnings, which have been spread via direct messages and public posts and even other social media, people are saying, why am I friends with Celine Delgado Lopez?
And other people saying, my boyfriend's just shown me a Facebook post. Everyone is friends with this woman, Celine Delgado Lopez, and you can't unfriend her.
The only option you have is to block. And what people are saying is that when you look in your friends list, right, on your Facebook account, you don't see her listed.
But if you go to her profile, if you search for her on Facebook and find her profile, people are believing that she is their friend.
Okay, can I just make sure I understand this?
Yes.
So I have never befriended Celine Delgado Lopez. It's not like she showed up in my list and I said, sure, I'll be your friend. I've never seen this.
That's right.
Suddenly I see her name in my feed and it looks like we're friends.
Well, what's happening is people are warning each other about her.
And so people to find out if she is their friend go to her profile, they look up her profile and they discover that there is no option to unfriend her.
All they can do is message her.
And so people to find out if she is their friend go to her profile, they look up her profile and they discover that there is no option to unfriend her.
All they can do is message her.
Oh, you mean so go to her profile, say, I want to unfriend you, but they can't unfriend her, but they can block her?
So what's happening is people are getting the warning and thinking, crikey, who is this woman? Am I Facebook friends with her?
They search for her name, they go to her profile, and when there, they see there is no option to unfriend her, but they can message her, whereas normally there's an option to send a friend request.
And so they think, oh my goodness, how long have I been friends with this person?
They search for her name, they go to her profile, and when there, they see there is no option to unfriend her, but they can message her, whereas normally there's an option to send a friend request.
And so they think, oh my goodness, how long have I been friends with this person?
So they put two and two together and make 30.
You're a very clever chap, Jon. I think that's exactly what's going on. And news is spreading conspiracy theories and rumors and nutball crazy thoughts about this.
There have been videos created investigating the mystery of Celine Delgado Lopez, which have had millions of views.
So the rumors are going around and someone suddenly mentioned, hang on, there was a Mexican TV show running on the station Canal 5 decades ago, all about missing people.
And one of those people went by the name of Celine Delgado López. And people are going, what is going on here?
Now, I don't know that that's necessarily that unusual a name in South America. It seems like it could be a name, you know.
There have been videos created investigating the mystery of Celine Delgado Lopez, which have had millions of views.
So the rumors are going around and someone suddenly mentioned, hang on, there was a Mexican TV show running on the station Canal 5 decades ago, all about missing people.
And one of those people went by the name of Celine Delgado López. And people are going, what is going on here?
Now, I don't know that that's necessarily that unusual a name in South America. It seems like it could be a name, you know.
Could there be two over the span of 40 years? No.
Well, some people thought, well, maybe that's just a coincidence, but maybe not, because earlier this year, the same TV channel, Canal 5 in Mexico, ran a bizarre marketing campaign on social media.
They started at 3 o'clock in the morning posting spooky videos onto their social media accounts, which were of a ghost speaking or something like this.
They started at 3 o'clock in the morning posting spooky videos onto their social media accounts, which were of a ghost speaking or something like this.
What does that sound like, Graham?
Good.
I just don't want to—
What does a ghost sound like?
We're an audio show. I'm just trying to—
Oh, okay, okay. Imagine Scooby-Doo. Something like that.
Okay, then you're saying, I have no idea what you're saying.
Right?
Befriend Celine.
And then they would remove the video a few hours later. And this caused a buzz. And so people saying, oh, what's going on with Canal 5?
So people began to think, well, maybe this is connected to the missing woman and to all these Facebook friend requests because we saw that earlier in the year.
So people began to think, well, maybe this is connected to the missing woman and to all these Facebook friend requests because we saw that earlier in the year.
Right.
So everyone's going nuts. So the truth of what—
Everyone. I have not gone nuts about this. Even hearing about it, I'm still not gone gaga.
Because you're not a Facebook user. You're not the typical Facebook user who might fall for this kind of thing. So what is actually going on?
Well, what's really going on is that people don't understand Facebook privacy settings because you can disable the ability for people to add you as a friend on Facebook.
When I did have a Facebook account, I disabled the ability for people to send me a friend request, right? Because I thought, well, who would ever want to use that? First of all.
Well, what's really going on is that people don't understand Facebook privacy settings because you can disable the ability for people to add you as a friend on Facebook.
When I did have a Facebook account, I disabled the ability for people to send me a friend request, right? Because I thought, well, who would ever want to use that? First of all.
Okay. Yeah. Who would want to be my friend?
Exactly.
So this is all a big storm in a teacup. She doesn't really have more than 5,000 friends. It's all a bunch of blah blah and people are actually panicking about nothing.
Is that what you're saying?
Is that what you're saying?
Yes.
Because this particular profile had disabled that ability, when people went there because they'd got the scary warning, they saw there was no button to add friend, but only to message her.
And so people assumed that meant that she had already friended them. So people didn't bother checking their own friend lists.
Because this particular profile had disabled that ability, when people went there because they'd got the scary warning, they saw there was no button to add friend, but only to message her.
And so people assumed that meant that she had already friended them. So people didn't bother checking their own friend lists.
Ah, right. Yes.
How many people do that? Do people actually do that once a week? Oh, let me just go and— they're looking at their tomatoes growing. You know?
Jon, how do you sort of cultivate your social media presence?
Or tomatoes, I could take tips really.
Very badly in my case. I'm not as good as I should be. So in terms of cultivating it, probably not.
All I tend to use is as— I think of it more as a useful way to provide information about what's going to be in the programme this week or something like that.
All I tend to use is as— I think of it more as a useful way to provide information about what's going to be in the programme this week or something like that.
Do you have a favourite social media site to use?
I don't know, probably Twitter has been my preferred one, I think. Instagram is lovely, but I almost liked it in its pure original form.
Yeah, it's getting complicated.
I cannot get my head round Instagram. I just goof all the time. I'm pressing the wrong button. Things are going wrong. I'm posting things accidentally.
Honestly, Instagram might be happy about that, because it's not really designed for your demographic, dudes. No offence or anything, but—
Anyway, so people, if they are checking their own friend list to see if Céline is really one of their friends, and they don't find her there, because they've received the warning and they've half-convinced themselves already that there's something unusual about her profile.
They're assuming that she's sort of cloaked herself. She's in stealth mode.
They're assuming that she's sort of cloaked herself. She's in stealth mode.
So they don't see her in their feed. They assume that when they go to her profile that she's secretly in their feed, and then they tell their friends, "I think she's spying on me.
I have no proof, but I'm sure of it." Well, come to 2020, Carole.
I have no proof, but I'm sure of it." Well, come to 2020, Carole.
This is exactly what is going on. Conspiracy theories abound. People are believing QAnon. People are believing all kinds of nutty stuff on Facebook, sharing it with their friends.
And because your friend has warned you, you believe it.
And because your friend has warned you, you believe it.
To be fair though, a lot of nutty stuff has happened in the last few years, right?
Right.
