Deepfake expert Nina Schick joins us as we discuss synthetic media, Facebook’s latest data fiasco, and some less-than-brilliant April Fool’s tricks.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast, hosted by cybersecurity veterans Graham Cluley and Carole Theriault.
0:00
0:00
0:00
0:00
Show full transcript ▼
This transcript was generated automatically, probably contains mistakes, and has not been manually verified.
And you're thinking, okay, so it was a joke. It was a joke.
It's not. It's— well, you say it's— you say it's a joke. It's not a funny joke.
No, it's not a funny joke.
It's just— but Graham, it's— it's a pun, you know. I thought every Englishman loved a pun.
Maybe in Germany it's funny, but I'm—
I'm half German.
They're not funny. You're right, they're not funny.
Smashing Security, episode 222. Facebook deepfake. Ransomware outbreaks and April Fools scandals with Carole Theriault and Graham Cluley.
Hello, hello, and welcome to Smashing Security episode 222. My name is Graham Cluley.
Hello, hello, and welcome to Smashing Security episode 222. My name is Graham Cluley.
And I'm Carole Theriault.
And this week, Carole, we're joined by a special guest, someone who hasn't been on the show before. It is Nina Schick.
Very exciting.
Great to be here, guys.
I'm thrilled that you're here because I heard you on Sam Harris's podcast, and I don't listen to a lot of Sam Harris, but occasionally I go through just to see if anyone's talking about technology or misinformation.
And there you were. So really exciting that you're here.
And there you were. So really exciting that you're here.
Well, I'm really excited to be here with you guys. Thanks for having me.
So Nina, you are the deepfake expert, aren't you? You're the one who knows all about that and disinformation.
That's right. I'm the deepfake person. I got into it quite a few years ago, and it seems to be getting quite popular. So it seems to be an interesting—
How can we tell we've got the real Nina Schick on the line right now rather than a deepfake person?
Oh my God, Graham, you did it. You went there.
That's what everybody wants to know. They ask me.
Oh really? It's not, it's not original? Oh dear.
No, you'd be surprised how often I get asked that.
Sorry.
It's a good question, I like it. Yeah, I'm real still, although, you know, right, by and by.
That's why, of course, she'd say that. That's the point. Exactly, exactly, exactly. Nina, you've written a book.
Yeah, so my book is obviously on deepfakes. It's called Deepfakes and the Infocalypse.
And it's all about the corroding information ecosystem and how basically AI-generated visual or synthetic media is the next step in the corroding information ecosystem.
But of course, when it comes to the future of deepfakes and synthetic media, it is going to be so much bigger than that.
It's actually a profound, I think, paradigm shift in the future of not only content creation but human communication.
And just as it will be weaponized by bad actors for disinformation or misinformation, like all powerful technologies of the exponential age, it's going to actually be transformative for entire industries and not only be used maliciously.
And it's all about the corroding information ecosystem and how basically AI-generated visual or synthetic media is the next step in the corroding information ecosystem.
But of course, when it comes to the future of deepfakes and synthetic media, it is going to be so much bigger than that.
It's actually a profound, I think, paradigm shift in the future of not only content creation but human communication.
And just as it will be weaponized by bad actors for disinformation or misinformation, like all powerful technologies of the exponential age, it's going to actually be transformative for entire industries and not only be used maliciously.
So yeah, guys, I told you she was smart. I told you she was smart. We're going to talk a lot more about this in your section. I cannot wait.
First, let's just thank this week's sponsors, 1Password and Duo Security. Their support helps us give you this show for free. Now coming up on today's show, Graham, what do you got?
First, let's just thank this week's sponsors, 1Password and Duo Security. Their support helps us give you this show for free. Now coming up on today's show, Graham, what do you got?
I'm gonna be telling everyone Mark Zuckerberg's phone number.
Ooh, okay. And Nina, what about you? Well, I think we know. Ooh, could it be deepfakes?
Is it actually me? I think we'll get into that and more.
Okay, and I'm gonna be revisiting April Fools' and see who pulled it off this year and who did not. All this and much more coming up on this episode of Smashing Security.
Now, chums, I don't know if you've heard, it's a big story right now in the technology press. Our good friends at Facebook— oh, how we love them. They've had a little glitch.
I just don't that you use good friends indiscriminately. What? I mean, you know, everyone from Piers Morgan to Mark Zuckerberg gets that label.
It's just, you know— Anyway, carry on.
It's just, you know— Anyway, carry on.
All right, fair enough. Yes, so Facebook— uh-oh— they appear to have leaked half a billion Facebook account details onto the internet.
That's what's leaked out onto the internet and is now available for anyone to download and to access and to scroll through for free.
That's what's leaked out onto the internet and is now available for anyone to download and to access and to scroll through for free.
Unbelievable. That's gotta be 20%, right? That's 20% of their users. 'Cause don't they have something like 7 or 8 billion or something?
I don't know. How many people are there on Earth? They've probably got more users than the population of planet Earth at the moment.