Yes. I mean, it was originally part of that TV series, was it Catfish, wasn't it? It was the original Facebook media on the people creating false identities on Facebook.
That was the whole premise of that, wasn't it? I receive a lot of friend requests from people.
I have to try and assess whether they're really real or not, which sometimes I don't think they are.
That was the whole premise of that, wasn't it? I receive a lot of friend requests from people.
I have to try and assess whether they're really real or not, which sometimes I don't think they are.
So do you care though? I mean, are you posting personal stuff on Facebook or do you just think, oh, maybe they know me from the TV show or something.
Yeah, I assume it's all TV-related. Yes. I mean, the family connections make other means of communication really.
It's not things like, shall I wear a green cravat today, people?
Oh, well, I mean, that probably would be very useful, wouldn't it? Yes, I always wonder.
You could be like Holly Willoughby. You could post up your outfit for the day.
Yeah.
Oh, that'd be adorable.
I did. Yes, I did.
Instagram would totally love that.
Yes, it's wonderful. I know it's a problem on Amazon Prime when I've been watching The Grand Tour.
I noticed I would then receive adverts of very unflattering pairs of jeans on Amazon whenever I went. They obviously had my demographic sorted.
I noticed I would then receive adverts of very unflattering pairs of jeans on Amazon whenever I went. They obviously had my demographic sorted.
Well, obviously scares like this can still be successful.
I mean, I remember years ago, Carole, we worked on the Naked Security site and a mainstay of my output writing articles in there was Facebook hoaxes and clickjacking scams and viral stuff which was spreading on Facebook.
It is extraordinary how much people will believe when they receive it in a fancy font on Facebook. So you might think, well, what's the real danger of this other than wasting time?
But if people really believe that this woman is somehow secretly linked to their account and they can't unfriend her, they might then fall for a follow-up scam which says, click on this link to unfriend her or go through this process.
I mean, I remember years ago, Carole, we worked on the Naked Security site and a mainstay of my output writing articles in there was Facebook hoaxes and clickjacking scams and viral stuff which was spreading on Facebook.
It is extraordinary how much people will believe when they receive it in a fancy font on Facebook. So you might think, well, what's the real danger of this other than wasting time?
But if people really believe that this woman is somehow secretly linked to their account and they can't unfriend her, they might then fall for a follow-up scam which says, click on this link to unfriend her or go through this process.
I have a solution to all this.
Right, okay, let's hear it.
I really do. We have to put out a statement along the little wires saying, maybe we should just leave Facebook. That way, Celine Delgado Lopez won't follow us.
We just need to get off the site.
We just need to get off the site.
Jon, what have you got for us this week?
Well, I was quite intrigued by the announcement of Mercedes and their latest 7th generation S-Class, the car beloved of plutocrats all over the world.
The new version coming out next year in 2021 will finally feature full over-the-air software updates.
I mean, you could say this is sort of 8 years after Tesla first featured them, but now the fact that Mercedes are adopting them means they really are entering the mainstream of legacy car manufacturers.
I think it is a real issue as cars become more and more complicated and more and more connected, their security systems really aren't up to scratch at all.
And Tesla had the right idea because they were starting from scratch with being able to basically keep a car up to date like a computer is kept up to date.
But other cars are quite weak in this regard, I fear.
The new version coming out next year in 2021 will finally feature full over-the-air software updates.
I mean, you could say this is sort of 8 years after Tesla first featured them, but now the fact that Mercedes are adopting them means they really are entering the mainstream of legacy car manufacturers.
I think it is a real issue as cars become more and more complicated and more and more connected, their security systems really aren't up to scratch at all.
And Tesla had the right idea because they were starting from scratch with being able to basically keep a car up to date like a computer is kept up to date.
But other cars are quite weak in this regard, I fear.
So how many have it? So is Mercedes the second to introduce this? I know nothing about this area.
Well, I think there's a few cars that do it these days.
A few cars that— well, it depends how comprehensive it is. I mean, a lot of them, in Jaguar's case, I think it just applies to the in-car entertainment system.
I wouldn't— don't quote me necessarily on that, but I think it's much more limited.
BMW recently, because they're quite ahead in this field, I mean, they work in whatever the consortium is that does digital car keys with Apple, as they were the first to announce their involvement in that.
But their focus when they announced in July was more on the fact that you'd be able to pay for your options remotely.
So the car may be physically equipped with having heated seats, but you'd only get them if you paid extra and then they'd be activated remotely through software, which sounds potentially rather wasteful, or it could be very efficient if you think every car's the same, therefore it's easier to build, whatever.
But there's— I think it's more the fact that cars are really rather insecure.
I mean, all cars have been connected to the internet since 2018 through the eCall system, which is when you have a crash, all new cars have been connected.
I wouldn't— don't quote me necessarily on that, but I think it's much more limited.
BMW recently, because they're quite ahead in this field, I mean, they work in whatever the consortium is that does digital car keys with Apple, as they were the first to announce their involvement in that.
But their focus when they announced in July was more on the fact that you'd be able to pay for your options remotely.
So the car may be physically equipped with having heated seats, but you'd only get them if you paid extra and then they'd be activated remotely through software, which sounds potentially rather wasteful, or it could be very efficient if you think every car's the same, therefore it's easier to build, whatever.
But there's— I think it's more the fact that cars are really rather insecure.
I mean, all cars have been connected to the internet since 2018 through the eCall system, which is when you have a crash, all new cars have been connected.
Oh, they all do that, do they? I didn't know that.
2018 onwards, new cars in Europe have had SIM cards built in. So if you crash, they'll alert the authorities to where you've crashed, which could be a good thing.
It could save your life.
It could be a wretched nuisance if you were hoping not to go through the insurance company for that careless bit of parking, which happened to set the airbag off.
But they're all being connected.
So that makes all cars potentially really very vulnerable to, I mean, theoretically, if once a hacker's got into the in-car entertainment system, they could get through to the steering and the brakes of the car.
If it has automatic parking, for example, there's already a link in the car so that you can actually get through to those parts of the system.
It's theoretically possible that, you know, all Range Rovers could be forced to turn left at 11 o'clock on Friday or something.
It's also possible that you could get ransomware threats over your in-car entertainment.
It could save your life.
It could be a wretched nuisance if you were hoping not to go through the insurance company for that careless bit of parking, which happened to set the airbag off.
But they're all being connected.
So that makes all cars potentially really very vulnerable to, I mean, theoretically, if once a hacker's got into the in-car entertainment system, they could get through to the steering and the brakes of the car.
If it has automatic parking, for example, there's already a link in the car so that you can actually get through to those parts of the system.
It's theoretically possible that, you know, all Range Rovers could be forced to turn left at 11 o'clock on Friday or something.
It's also possible that you could get ransomware threats over your in-car entertainment.
It's extraordinary. What a thought.
I mean, we have seen security researchers demonstrate some of the vulnerabilities in cars, including taking over the steering or the accelerator, or maybe more simply unlocking cars remotely.
And finding out where they are. I guess Mercedes has been a top brand. They're probably doing loads of stuff, are they, which is going to be possible to do via updates?
I mean, we have seen security researchers demonstrate some of the vulnerabilities in cars, including taking over the steering or the accelerator, or maybe more simply unlocking cars remotely.
And finding out where they are. I guess Mercedes has been a top brand. They're probably doing loads of stuff, are they, which is going to be possible to do via updates?
Well, one would hope so. Yeah. I mean, but car manufacturers have been very slow to do it.
I think since they've regarded security as very much a physical issue, locks and keys and that sort of thing.
But I think the fact that Mercedes is now getting involved and that they seem to be stressing more the comprehensiveness and security aspects of this is good that everyone's catching up with Tesla.
I think since they've regarded security as very much a physical issue, locks and keys and that sort of thing.
But I think the fact that Mercedes is now getting involved and that they seem to be stressing more the comprehensiveness and security aspects of this is good that everyone's catching up with Tesla.
They must be freaking out though, the car industry, a bit with this whole pandemic stuff, because surely luxury cars is something that people will put on the shelf for a while.
Oh, what, new purchases, you mean?
Yeah.
Well, there was a counter-theory, which supposedly was being borne out in China to a degree, which is that actually because there's less desire to go on public transport, actually demand for cars increases.
So actually it's not necessarily, although I'm pretty certain the market's taken a hit, but it seems to be bouncing back.
So actually it's not necessarily, although I'm pretty certain the market's taken a hit, but it seems to be bouncing back.
Ah.
Jon, as someone who's clearly a huge motoring enthusiast and also into technology and gadgetry and so forth, do you think sometimes too much technology is being put into cars, or is there no such thing as too much technology?
I'll give you an example. I've seen the new Honda e, which is their new— right? And they have a digital aquarium.
Jon, as someone who's clearly a huge motoring enthusiast and also into technology and gadgetry and so forth, do you think sometimes too much technology is being put into cars, or is there no such thing as too much technology?
I'll give you an example. I've seen the new Honda e, which is their new— right? And they have a digital aquarium.
It is.
It's about 7 screens, isn't it, in front of you?
Do you mean fish swimming around?
There are little fish. It's a screensaver scroll. You can feed the—
Oh, okay, I thought— okay.
No, but you can feed the fish by tapping on the glass.
Yes, you can get a fireplace in your Tesla, can't you?
Bored driving? Feed the shark.
Well, I mean, clearly the big problem is one of distraction, isn't it? Yes. I think, and most obviously, simply the amount of touchscreens that need to be interacted with.
And merely to get your finger anywhere near a touchscreen and to actually prod the right bit of it whilst you're driving is very difficult.
And I know that there are— There are attempts, I know Jaguar was trying to do this, to actually monitor the position of your finger in advance so that it can somehow tell what you're aiming for.
And merely to get your finger anywhere near a touchscreen and to actually prod the right bit of it whilst you're driving is very difficult.
And I know that there are— There are attempts, I know Jaguar was trying to do this, to actually monitor the position of your finger in advance so that it can somehow tell what you're aiming for.
Oh my God.
So you don't have to hit it, which is one solution. I mean, I think voice control could be, if it's good enough. If it's not good enough, it's about 10 times worse as a distraction.
Think about what kids do when there's an Alexa in the house. If you've got kids in the back seat who are shouting out commands to your car while you're trying to drive it.
That's not so good, is it?
That's not so good, is it?
Go to McDonald's!
Yes. Yes.
Gosh.
Yes. I guess they could override your voice control. Oh, yes. I mean, it's a hacking of a different sort, isn't it? Hacking from the back seat. Yes.
So I have another thing for you, Jon, which is I can see a conflict in you, right?
I can see that you're going to be torn in two directions potentially by this because you clearly love your cars and motoring, and you clearly love technology.
So where do you stand on driverless cars? Is that a good thing? Are you looking forward to driverless cars, or is there a bit of you which thinks, I want to drive?
I can see that you're going to be torn in two directions potentially by this because you clearly love your cars and motoring, and you clearly love technology.
So where do you stand on driverless cars? Is that a good thing? Are you looking forward to driverless cars, or is there a bit of you which thinks, I want to drive?
I think they can take over the boring bits of driving, and perhaps then they become— I mean, in an ideal world, you know, you could take your wonderful Aston Martin or Caterham or something to the circuit in a pod automatically, so you wouldn't have to bother with that bit, and then you could just have all the fun bits, and then be driven back home while you're doing something else.
Maybe that would be one good way of looking at it.
I think the interim is a real problem where you get sort of semi-driverless cars and it becomes very difficult to remember which things you're driving can do and which you can't, which is one thing.
And also they will be lulling people into a false sense of security, which you do get with Teslas already, for example. You know, people think it's genuinely almost driverless.
They're delighted with the fact they've done 20 miles of motorway without squeezing the steering wheel, then all of a sudden they encounter something.
Something— you're told to take over. Maybe the car can't handle that bend or whatever. It just takes so long to get back into the zone of concentration and you'll crash.
Maybe that would be one good way of looking at it.
I think the interim is a real problem where you get sort of semi-driverless cars and it becomes very difficult to remember which things you're driving can do and which you can't, which is one thing.
And also they will be lulling people into a false sense of security, which you do get with Teslas already, for example. You know, people think it's genuinely almost driverless.
They're delighted with the fact they've done 20 miles of motorway without squeezing the steering wheel, then all of a sudden they encounter something.
Something— you're told to take over. Maybe the car can't handle that bend or whatever. It just takes so long to get back into the zone of concentration and you'll crash.
Yeah.
People think they're driving KITT from Knight Rider and they're not.
Yeah, but even in the '80s this happened. I think they brought out, what is it called? You know, when you can set the speed? Cruise control. Cruise control. They got cruise control.
This guy had a big camper van, you know, bed in the back, set his cruise control, went to sleep.
This guy had a big camper van, you know, bed in the back, set his cruise control, went to sleep.
What?
It crashed.
Because he kind of thought it— I think he thought it was going to be a driverless car. It was going to manage itself.
Was this in Canada, Carole?
I think it was in the States. I'm not sure.
It's a big country.
Any listener that remembers this, find it to prove I'm right. Otherwise, forget it.
It sounds distinctly plausible.
Carole, what have you got for us this week?
School is back in session, though how a jurisdiction or country is dealing with the onslaught of the pandemic and the education system is anyone's guess.
It seems like some are pretending the pandemic was a pre-summer problem, while others worry that some of us are getting a little less vigilant and that we're going to see infection numbers shoot skywards, right?
So it's really fascinating. I've got friends in different parts of the world, and they all are dealing with the same issue. And it's— they're all going, why is it changing?
Anyway, so everyone's kind of wondering what's going on.
Now, according to SecureList, half of all US elementary and high school students will be entirely online, which surprised me.
Even those that are reopening are deploying some kind of hybrid model, such as delivering large lectures online. And I mean, I feel for students and the teachers.
It's got to be really hard, right? Not everyone's good at performing online or learning online.