Oh, I bet they do because people have more than one account. Of course we do, yes. How else are you supposed to stalk people online? You don't use your own account.
Oh, I bet they do because people have more than one account. Of course we do, yes. How else are you supposed to stalk people online? You don't use your own account.
Whoa!
Well, you know.
So Facebook has had a serious data breach, which is getting it bad press at the moment, and Facebook doesn't appear to me to have actually notified the affected users, which I think is a little bit naughty.
The information which is out there right now is people's full names, email addresses, sex, location, marital status, phone number, occupation, and something called their account ID number.
So Facebook has had a serious data breach, which is getting it bad press at the moment, and Facebook doesn't appear to me to have actually notified the affected users, which I think is a little bit naughty.
The information which is out there right now is people's full names, email addresses, sex, location, marital status, phone number, occupation, and something called their account ID number.
I thank God relationship status isn't mentioned.
Well, it's complicated, is it, Carole?
Yeah.
Now, the details of 533 million users from 106 different countries were scooped up off Facebook back in 2019 via a vulnerability in their add friends feature.
So they had a bug in their software which hackers were able to exploit in order to access information which they shouldn't have been able to scrape quite so easily.
Now, this data surfaced, bubbled up on a hacking website in the middle of last year.
So they had a bug in their software which hackers were able to exploit in order to access information which they shouldn't have been able to scrape quite so easily.
Now, this data surfaced, bubbled up on a hacking website in the middle of last year.
Summertime type thing for—
Summer for the northern hemisphere, yes. Middle of last year.
Yeah.
Okay. What does the weather matter, Carole? As to when the data surfaced.
I'm just trying to—
I'm trying to— I'm getting into the story. I'm trying to, you know—
You're making it more poetic.
Context. Yes, yes.
You know when I'd ask you if you went out one night, I'd be "what are you wearing?" You know, just get me into the scene.
Yeah.
Okay.
So I imagine Mark Zuckerberg was wearing a hoodie.
Gray t-shirt.
Yeah, yeah. I see him. I'm there. I'm there. Okay.
He had a designer dog with him. And the data bubbled up on some hacking website. And the hacker was asking around $30,000 for this information if you wanted to grab it.
What?
Seriously?
Is that all?
Well, that was what it was at the time. At the time, of course, it wasn't in much circulation. Now, if you think, is that all?
I was thinking I could scrape it together, you know, that would help our show.
For the entire database?
For the entire database of half a billion Facebook accounts, yes.
Wait, and this would be a unique transfer to the one person that paid $30,000 or $30,000 per access?
Oh, I love the way you're thinking.
It's a screen print, yeah.
The interesting thing is the price subsequently lowered to less than $10. So I think—
What, for all of it?
So I think this is the way that breaches often go. They get hold of some valuable data. And this didn't include passwords, by the way. We need to stress it didn't include passwords.
So there was sensitive information in there, which you probably didn't want falling into the wrong hands. But it didn't include passwords, which would've bumped up the price.
But once some people have got access to some of it, of course, they could sell it on to others at cheaper and cheaper rates.
And eventually, the first person thinks, maybe I'll get $10 for this.
So there was sensitive information in there, which you probably didn't want falling into the wrong hands. But it didn't include passwords, which would've bumped up the price.
But once some people have got access to some of it, of course, they could sell it on to others at cheaper and cheaper rates.
And eventually, the first person thinks, maybe I'll get $10 for this.
Yes, like the last chicken at Sainsbury's. Last chicken at Sainsbury's.
Now, back in January of this year, somebody created a bot on Telegram, like a little automated routine which you could send queries to, and allowed anyone to query Facebook's database, the leaked database, for a small fee, just for a couple of credits.
So you can send it a Facebook ID. That's the string of numbers associated with your profile.
So even if you've got a Facebook username, which you probably do have, there's also a unique numeric identifier for you.
And it's actually not that hard to find out someone's Facebook ID if you want to. There are websites even which can do that if you can't work it out.
So you can send it a Facebook ID. That's the string of numbers associated with your profile.
So even if you've got a Facebook username, which you probably do have, there's also a unique numeric identifier for you.
And it's actually not that hard to find out someone's Facebook ID if you want to. There are websites even which can do that if you can't work it out.
Oh, thanks for the tip.
Links in the show notes. And the bot would spit back the associated phone number of that person.
So if you were chatting to someone online, but you weren't able to get in touch with them any other way, you could have used that facility to get their phone number.
So if you were chatting to someone online, but you weren't able to get in touch with them any other way, you could have used that facility to get their phone number.
Oh, fun.
Which potentially is problematical, isn't it?
Mm-hmm. Potentially.
Problematic, surely.
Yes.
And now, what did I say?
Problematical. I don't know. I felt like I was in North America for a second.
Oh, I see. Well, you do the math for yourself.
Maths.
Isn't it weird how in the UK, sport is sport, and in America it's sports, and maths is maths here, and it's math in America? Yeah.
Drop the S, didn't need it.
Graham, you're not the first British person I've come across who's very upset about the dropped S.