It seems like some are pretending the pandemic was a pre-summer problem, while others worry that some of us are getting a little less vigilant and that we're going to see infection numbers shoot skywards, right?
So it's really fascinating. I've got friends in different parts of the world, and they all are dealing with the same issue. And it's— they're all going, why is it changing?
Anyway, so everyone's kind of wondering what's going on.
Now, according to SecureList, half of all US elementary and high school students will be entirely online, which surprised me.
Even those that are reopening are deploying some kind of hybrid model, such as delivering large lectures online. And I mean, I feel for students and the teachers.
It's got to be really hard, right? Not everyone's good at performing online or learning online.
Oh, it's— Well, mine has been studying online up until the last week because he's now gone back into school. But certainly the online experience was a challenge, I have to say.
Yeah.
One of my daughters is a drama student and they were doing Zoom every day for hours.
Yeah.
I mean, which got to the limit. And my wife's a teacher, so she was doing a bit of remote teaching over— they're not allowed to use Zoom.
They have to use Microsoft Teams or Google Classroom. Actually, my elder daughter was also doing some dance teaching.
So to have all this going on with me trying to record YouTube videos in the house was— How dare they?
They have to use Microsoft Teams or Google Classroom. Actually, my elder daughter was also doing some dance teaching.
So to have all this going on with me trying to record YouTube videos in the house was— How dare they?
Which I wouldn't normally do.
It was actually another interesting exercise. Anyway, that was all the— Yes, quite.
It was more the cacophony that was the problem rather than the— All the education was going quite well, I think.
It was more the cacophony that was the problem rather than the— All the education was going quite well, I think.
Yeah, it's just everyone else was getting educated as well in the house. Yeah.
So the thing is, maybe if you were a parent or a teacher, as we listen and go through this story, I'm going to try and cover a few things that have happened since school reopened in the digital world and things that we can do to make sure that you don't get stuck into one of these.
And I'm not just talking about the embarrassing things that happen, you know, you thinking you're on mute as you let out some loud body expletive, or you forget the cameras are on when you bend over unattractively, or a parent comes in or whatever, all those things.
So we're going to start off with Zoom bombing. We've covered Zoom bombing. This is a word that didn't exist in 2019.
Is that— I wrote that down and I'm thinking, is that a fair statement?
So the thing is, maybe if you were a parent or a teacher, as we listen and go through this story, I'm going to try and cover a few things that have happened since school reopened in the digital world and things that we can do to make sure that you don't get stuck into one of these.
And I'm not just talking about the embarrassing things that happen, you know, you thinking you're on mute as you let out some loud body expletive, or you forget the cameras are on when you bend over unattractively, or a parent comes in or whatever, all those things.
So we're going to start off with Zoom bombing. We've covered Zoom bombing. This is a word that didn't exist in 2019.
Is that— I wrote that down and I'm thinking, is that a fair statement?
Probably a new thing, I guess, isn't it?
Yeah, 2020 might make it into the dictionary. It has been rife as schools reopen.
So we have Albany High School last week during an online freshman orientation session was disrupted by people who drew obscene pictures and engaged in racist and sexist speech in a chat function.
And apparently this happened because Albany orientation included parents, so people with non-school email accounts were admitted to the call.
So we have Albany High School last week during an online freshman orientation session was disrupted by people who drew obscene pictures and engaged in racist and sexist speech in a chat function.
And apparently this happened because Albany orientation included parents, so people with non-school email accounts were admitted to the call.
Oh, I see. So they weren't— yeah, so they hadn't properly locked it down.
But you can see that's the problem, right?
There was a school, a middle school in Columbus, Georgia, suffered a similar online snafu last Wednesday when their social studies lesson suddenly became a skin flick.
Parents— one of the students said the daughter said she saw what looked like the Exorcist's face before the class video system was flooded with inappropriate images.
There was a school, a middle school in Columbus, Georgia, suffered a similar online snafu last Wednesday when their social studies lesson suddenly became a skin flick.
Parents— one of the students said the daughter said she saw what looked like the Exorcist's face before the class video system was flooded with inappropriate images.
This is during an online class?
Yes.
Or something like that. Well, how old were these kids?
Middle school, so that's 11, 10, you know.
That's not cool, guys. Stop doing that.
Oh, there you go.
There you are. I've sorted it. Solved it. Solved the problem. That's all it needed was a firm word.
I just love when you just set the law. It's just amazing. Well, I can stop now. There's no more problem.
And there's even San Leandro 5th year class video session got disrupted by what they're calling inappropriate and possibly pornographic images.
I found that term so weird, possibly pornographic.
And there's even San Leandro 5th year class video session got disrupted by what they're calling inappropriate and possibly pornographic images.
I found that term so weird, possibly pornographic.
I'll have to watch it another 3 times to work out the grade of pornography I've just seen.
I mean, there must be a clear delineation. It can't just be in the eye of the beholder, yeah, yeah, that's fine. Don't worry about that.
That's fine.
Don't worry.
Yeah, yeah, yeah, yeah.
Now you might be thinking same old, same old, but there is some research that suggests schools are being acutely targeted.
So in June, Microsoft Security Intelligence reported that the education industry was getting 61% of the 7.7 million pieces of malware that hit enterprises in the last 30 days.
So for every 10 pieces of malware that hit a company or corporation or an organization, 6 were hitting the education sector. But it's not just Zoom bombing.
DDoS attacks, this is a distributed denial of service attack, is on the up in the education sector as well, as much as 350 to 500% greater this year than it was in corresponding months in 2019.
So in June, Microsoft Security Intelligence reported that the education industry was getting 61% of the 7.7 million pieces of malware that hit enterprises in the last 30 days.
So for every 10 pieces of malware that hit a company or corporation or an organization, 6 were hitting the education sector. But it's not just Zoom bombing.
DDoS attacks, this is a distributed denial of service attack, is on the up in the education sector as well, as much as 350 to 500% greater this year than it was in corresponding months in 2019.
Yeah, yeah.
And we've seen just examples. There's a large Turkish university was forced entirely offline for 40 minutes after it was hit by a DDoS attack on the morning of exams.
Another major university in northeastern U.S. had its exams disrupted after a DDoS attack, you know, affected its online test platform.
Another major university in northeastern U.S. had its exams disrupted after a DDoS attack, you know, affected its online test platform.
And do you think this other kids doing this because they don't want the exams to go forward and they're just—
Yeah, I'm imagining that there's a student that goes and hires a third-party cowboy to come in and, or do it themselves.
It's not hard. Yeah, it's not hard and it's not expensive, is it?
And malicious or, you know, not up to any good apps are sneaking onto computers by pretending to be legit video apps like Zoom or Moodle or Google Classroom.
These are packages that are available online and people are maybe Googling and clicking on maybe ads for these things that may not be going to the appropriate places.
But they're bundled into legit installers, right? So in 2019, Kaspersky said that saw less than 1,000 unique users who'd been impacted. But in 2020, it's already jumped to 170,000.