Yeah, what do you say, Nina? Because you're an international person.
I think I've said math in the past, but my English friends have drilled it out of me. They've been very upset about it.
I'm still fighting strong 20 years on. Still fighting, fighting the real fight.
The real important one is aluminum. And whether you say that correctly. Aluminum? Aluminum.
Well, now this data, this data which was feeding the bot, this data which was previously available for $30,000 reduced to $10.
That's now available for everyone at the bargain price of zero. Anyone can now go and get it.
Now, you would imagine that this is a PR disaster for Facebook, that everyone's talking about this, and that Facebook's corporate communications departments have leapt into action with a really strong message to reassure people.
And what they've said is they've said, this is old data that was previously reported on in 2019. We found and fixed this issue in August 2019.
Well, now this data, this data which was feeding the bot, this data which was previously available for $30,000 reduced to $10.
That's now available for everyone at the bargain price of zero. Anyone can now go and get it.
Now, you would imagine that this is a PR disaster for Facebook, that everyone's talking about this, and that Facebook's corporate communications departments have leapt into action with a really strong message to reassure people.
And what they've said is they've said, this is old data that was previously reported on in 2019. We found and fixed this issue in August 2019.
We just didn't tell anybody.
Well, the thing is this, right? They might have fixed the vulnerability to stop any more data leaking out, but that doesn't mean the data is old.
It might have been grabbed, you know, maybe a year and a half ago. But I personally haven't changed my name since 2019. I haven't changed my email address, my sex, my phone number.
They call it old data. It still works.
It might have been grabbed, you know, maybe a year and a half ago. But I personally haven't changed my name since 2019. I haven't changed my email address, my sex, my phone number.
They call it old data. It still works.
You could get a facelift, Clue. You know, you're getting on. Maybe I'm just, it's just, you know, no judgment, man. No judgment.
So I'm rather unimpressed with that as a response. It feels to me like they just said, oh, nothing new here.
I'm shocked at their response. So there was no sorry in that, right?
Oh, no, there was no sorry. And they don't appear to have reached out to any of the affected users at this point.
Facebook, it seems to me, is trying to argue that this isn't really a data breach. It's just what you signed up for when you created a Facebook account.
Facebook, it seems to me, is trying to argue that this isn't really a data breach. It's just what you signed up for when you created a Facebook account.
Was it reported in 2019? Because I hadn't even heard this story.
So I've been searching around trying to find evidence of this, and I'm not sure. Maybe they talked about fixing a vulnerability, but I don't remember.
I mean, there have been instances before.
Facebook did, round about 2019, I remember they left probably not as many as half a billion records, but they left tens of millions of records on an unsecured Amazon Web Bucket, which then fell into people's hands.
I mean, there have been instances before.
Facebook did, round about 2019, I remember they left probably not as many as half a billion records, but they left tens of millions of records on an unsecured Amazon Web Bucket, which then fell into people's hands.
So they at the time were feeling super lucky, right?
So I think, you know, you can't really call this old data. It may have been grabbed two years ago, but the data's now accessible to many more people who could exploit it.
And so what's the danger of this, right, is not only that they know your sex and your vague location and, you know, all that kind of information, but your phone number.
And if they know your phone number, they could potentially hijack your phone number. You know, we talk a lot about these sort of SIM jacking things.
And so what's the danger of this, right, is not only that they know your sex and your vague location and, you know, all that kind of information, but your phone number.
And if they know your phone number, they could potentially hijack your phone number. You know, we talk a lot about these sort of SIM jacking things.
SIM swap.
Yeah, SIM swaps where if you're using SMS as a form of two-factor authentication, which generally we say, look, don't use that for two-factor authentication, use something else instead.
But if you were using that, if the bad guys were able to hijack your phone number effectively, which we know from the past does work, then they could break into maybe not just your Facebook account, but other accounts as well.
Now they know the phone number associated with you, which isn't good.
But if you were using that, if the bad guys were able to hijack your phone number effectively, which we know from the past does work, then they could break into maybe not just your Facebook account, but other accounts as well.
Now they know the phone number associated with you, which isn't good.
Yeah.
Well, guess whose number was in the data leak along with half a billion other people?
I think I read this. Wasn't it Marky Mark himself?
Mark Zuckerberg. Wow. His phone number is in there.
Yeah.
Which means that anyone who grabs this data could, I suppose, give Mark a call. And one of the—
Should we do it right now?
Should we do it right now?
Come on.
So all those people, should we invite him on the show? Why not? Should we bring him up?
Yeah, just put your phone on speaker and call it, see what happens.
You know, I have so many people who email me saying, oh, I can't get into my Facebook account. They're basically trying to break into someone else's account.
You have a hotline to the Zucks now.
Yeah, exactly. People trying to break into Facebook accounts. I could say to them, look, call this guy. He knows how to do it. He can help you.
Now, one of the discoveries, once his phone number became public, people began to look for it in other services. And what they found was that Mark Zuckerberg has a Signal account.