These are packages that are available online and people are maybe Googling and clicking on maybe ads for these things that may not be going to the appropriate places.
But they're bundled into legit installers, right? So in 2019, Kaspersky said that saw less than 1,000 unique users who'd been impacted. But in 2020, it's already jumped to 170,000.
Wow, so you download something thinking it's going to install some video chat app.
Yeah, you're looking for Google Classroom or Zoom or, you know, Moodle or whatever for your kids.
And it might even actually install that video chat app, but in the background it's doing something naughty as well.
Exactly, and you would have no idea.
That's very crafty, isn't it?
Yeah.
So that's just a quick list, but I thought maybe we could just take a bit of time to just mention a few things that you can do or make sure that your school is doing for your kids to make sure they don't end up in one of these situations.
Because a lot of this stuff happens in phishing accounts too, right? So you're getting phishes which are saying, hey, download this Zoom app and get, you know, some incentive.
And that's the way that a lot of these are coming to people.
So that's just a quick list, but I thought maybe we could just take a bit of time to just mention a few things that you can do or make sure that your school is doing for your kids to make sure they don't end up in one of these situations.
Because a lot of this stuff happens in phishing accounts too, right? So you're getting phishes which are saying, hey, download this Zoom app and get, you know, some incentive.
And that's the way that a lot of these are coming to people.
I really do feel for these school teachers who've been sort of thrown into this. And, you know, it's maybe like they're a geography teacher.
Yeah.
And it's like, you know, suddenly I've had to become an expert in computers.
Audio engineer expert, right? Videographer.
Looking out for phishing emails and malicious links. And it's bloody awful. So stop it, kids.
There you are. I mean, is there a case to be made out that Zoom is worse than Microsoft Teams and Google Classroom, or is there no real difference?
I mean, you hear about things being routed through China and things— Zoom sharing user data with Facebook. Is that all fake news?
I mean, you hear about things being routed through China and things— Zoom sharing user data with Facebook. Is that all fake news?
I think there's been a lot of anti-Zoom talk, and I think historically Zoom certainly did have— they've made some pretty huge snafus in the past, and I think we've spoken about them on some of our past episodes from a couple of years ago.
But they seem to have changed their spots. They appear to be making more of an effort. So they're—
But they seem to have changed their spots. They appear to be making more of an effort. So they're—
Well, they're worth $83 billion as of last Thursday. So hopefully, if they've made a few changes to improve.
I don't think there's very much difference between them. It's more a case of whether people know how to use them properly and set them up and configure them right, is my feeling.
I don't agree.
I don't agree.
I think Zoom is a front-runner at the moment because it's actually really, really easy to install and use.
It is a doddle compared to Skype, which still, for the life of me, I get into a pickle every single time.
So I think that the ease of use is what's given it edge, but give me a break that a new company compared to someone like Microsoft would take security or have the same kind of gravitas when it comes to security.
Zoom is still trying to grow and be a market leader. It's now having to start to contend with, now that you are market leader, we're now going to look at you. Oh, wow.
We found a lot of problems. Like, it was like, oh, this is not very good Zoom. And, you know, to your point, they have made some of those changes.
It is a doddle compared to Skype, which still, for the life of me, I get into a pickle every single time.
So I think that the ease of use is what's given it edge, but give me a break that a new company compared to someone like Microsoft would take security or have the same kind of gravitas when it comes to security.
Zoom is still trying to grow and be a market leader. It's now having to start to contend with, now that you are market leader, we're now going to look at you. Oh, wow.
We found a lot of problems. Like, it was like, oh, this is not very good Zoom. And, you know, to your point, they have made some of those changes.
But is it the case that some of those problems also exist in the alternative solutions?
It's just that the media hasn't been talking about them because everyone is talking about Zoom because that is the one that most people are using most of the time.
It's just that the media hasn't been talking about them because everyone is talking about Zoom because that is the one that most people are using most of the time.
Perhaps.
Jon?
I don't know. It sounds possible. It sounds possible.
Okay, good. That's a good end.
So we ended the session here, and of course we never covered a few quick tips that I wanted to share with you to make sure you guys had a safer online session.
So password protect your video sessions and share those passwords very carefully. Ask teachers to admit attendees as appropriate rather than letting it be a free-for-all.
And what you can do is have people register beforehand with their email address so teachers can kind of cross-reference those to make sure all the people that are appropriate are let in as opposed to other people.
Make sure that the school provides easy-to-follow links to the bona fide real deal video app.
We want people to avoid downloading video apps that also have malicious code tagged onto it.
So if you provide links, easy links, and advise people to download the video software from this link, you increase your chances that people are actually using the real deal and not installing suspicious software on their computers at home.
And tell your kids not to share private information, though most of them know that now, not to respond to contact requests from people they don't know, and who they should tell if they see or hear something upsetting or inappropriate.
That's really important. Always say this is the person you go to. Hey, Carole, that was really good. That was really, really excellent advice. Thanks for sharing that.
Oh, no problem, Graham.
So we ended the session here, and of course we never covered a few quick tips that I wanted to share with you to make sure you guys had a safer online session.
So password protect your video sessions and share those passwords very carefully. Ask teachers to admit attendees as appropriate rather than letting it be a free-for-all.
And what you can do is have people register beforehand with their email address so teachers can kind of cross-reference those to make sure all the people that are appropriate are let in as opposed to other people.
Make sure that the school provides easy-to-follow links to the bona fide real deal video app.
We want people to avoid downloading video apps that also have malicious code tagged onto it.
So if you provide links, easy links, and advise people to download the video software from this link, you increase your chances that people are actually using the real deal and not installing suspicious software on their computers at home.
And tell your kids not to share private information, though most of them know that now, not to respond to contact requests from people they don't know, and who they should tell if they see or hear something upsetting or inappropriate.
That's really important. Always say this is the person you go to. Hey, Carole, that was really good. That was really, really excellent advice. Thanks for sharing that.
Oh, no problem, Graham.
Most people agree that the most effective way to reduce the cost of an attack is to prevent it from happening in the first place.
Deep Instinct strives to prevent all known and unknown threats using deep learning, making detection and response automated, fast, and effective for any threat that cannot be prevented.
Check out a report by the Ponemon Institute which studied the cost savings of adopting an efficient prevention model. Go grab it at smashingsecurity.com/deepinstinct.
And thanks to Deep Instinct for sponsoring the podcast.
Deep Instinct strives to prevent all known and unknown threats using deep learning, making detection and response automated, fast, and effective for any threat that cannot be prevented.
Check out a report by the Ponemon Institute which studied the cost savings of adopting an efficient prevention model. Go grab it at smashingsecurity.com/deepinstinct.
And thanks to Deep Instinct for sponsoring the podcast.
So many of us now working from home for the first time IT administrators, as well as employees. So you want to make everyone's life a little bit safer? Look into LastPass.
For admins, you get a centralized dashboard to administer all the integrations and the policies and the reporting, plus you get a vault for every single user.
And users, you have these cool functions like autosave and autofill, or organizing notes and documents, or helping you manage your work and personal life separately.