He uses the end-to-end encrypted messaging service Signal, which of course is very privacy conscious.
Now, one of the discoveries, once his phone number became public, people began to look for it in other services. And what they found was that Mark Zuckerberg has a Signal account.
He uses the end-to-end encrypted messaging service Signal, which of course is very privacy conscious.
Not the one on WhatsApp?
Well, maybe he uses WhatsApp or Facebook Messenger as well, but he's... It's interesting that you also created an account on TikTok.
Yes, maybe his CISO made him, you know?
Yeah.
But you know what? Now people know his phone number, they could, I suppose, create bogus accounts, you know, with his name and details.
Oh, give me a break, he's gonna change his number.
Well, probably, I suppose so, until the next breach and then he'll have to change it again.
But he's gonna go through that horrible feeling though. If I had to change my number, of course you would, but it'd be annoying. It's losing your wallet, right? It's oh God.
Yeah, horrendous.
Well, there you go. Poor you, Mark.
Because of the scale of the problem and public interest, Troy Hunt of Have I Been Pwned has made a change to his service.
So you can now search for your phone number rather than your email address to see if it might have been breached, which seems like a good idea to me.
But by the way, the interesting thing about Signal, I think, is I generally like Signal. I use Signal. You use Signal, don't you, Carole?
It's quite a good encrypted messaging service.
So you can now search for your phone number rather than your email address to see if it might have been breached, which seems like a good idea to me.
But by the way, the interesting thing about Signal, I think, is I generally like Signal. I use Signal. You use Signal, don't you, Carole?
It's quite a good encrypted messaging service.
It took you a while to use it, actually. It took you a while to use it. I've been using it for a while.
Observations about it was that you have to associate your phone number with your account when you create an account, which I've never liked.
And some of the services don't require that. And here's an indication of why that's not such a good idea, because now everyone knows Zook is on Signal. So it's not good.
But anyway, for the rest of us, this leak could allow bad guys to exploit the information— social engineering, scams. So watch out for spam calls, etc., etc.
And if this is the thing which makes you want to quit Facebook, check out Smashing Security episode 75.
And some of the services don't require that. And here's an indication of why that's not such a good idea, because now everyone knows Zook is on Signal. So it's not good.
But anyway, for the rest of us, this leak could allow bad guys to exploit the information— social engineering, scams. So watch out for spam calls, etc., etc.
And if this is the thing which makes you want to quit Facebook, check out Smashing Security episode 75.
No, seriously, just get off Facebook. You guys can live. You can live without Facebook. Nina, can I ask, are you on Facebook? No. You're not. You see, and she's great, guys.
You see?
There you are. All the cool cats aren't on Facebook.
Isn't it mostly the older demographic? I feel it's my mother-in-law. Spreading disinformation.
I wouldn't know what to do if I was on TikTok, for instance. I can't do the dance moves, for one thing.
Couldn't you play chess or something?
Do they have chess?
To Lionel Richie? Something that?
Oh, I'd love that.
Slow, slow, you know. Hello.
Nina, talk to us all about deepfakes.
So I guess the obvious place to start is just, what is it?
And essentially, a deepfake is a piece of synthetic media, that's to say, a piece of media that's been either manipulated by artificial intelligence or entirely generated by artificial intelligence.
And it can come in the form of video, audio, or images.
And the really amazing ability of AI to actually make fake media, in some cases from scratch, is really nascent and is due to the revolution in deep learning over the past decade, which has to do with the masses of data availability and the ability of computers to churn through it all.
And that's really only been possible for about 5 years. 2014 was the first big breakthrough paper.
But since then, since it started emerging on the bleeding edge of AI research, it's really hit the public imagination.
And one of the astonishing things about synthetic media is AI's ability to recreate humans. And this is manifesting in two ways. So scary.
It is scary because until now, all the best special effects or CGI, computer graphics, there's this idea of something called uncanny valley.
And that's the more you try to make something look or appear human and it's not, the more it becomes unnatural until it evokes almost a reaction of disgust in us.
So that's why creepy robots are—
And essentially, a deepfake is a piece of synthetic media, that's to say, a piece of media that's been either manipulated by artificial intelligence or entirely generated by artificial intelligence.
And it can come in the form of video, audio, or images.
And the really amazing ability of AI to actually make fake media, in some cases from scratch, is really nascent and is due to the revolution in deep learning over the past decade, which has to do with the masses of data availability and the ability of computers to churn through it all.
And that's really only been possible for about 5 years. 2014 was the first big breakthrough paper.
But since then, since it started emerging on the bleeding edge of AI research, it's really hit the public imagination.
And one of the astonishing things about synthetic media is AI's ability to recreate humans. And this is manifesting in two ways. So scary.
It is scary because until now, all the best special effects or CGI, computer graphics, there's this idea of something called uncanny valley.
And that's the more you try to make something look or appear human and it's not, the more it becomes unnatural until it evokes almost a reaction of disgust in us.
So that's why creepy robots are—
I got that when I watched the Polar Express movie. Do you remember that? It was a CGI Disney-ish movie with Thom Hanks doing all the voices.