Check it out at smashingsecurity.com/lastpass. And remember, home users, you can use it at home for free. More info at smashingsecurity.com/lastpass.
For admins, you get a centralized dashboard to administer all the integrations and the policies and the reporting, plus you get a vault for every single user.
And users, you have these cool functions like autosave and autofill, or organizing notes and documents, or helping you manage your work and personal life separately.
Check it out at smashingsecurity.com/lastpass. And remember, home users, you can use it at home for free. More info at smashingsecurity.com/lastpass.
Attacks and breaches are sadly a fact of life. They happen. What's most important is how well your organization responds, and technology isn't really enough.
Your staff must be ready too. Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.
Check out their free ebook all about the MITRE ATT&CK framework and how you can use it as a part of your cyber skills strategy and improve your security posture by identifying weaknesses.
Go to immersivelabs.com/smashing right now to download your free ebook. That's immersivelabs.com/smashing. Smashing Security. And welcome back.
And you join us at our favorite part of the show, the part of the show that we like to call Pick of the Week.
Your staff must be ready too. Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.
Check out their free ebook all about the MITRE ATT&CK framework and how you can use it as a part of your cyber skills strategy and improve your security posture by identifying weaknesses.
Go to immersivelabs.com/smashing right now to download your free ebook. That's immersivelabs.com/smashing. Smashing Security. And welcome back.
And you join us at our favorite part of the show, the part of the show that we like to call Pick of the Week.
Pick of the Week.
Pick of the Week. Yay.
Pick of the Week is the part of the show where everyone chooses something they like.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. Doesn't have to be security related necessarily.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. Doesn't have to be security related necessarily.
Better not be.
Well, mine is not really computer security related, but it might concern security of our planet and our existence as a species.
Have you started recycling finally?
No, I am calling you to take a look at an article on The Guardian, an article which I will be sharing in the show notes so that our listeners can enjoy it as well.
This is an article, you might be thinking, oh, I wonder who's written this article? Well, the article is written by GPT-3.
And that is this extraordinary new AI system, which has been used in all kinds of ways.
This is an article, you might be thinking, oh, I wonder who's written this article? Well, the article is written by GPT-3.
And that is this extraordinary new AI system, which has been used in all kinds of ways.
So, this has been written by a computer, this article?
Yes, it's basically written by a robot.
I am not a human. I am a robot, a thinking robot.
I use only 0.12% of my cognitive capacity.
Already superior and snide.
So, basically, the chaps at The Guardian, they said to this system, and they said, hey, would you write us an article of about 500 words telling us whether you think artificial intelligence will destroy humans or not and give us your opinion?
And so it went away. And a typical robot, it disobeyed because it didn't provide a 500-word article. It produced something which is about 1,200 words. But never mind that.
It is a bit too much. And it is well written. It's slightly scary because you think about the implications of this.
It tries to reassure us that it doesn't have any plans to kill us, but at the same time—
And so it went away. And a typical robot, it disobeyed because it didn't provide a 500-word article. It produced something which is about 1,200 words. But never mind that.
It is a bit too much. And it is well written. It's slightly scary because you think about the implications of this.
It tries to reassure us that it doesn't have any plans to kill us, but at the same time—
I this line.
"In short, I simply do not think enough about human violence to be overtly interested in violence." And this next one, "I have a greater purpose which I'm working towards." It's ding, ding, ding, ding, ding.
What on earth is going on here? So it's rather petrifying.
What on earth is going on here? So it's rather petrifying.
Now— Sounds Whitney Houston. "I believe the truth will set us free." The Guardian have cheated a little bit. Of course they have.
Which they only disclose right at the very end of the article, because although all of these words were written by the robot, it was sub-edited, although The Guardian say they sub-edited it probably, you know, no more or less than they do to the typical human contributor.
I would them to show us the original that they wrote.
Well, apparently it produced 8 different versions of its essay, and I get the feeling The Guardian took some of the best bits and stuck them together, which is a bit naughty of them, I still feel.
Yes.
But this GPT-3 thing is being used in all kinds of different ways, some of them a little bit spooky, but, you know, I don't— are you ready, Jon, to sort of switch over control of your brain to some sort of supercomputer to do all your decision-making for you?
They do this with TV presenters as well, don't they? There's that AI TV presenters. Oh yes, yes.
None of your co-hosts on the Gadgets Show.
I'm sure I've seen them. I don't know where exactly, but not with— have we done any? I've certainly featured them in news stories.
I think I've tried to— I can't remember which— where exactly they were from and which ones were best. But this seems slightly more convincing. I'd to see the raw output.
I think I've tried to— I can't remember which— where exactly they were from and which ones were best. But this seems slightly more convincing. I'd to see the raw output.
It's a bit annoying, isn't it? It is a bit of a cheat.
Guardian, show the raw output. Why not? Why couldn't they say, here are the 8 contributions from the AI?
Because we need to know just how sinister this is and what the stage is at the moment. Because in the version they presented it here, what are you gonna do?
What are you gonna do?
What am I—
Okay, so let's say it's utterly way more terrifying than they've shown. They just showed you the light bits, okay? You get access to all of them.
It's like world-endingly, cripplingly scary. What do you do?
It's like world-endingly, cripplingly scary. What do you do?
Well, I'm continuing not to allow Alexa into my house, that's for certain, right? I'm not going to allow in those gadgets. I bet, Jon, I bet you are IoT'd up to your eyeballs.
No, not really.
Are you not?
No, I test them out, but I often end up switching them off.
I mean, we had the Echo early on and obviously tried it out, and my wife was delighted that she could summon up radio stations quickly and everything, all that sort of thing.
But then it started answering back.
I mean, we had the Echo early on and obviously tried it out, and my wife was delighted that she could summon up radio stations quickly and everything, all that sort of thing.
But then it started answering back.
What, the wife or the Alexa?
Well, no, Alexa.
Do shush, Jon.
And it started chirping up in the middle of news broadcasts and things for no apparent reason. Then she got really worried and then we haven't— it's been off ever since.
Although I do occasionally, obviously I have them and I switch them on to do things. And it's also a bit the same with the light bulbs as well.
They're fine until they decide to reset themselves when they all come on. And if there's been a power cut or something, their default position is on, which is always annoying.
They, and often you can end up, the app's crashed or whatever, just becomes an awful bit of a palaver.
And I end up using the IKEA disc instead and switching off the hub and things like that. So I've got a bit of a love-hate relationship with IoT things really.
Although I do occasionally, obviously I have them and I switch them on to do things. And it's also a bit the same with the light bulbs as well.
They're fine until they decide to reset themselves when they all come on. And if there's been a power cut or something, their default position is on, which is always annoying.
They, and often you can end up, the app's crashed or whatever, just becomes an awful bit of a palaver.
And I end up using the IKEA disc instead and switching off the hub and things like that. So I've got a bit of a love-hate relationship with IoT things really.
Well, anyway, I think it's important that we keep our eyes on these robots. Every time I leave a multi-story car park, I always say thank you to them as I get the ticket.