This Christmas thing on a train, and it had all these humans, but there was something a bit spooky about them all. They were trying to look humans, but they weren't quite doing it.
And the fact it was Thom Hanks as well made me slightly uncomfortable as well, because I'm not a big Thom Hanks fan.
But yeah, it just felt weird because it was almost there but not quite.
This Christmas thing on a train, and it had all these humans, but there was something a bit spooky about them all. They were trying to look humans, but they weren't quite doing it.
And the fact it was Thom Hanks as well made me slightly uncomfortable as well, because I'm not a big Thom Hanks fan.
But yeah, it just felt weird because it was almost there but not quite.
Exactly. And not to mention that, you know, he's a QAnon leader, right? Or he's leading— sorry, he's leading the Hollywood pedophile circle. Yeah, no, I find Thom Hanks creepy too.
You know this theory, right?
You know this theory, right?
These are Nina Schick's opinions, not necessarily the opinion of our podcast.
That was obviously sarcastic. For the record, I don't think Thom Hanks is leading a pedophile ring in Hollywood. But anyway, so—
No, no.
But anyway, so—
I know he's gonna have a heart attack. This is not good. It's gonna— live on the air, live on the show. There he goes. Oh boy. One more and we're in trouble. Right.
So this amazing ability of AI to bridge uncanny valley is manifesting in two ways.
The first is the use of deepfakes or synthetic media to create entirely AI-generated people who don't exist.
And a good example of that is if you go to the website thispersondoesnotexist.com, every time you refresh the page, that's a GAN-generated image of a human who doesn't exist, and they look so real that you or I wouldn't be able to tell that that's not an authentic image, that's a synthetic image.
The first is the use of deepfakes or synthetic media to create entirely AI-generated people who don't exist.
And a good example of that is if you go to the website thispersondoesnotexist.com, every time you refresh the page, that's a GAN-generated image of a human who doesn't exist, and they look so real that you or I wouldn't be able to tell that that's not an authentic image, that's a synthetic image.
Even in the time that I've known of that site, it has improved.
Oh, has it?
Exactly. Yep, yep, it really has. It's unbelievable.
That website is only images, right? So it's actually the easiest challenge when it comes to synthetic media, and that's already basically perfect.
But as the technology accelerates, it's going to be the same with synthetic voices and also synthetic film, right? So videos.
But the second way this amazing ability of AI to recreate humans is manifesting is in its ability to clone real humans, right? And hijack biometrics.
Because all that you need to do in order to recreate someone synthetically is get the right training data.
In this case, it might be images of that person, video of that person, or audio of that person's voice, and train your algorithms on that training data in order to basically clone that person.
And here's an example of how scary quick this technology is advancing.
At the time deepfakes first came out at the end of 2017, in order to synthetically recreate someone's voice, it was really difficult.
And I was working with an AI company at the time, and we were running experiments to see how easy or difficult it would be to synthetically recreate Donald Trump.
And we had to use hours and hours of his voice for training data to train our algorithms, you know, 3 or 4 months. And in the end, we had something that sounded a bit like him.
I mean, it was pretty impressive, you know, that this was all AI-generated, but it didn't sound perfectly like him.
But I can actually provide for your show notes, we did a little article at the time with, I think it was CNBC, where we did a little quiz where it's like, can you guess which one's real Trump or fake Trump?
But as the technology accelerates, it's going to be the same with synthetic voices and also synthetic film, right? So videos.
But the second way this amazing ability of AI to recreate humans is manifesting is in its ability to clone real humans, right? And hijack biometrics.
Because all that you need to do in order to recreate someone synthetically is get the right training data.
In this case, it might be images of that person, video of that person, or audio of that person's voice, and train your algorithms on that training data in order to basically clone that person.
And here's an example of how scary quick this technology is advancing.
At the time deepfakes first came out at the end of 2017, in order to synthetically recreate someone's voice, it was really difficult.
And I was working with an AI company at the time, and we were running experiments to see how easy or difficult it would be to synthetically recreate Donald Trump.
And we had to use hours and hours of his voice for training data to train our algorithms, you know, 3 or 4 months. And in the end, we had something that sounded a bit like him.
I mean, it was pretty impressive, you know, that this was all AI-generated, but it didn't sound perfectly like him.
But I can actually provide for your show notes, we did a little article at the time with, I think it was CNBC, where we did a little quiz where it's like, can you guess which one's real Trump or fake Trump?
All right.
And it was pretty much, even at the time, it was almost 50/50, even though the voice then wasn't pitch perfect.
But now in 2021, 3 years later, and there are already companies out there who say they need 5 seconds of somebody's voice in order to be able to recreate their voice perfectly using AI.
So obviously from a—
But now in 2021, 3 years later, and there are already companies out there who say they need 5 seconds of somebody's voice in order to be able to recreate their voice perfectly using AI.
So obviously from a—
5 seconds?
5 seconds.
That's astonishing, isn't it? Because of course he could have used that as a defense. Remember the whole Access Hollywood tape when he was on that bus and he was—
Exactly.
Oh yeah, no, we all forgot about that.
All the locker room talk. But, you know, he could have said, look, this isn't me.
'This has been deliberately manufactured.' And that's the other problem, I suppose, with deepfakes, is not just dodgy content, but also that things that really did happen can be excused or explained away.
'This has been deliberately manufactured.' And that's the other problem, I suppose, with deepfakes, is not just dodgy content, but also that things that really did happen can be excused or explained away.
That's already happening.
Yeah.
And you're spot on to notice that, because I think most people are always like, 'Oh my God, that's crazy. Anyone can create fake media of me.' But the more profound effect...
Because right now the technology isn't ubiquitous.
And I should say that the other really potentially scary thing about deepfakes is that the AI is going to do the heavy lifting, right?
So creating this kind of sophisticated fake content before would have been only in the domain of an extremely well-resourced actor like a Hollywood studio or a state actor.
But AI is going to democratize it. So by the end of the decade, it will be accessible to anyone with no special skills, no big budgets, and on easy to use platforms.
To use interfaces like software, smartphone apps, things like that.
But before that happens, the malicious effects of deepfakes and synthetic media is already that it undermines trust in all authentic media.
And that's a phenomenon called the liar's dividend. And as for Trump, he already started saying that about the, you know, the grab them by the pussy tape in 2017.
I mean, in 2016, he said okay, locker room talk. Yeah, he apologized churlishly. By 2017, it was already saying it's a fake.
Because right now the technology isn't ubiquitous.
And I should say that the other really potentially scary thing about deepfakes is that the AI is going to do the heavy lifting, right?
So creating this kind of sophisticated fake content before would have been only in the domain of an extremely well-resourced actor like a Hollywood studio or a state actor.
But AI is going to democratize it. So by the end of the decade, it will be accessible to anyone with no special skills, no big budgets, and on easy to use platforms.
To use interfaces like software, smartphone apps, things like that.
But before that happens, the malicious effects of deepfakes and synthetic media is already that it undermines trust in all authentic media.
And that's a phenomenon called the liar's dividend. And as for Trump, he already started saying that about the, you know, the grab them by the pussy tape in 2017.
I mean, in 2016, he said okay, locker room talk. Yeah, he apologized churlishly. By 2017, it was already saying it's a fake.
Wow.
And I mean, astonishingly, I saw that even in the context of a piece of video that was so powerful, right?
Because it was the George Floyd death video that united millions of people, not only in the United States, right, but around the world in protest, because that was so visceral, so powerful.
It was so symbolic.
At the time, as I was watching that, I didn't watch the whole video because it was too brutal, but as I was watching this anti-racism movement unfold and also picking up on how polarizing it was politically, I was thinking to myself, you know, it won't be long before the authenticity of that video is litigated.
And it happened two weeks afterwards, and it didn't come from some kind of 4chan troll or anonymous person on the web, but an actual African-American candidate who is standing for the House.
She has a PhD. Her name is Dr. Winnie Hartstrong, and she basically released a 23-page paper arguing that the entire George Floyd video is a deepfake hoax.
Because it was the George Floyd death video that united millions of people, not only in the United States, right, but around the world in protest, because that was so visceral, so powerful.
It was so symbolic.
At the time, as I was watching that, I didn't watch the whole video because it was too brutal, but as I was watching this anti-racism movement unfold and also picking up on how polarizing it was politically, I was thinking to myself, you know, it won't be long before the authenticity of that video is litigated.
And it happened two weeks afterwards, and it didn't come from some kind of 4chan troll or anonymous person on the web, but an actual African-American candidate who is standing for the House.
She has a PhD. Her name is Dr. Winnie Hartstrong, and she basically released a 23-page paper arguing that the entire George Floyd video is a deepfake hoax.
Oh my God, disgusting.
And that George Floyd had died in 2016 and that at the hands of Thom Hanks. Yeah, exactly.
That the guy in the video is an ex-NBA basketball player who looks a little bit like George Floyd, and that George Floyd's face had been swapped onto his, and that the police officer Derek Chauvin is this retired game show host.
And she didn't— I saw it. Yeah, it's crazy. You should read the paper. The thing is, I saw it because I was obviously monitoring this phenomenon known as the liar's dividend.
And in 2020, okay, it didn't get that much currency, but she still launched a website, she went on numerous podcasts, you know, she was really outspoken on social media about her theories.
But in 2024, or in 2028, or in 2030, where there is no more trust in the information ecosystem, people will— the information ecosystem will be inundated with synthetic media, and nobody will know, we won't be able to tell what's authentic, what's synthetic.
You can see how even a video like that, which is still widely accepted as something that happened today, will just become a matter of opinion.
That the guy in the video is an ex-NBA basketball player who looks a little bit like George Floyd, and that George Floyd's face had been swapped onto his, and that the police officer Derek Chauvin is this retired game show host.