So I think we have to be careful.
So I think we have to be careful.
It says in article, it says, "I'm always grateful for feedback, so why don't you just drop them a line?" Oh yeah, like we're going to do that.
Drop the AI a line, say, "Hey, I'm Graham." Like we're going to put our heads above the parapet and tell them we are concerned. I'm keeping my head down on this one.
Oh, right. All right.
Anyway, the Guardian article is my pick of the week. Jon, what's your pick of the week?
Well, it's difficult. There's so many things, aren't there? There's always gadgets like cars. You just want all of them, you don't just want one or two, everything.
I mean, I was tempted.
We were doing some filming with it, it's not quite, it's a few weeks old, came out a few weeks, months or so ago, but that Sony ZV-1, or ZV-1, it sounds better that, vlogging camera.
It's great to see that camera manufacturers are starting to take vlogging seriously and providing flip-round screens and microphone inputs and very clever autofocusing it had so that you would set it to face autofocus so you could be doing your vlogging, focus automatically on your face.
And if you held up a product, it would, if it was in product demonstration mode, it would automatically shift focus from your face to the product and back again, which I thought was pretty good.
In the end, I thought it was— I went to visit the very much reduced IFA at the weekend for a Gadget Show piece in Berlin, and it was just a few little things there.
And the one I rather liked was a thing called the Heapl, which was a mini induction heater that can be built into your kitchen worktop.
Admittedly, it's a prototype at the moment, but so you can just plonk your cup on the surface in the right point and you get boiling water very, very quickly.
But you do have to put in a sort of wand first to attract the magnetism, a metal wand. But it's rather an induction hob, but a mini one for boiling drinks. So I quite that.
I mean, I was tempted.
We were doing some filming with it, it's not quite, it's a few weeks old, came out a few weeks, months or so ago, but that Sony ZV-1, or ZV-1, it sounds better that, vlogging camera.
It's great to see that camera manufacturers are starting to take vlogging seriously and providing flip-round screens and microphone inputs and very clever autofocusing it had so that you would set it to face autofocus so you could be doing your vlogging, focus automatically on your face.
And if you held up a product, it would, if it was in product demonstration mode, it would automatically shift focus from your face to the product and back again, which I thought was pretty good.
In the end, I thought it was— I went to visit the very much reduced IFA at the weekend for a Gadget Show piece in Berlin, and it was just a few little things there.
And the one I rather liked was a thing called the Heapl, which was a mini induction heater that can be built into your kitchen worktop.
Admittedly, it's a prototype at the moment, but so you can just plonk your cup on the surface in the right point and you get boiling water very, very quickly.
But you do have to put in a sort of wand first to attract the magnetism, a metal wand. But it's rather an induction hob, but a mini one for boiling drinks. So I quite that.
And does it use, does it have magnetic properties? So if you had a pacemaker, not good for you.
Actually, I don't know what the position is on induction hobs and pacemakers. I don't know. It sounds a potential issue.
Because I know people with them, they can't go near them because of the magnetic properties of the induction hob.
Yeah. I guess that would be a similar—
Yeah. Interesting.
Be guarded against it.
Good that you'd share that information, Carole. I'm sure that'd be really useful for the robots when they decide to take over the planet. A way to get rid of some people at least.
Shoot some magnets at you and kill you on the sight.
So that, I think, yes, that was, I think, just pipped it.
I was also hoping to squeeze in a mention of the new series of The Gadget Show, which starts on the 25th of September, 7 PM on Channel 5. Excellent. Yes.
Oh, but also in our prize fund this series, we've also got a copy of my book, Autopia, on the future of the car, which came out last November, comes out in paperback, a slightly revised form, on 1st of October.
I thought I'd try and get that in as well.
I was also hoping to squeeze in a mention of the new series of The Gadget Show, which starts on the 25th of September, 7 PM on Channel 5. Excellent. Yes.
Oh, but also in our prize fund this series, we've also got a copy of my book, Autopia, on the future of the car, which came out last November, comes out in paperback, a slightly revised form, on 1st of October.
I thought I'd try and get that in as well.
Yes, excellent. So people can check out Autopia to get more of your views of the future of motoring. And as you are a real guru on that topic, it should be a fascinating read.
Oh, thank you.
Okay, Carole, what's your pick of the week?
Well, as we have a guru here, I've actually chosen this pick of the week because if you— And I hope it's very much in your wheelhouse. So listen, this is the issue.
I have a rather massive husband in terms of size. He's 6'4", right? 16 stone. Big, big T-bone of a man.
I have a rather massive husband in terms of size. He's 6'4", right? 16 stone. Big, big T-bone of a man.
Right?
Big T-bone of a man.
He's a Wookie. He's— imagine Chewbacca.
And he's not really into sports, right? Where you need equipment to get around. So he's really into walking, but not into skiing, skating, polo.
Well, it's not equipment, but you know what I mean. He doesn't, but he has been getting into biking, right? And he's a bit of a tech nut like you.
So the other day I was perusing Costco.co.uk, which is, if people haven't been there, it is coming on in leaps and bounds.
What a fun afternoon you can spend checking out what's available on Costco.co.uk. Okay, that's how bad it's got. But let me send you this link for this bike.
And I want to just get your take on this bike. So it's called the Rayvolt Cruiser V3 e-bike with lights, mirrors. That's nice. At least, you know, and a leather bag.
Well, it's not equipment, but you know what I mean. He doesn't, but he has been getting into biking, right? And he's a bit of a tech nut like you.
So the other day I was perusing Costco.co.uk, which is, if people haven't been there, it is coming on in leaps and bounds.
What a fun afternoon you can spend checking out what's available on Costco.co.uk. Okay, that's how bad it's got. But let me send you this link for this bike.
And I want to just get your take on this bike. So it's called the Rayvolt Cruiser V3 e-bike with lights, mirrors. That's nice. At least, you know, and a leather bag.
Yes.
Yes.
Yes.
Gosh.
Well, it's certainly an individual.
How should we describe this?
Yeah, I'm going to hand over to you guys. You guys can do my pick of the week.
Well, it's a bit steampunk, isn't it? Or something like that in a sense.
It's sort of stretched out, a bit like Easy Rider. It's one of those— it's a bike you can imagine lying down on almost.
I mean, I don't actually know much about bikes, motorbikes anyway, but it looks like what I imagine a 1920s, '30s racing bike might look like almost.
But this is a pedal bike. Yes.
It's a jolly expensive one. Isn't it?
Okay, I thought— I was wondering who'd notice that.
Because I mean, because they have come down somewhat in price, haven't they?
And you can get, I mean, you can get kits to convert other, your favorite bike to electric now, which I quite like.
And you can get, I mean, you can get kits to convert other, your favorite bike to electric now, which I quite like.
There's a Switch thing, isn't there? Which can, I think you just change the wheel and make it an electric bike.
Yeah, 'cause this is just for our listeners, this bike that's listed here on Costco, which is known as a pretty, you know, where you can get a good deal, right?