And she didn't— I saw it. Yeah, it's crazy. You should read the paper. The thing is, I saw it because I was obviously monitoring this phenomenon known as the liar's dividend.
And in 2020, okay, it didn't get that much currency, but she still launched a website, she went on numerous podcasts, you know, she was really outspoken on social media about her theories.
But in 2024, or in 2028, or in 2030, where there is no more trust in the information ecosystem, people will— the information ecosystem will be inundated with synthetic media, and nobody will know, we won't be able to tell what's authentic, what's synthetic.
You can see how even a video like that, which is still widely accepted as something that happened today, will just become a matter of opinion.
Yeah. And think of the history channels in 20 years, 30-year time, they're going to be able to just fake everything. Yeah, I saw a website.
I don't even know where I was somewhere on my feeds. But it was, oh, see people you basically upload a picture of someone that has died is the concept, right?
Say your grandmother, and then they'll make that picture move in a way that she'll—
I don't even know where I was somewhere on my feeds. But it was, oh, see people you basically upload a picture of someone that has died is the concept, right?
Say your grandmother, and then they'll make that picture move in a way that she'll—
It's Deep Nostalgia.
Deep Nostalgia. There you go.
And that's actually had a lot of good press because people have been, wow, it's like bringing a loved one back to life.
There's a really profound philosophical debate to be had here because, as I said, this unique ability of AI to recreate someone's biometrics is relevant even to those who are dead, right?
You literally have this ability to resurrect the dead. So there's some amazing deepfake content out there on YouTube.
Right now, there is a project which is about resurrecting James Dean, you know, the dead actor, in a film synthetically to make an entire new movie with, this is something being worked out with James Dean's estate.
There's a really profound philosophical debate to be had here because, as I said, this unique ability of AI to recreate someone's biometrics is relevant even to those who are dead, right?
You literally have this ability to resurrect the dead. So there's some amazing deepfake content out there on YouTube.
Right now, there is a project which is about resurrecting James Dean, you know, the dead actor, in a film synthetically to make an entire new movie with, this is something being worked out with James Dean's estate.
Didn't this start off with ABBA, Graham?
ABBA?
Didn't ABBA do a tour recently, and it was kind of mini-AI where they were—
Holograms of how they looked in the '70s. Yeah!
You see how far we've come? Yeah.
And didn't Kanye West resurrect Kim Kardashian's dad or something?
He did.
It was on Instagram to say what an amazing guy Kanye West was, which is what Kim had to say on stage.
Just, oh my God.
So, Nina, whenever I hear about deepfake technology and all this synthetic media and things, I can't help but feel that we're going to hell in a hay cart.
And it feels like the end of civilization as we know it. Am I right to think that? Are we all completely and utterly doomed, or is there any chance we're going to survive this?
Because I feel quite negatively about it all.
And it feels like the end of civilization as we know it. Am I right to think that? Are we all completely and utterly doomed, or is there any chance we're going to survive this?
Because I feel quite negatively about it all.
No, we're not going to hell in a handcart. I mean, I felt pretty negatively about it when I first learned about it because I was coming at it from a disinformation angle.
And the first use case of deepfake technology, widespread malicious use case, is in non-consensual pornography. I mean, it's really similar to the origins of the internet, right?
When people are, oh, this thing will never take off, this is just for weirdos who want to share porn.
And, you know, look at us 30 years later where, you know, the internet is synonymous with—
And the first use case of deepfake technology, widespread malicious use case, is in non-consensual pornography. I mean, it's really similar to the origins of the internet, right?
When people are, oh, this thing will never take off, this is just for weirdos who want to share porn.
And, you know, look at us 30 years later where, you know, the internet is synonymous with—
Was it ABBA? Was it Benny and Björn who were in these porn videos? Or what was the—
No, no.
Disturbing. It was actually Maisie Williams and, you know, these actresses who had been introduced to us as children.
But since then, there's been an entire deepfake porn ecosystem that's flourished online. It's a uniquely gendered phenomenon.
There is no deepfake porn of men, but every single female celebrity or K-pop star, Ivanka Trump, Ann Coulter, you name it, you can find deepfake fake porn of almost every woman in the public eye.
But alarmingly, it's not just famous women who are targeted. It's increasingly normal women as well.
But since then, there's been an entire deepfake porn ecosystem that's flourished online. It's a uniquely gendered phenomenon.
There is no deepfake porn of men, but every single female celebrity or K-pop star, Ivanka Trump, Ann Coulter, you name it, you can find deepfake fake porn of almost every woman in the public eye.
But alarmingly, it's not just famous women who are targeted. It's increasingly normal women as well.
I feel so incensed, though, that there is no way that you can fight back, right?
So if someone uses your image, and someone uses your voice, and someone makes you do something that you're completely not comfortable with or didn't agree to, there's absolutely fuck all you can do.
So if someone uses your image, and someone uses your voice, and someone makes you do something that you're completely not comfortable with or didn't agree to, there's absolutely fuck all you can do.
There's fuck all you can do.