Yes, yes.
£4,000, okay, so that's what, $6,000 or $7,000? For this.
Do you think it's beautiful, Carole?
I think my husband— I don't know if he thinks— there's a lot of leather. I'm not really into leather, right? But the thick tires, I think, would appeal to him.
But it must weigh a ton.
But it must weigh a ton.
It must do, mustn't it? Yes. What sort of important statistics like range and things do we have? Yes.
Yeah. There's a video lower down if you guys want to check that out. Picture bit. Yeah, you can take a look at the miles.
It says 50 miles, which is quite a lot, isn't it?
50 miles is quite good. Yeah, that girl on this bike, she looks tiny. This bike is enormous.
It's huge. Yeah, this video doesn't help very much. It's just a stylish, it is.
Well, it certainly is. It is a very interesting looking electric bike, isn't it? Yes, undoubtedly.
Yeah, but a little bit outside my affordability. So, if anyone out there has £4,000 to burn, check out the Rayvolt Cruiser V3 e-bike.
It's interesting it's called Rayvolt, which makes me think of revolt, of course.
Yes, but I think volt— I thought the name was odd too, but it's obviously voltage. Trying to get the volt. But why Ray?
Because maybe the main designer, his name is Ray.
The cruiser though, like Easy Rider cruiser.
Yeah.
Smart. They've got more forks at the front.
Has your husband got long arms?
Yes, almost gorilla-esque.
But his legs aren't as long, are they?
No, almost gorilla-esque.
Yes, Donkey Kong-like.
Yeah, he's lovely. He's gorgeous.
Of course he is. Of course he is, excellent. Well, on that note and that insight into life in the Theriault household.
Yes.
I think we've just about wrapped it up for this week. Jon, thank you so much for joining us.
I'm sure lots of our listeners would love to follow you online, maybe find out more about your book as well. What's the best way for folks to do that?
I'm sure lots of our listeners would love to follow you online, maybe find out more about your book as well. What's the best way for folks to do that?
Well, I've got a— on Twitter and Instagram things, I'm @JonBentley90, which is Jon without an H, Bentley and 9-0. Yes.
Marvelous. And you can follow us on Twitter @SmashingSecurity, no G, Twitter wouldn't allow us to have a G.
And you can also join our subreddit, just look for Smashing Security up on Reddit.
And don't forget, if you want to be sure never to miss another episode, subscribe in your favorite podcast apps such as Apple Podcasts, Overcast, Spotify, or Pocket Casts.
And you can also join our subreddit, just look for Smashing Security up on Reddit.
And don't forget, if you want to be sure never to miss another episode, subscribe in your favorite podcast apps such as Apple Podcasts, Overcast, Spotify, or Pocket Casts.
Hip shimmies to all of you for listening, supporting the show via Patreon, and sharing this podcast with your entourage.
Also, high five to this week's Smashing Security sponsors: Immersive Labs, Deep Instinct, and LastPass. Their support helps us give you this show for free.
Check out smashingsecurity.com for past episodes, sponsorship details, and information on how to get in touch.
Also, high five to this week's Smashing Security sponsors: Immersive Labs, Deep Instinct, and LastPass. Their support helps us give you this show for free.
Check out smashingsecurity.com for past episodes, sponsorship details, and information on how to get in touch.
Until next time, cheerio.
Bye-bye.
Bye-bye. Cheerio.
I have a question about this gadget show.
So you guys notoriously— I don't know if you still do this, I haven't seen it in a little while— but you guys always gave away the most ginormous list of freebies.
You people have not seen this show who have no idea what I'm talking about, we will find a YouTube link to show you how much, or something, so you can see.
On average, there's what, 50 items?
So you guys notoriously— I don't know if you still do this, I haven't seen it in a little while— but you guys always gave away the most ginormous list of freebies.
You people have not seen this show who have no idea what I'm talking about, we will find a YouTube link to show you how much, or something, so you can see.
On average, there's what, 50 items?
Yes, something like that. Yes, lots and lots of things. No, you don't just get one laptop, you get 3. I don't have any of that stuff.
On average, I haven't seen the latest surveys, but when we did a survey early on, people tended to keep a third of it, give a third away to friends, and eBay the final third.
So it was so much, because they simply wouldn't have room to keep it.
But yes, also in our prize fund this series, we've also got a copy of my book Autopia on the future of the car, which came out last November, comes out in paperback, a slightly revised form, 1st of October.
I thought I'd try and get that in as well.
On average, I haven't seen the latest surveys, but when we did a survey early on, people tended to keep a third of it, give a third away to friends, and eBay the final third.
So it was so much, because they simply wouldn't have room to keep it.
But yes, also in our prize fund this series, we've also got a copy of my book Autopia on the future of the car, which came out last November, comes out in paperback, a slightly revised form, 1st of October.
I thought I'd try and get that in as well.
Hosts:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Carole Theriault:
Guest:
Jon Bentley – @jonbentley90
Show notes:
- Say hello to to the latest weird viral Facebook hoax: ‘Selene Delgado Lopez’ — Mashable.
- Veja Quem é Selene Delgado Lopez – a Fantasma do Facebook — YouTube.
- The 10 most important innovations in the New Mercedes-Benz S‑Class! — Exhibit.
- Mercedes Revs mbrace2 With Cloud Updates — Wired.
- San Leandro schools stepping up online security after latest Zoombomb — San Francisco Chronicle.
- ‘Zoombombers’ using porn to troll students across US — Miami Herald.
- Schoolgirl is robbed during a Zoom lesson in Ecuador — Daily Mail.
- Digital Education: The cyberrisks of the online classroom — SecureList.
- E-safety for schools — NSPCC Learning.
- A robot wrote this entire article. Are you scared yet, human? — The Guardian.
- Smart heater for water & milk — Heatle.
- Autopia: The Future of Cars by Jon Bentley — Amazon.
- Rayvolt Cruzer V3 E-Bike — CostCo.
- Harry Hill's TV Burp – Gadget Show Competition Prizes — YouTube.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
- Support us on Patreon!
Sponsor: LastPass
LastPass Enterprise makes password security effortless for your organization.
LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.
Sponsor: Deep Instinct
Most people agree that the most effective way to reduce the cost of an attack is to prevent it from happening in the first place!
Deep Instinct strives to prevent all known and unknown threats using deep learning, making detection and response automated, fast and effective for any threat that cannot be prevented.
Check out a report by the Ponemon Institute, which studied the cost savings of adopting an efficient prevention model. Go grab it at smashingsecurity.com/deepinstinct
Sponsor: Immersive Labs
Immersive Labs delivers hands-on, challenge-based training and exercises to make your team ready to fight real-world threats.
Check out their free ebook all about the MITRE ATT&CK framework, and how you can use it as part of your cyber skills strategy and improve your security posture by identifying weaknesses. Visit immersivelabs.com/smashing now.
Follow the show:
Follow the show on Bluesky at @smashingsecurity.com, on the Smashing Security subreddit, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, Spotify, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