And right now, if you are the victim of deepfake porn, and there were early instances where they basically put women's faces into authentic porn videos, right?
So if you wanted to have that content taken down, it was better to try and get a copyright claim from the production company that made the actual porn film.
And right now, if you are the victim of deepfake porn, and there were early instances where they basically put women's faces into authentic porn videos, right?
So if you wanted to have that content taken down, it was better to try and get a copyright claim from the production company that made the actual porn film.
Oh my God.
But you know what, I've been talking a lot with people in the security industry.
And you know, there has to be some kind of products and services developed for individuals, because what could be more damaging than having your identity hijacked in this way?
So going back to Graham's question, though, there are obviously devastating downsides, and this technology is going to be weaponized not only against women.
I actually find the porn case study as a harbinger of what's to come, right?
Because this principle that you can clone anyone and hijack anyone's biometrics is obviously going to be used in fraud, right? Obviously going to be used for spear phishing.
Obviously, and we're starting to see the first instances of that.
There was a case in 2019 where the CEO of a British energy company was conned out of a quarter of a million dollars because he thought he was speaking to the CEO of his parent company, but it was actually fraudsters using AI-assisted voice technology.
But more than that, it is actually a paradigm change in the way that we communicate and actually the way that we perceive the world, because it's going to transform entire industries like fashion, entertainment, sport.
It's not only going to be used for bad, but it's also being used for real good.
There are companies out there that are using synthesized voice to help people who've lost their ability to speak through stroke or Parkinson's or any number of diseases, you know, to resurrect their voice, give them a voice back.
So again, it's far too basic to say, oh, this is all bad. You know, of course the technology is going to be weaponized by malicious actors.
However, to me, it's just another case study of the profound technology-led exponential changes that are happening to our society.
I mean, arguably, we're going to see more change in our lifetime than the entirety of humanity that came before us did, right?
And you know, there has to be some kind of products and services developed for individuals, because what could be more damaging than having your identity hijacked in this way?
So going back to Graham's question, though, there are obviously devastating downsides, and this technology is going to be weaponized not only against women.
I actually find the porn case study as a harbinger of what's to come, right?
Because this principle that you can clone anyone and hijack anyone's biometrics is obviously going to be used in fraud, right? Obviously going to be used for spear phishing.
Obviously, and we're starting to see the first instances of that.
There was a case in 2019 where the CEO of a British energy company was conned out of a quarter of a million dollars because he thought he was speaking to the CEO of his parent company, but it was actually fraudsters using AI-assisted voice technology.
But more than that, it is actually a paradigm change in the way that we communicate and actually the way that we perceive the world, because it's going to transform entire industries like fashion, entertainment, sport.
It's not only going to be used for bad, but it's also being used for real good.
There are companies out there that are using synthesized voice to help people who've lost their ability to speak through stroke or Parkinson's or any number of diseases, you know, to resurrect their voice, give them a voice back.
So again, it's far too basic to say, oh, this is all bad. You know, of course the technology is going to be weaponized by malicious actors.
However, to me, it's just another case study of the profound technology-led exponential changes that are happening to our society.
I mean, arguably, we're going to see more change in our lifetime than the entirety of humanity that came before us did, right?
Yeah. Fuck you, Industrial Age. You thought you had it in the bag.
Yeah. Yeah.
Exactly. So then it's about how do we build a society that is fit for purpose?
Because a lot of our institutions, for example, our legal system, you can't deal with the challenge of deepfake porn with the existing legal system. What do you do?
How do you reconstruct society so it's fit for purpose? That's really the big question.
Because a lot of our institutions, for example, our legal system, you can't deal with the challenge of deepfake porn with the existing legal system. What do you do?
How do you reconstruct society so it's fit for purpose? That's really the big question.
Yeah, and I'm guessing you don't have an answer yet. That's a big one.
Oh, not just yet. I just diagnosed the problem.
Well, Graham, any answers? You like to think you're quite smart.
Maybe on next week's episode.
Okay, excellent.
Carole, what have you got for us?
Okay, we're going to lighten the tone a little bit. April Fools'. You guys fans?
You know, a few years ago, I liked an April Fool's. I used to quite enjoy it. And I think something has changed in the world in the last 5 years or so and I'm finding—
You got old.
I got old. I'm getting a little bit tired of it. Corporate April Fools' in particular. It's just a little bit like, oh, really? You know, isn't the world—
You are outrageous. You used to do corporate April Fools' all the time.
When I did them, but when I decided that their time had gone, then it was right time for everyone else to stop doing them as well.
What about you, Nina?
I think my only interaction with April Fools', nobody I know seems to do it. They all forget it. It's just my one friend, and she always does something really lame.
If you want an April Fools' buddy, I'll be it, because I love a good—
I have been the victim of some of Carole's April Fools' on many occasions, and her April Fools' are really mean. So, oh, like Carole.
So the year I just had my daughter, you know, I'd just literally gone through this amazing experience of motherhood and giving birth and felt very empowered and, you know, willing, wanting to talk to all other women who are going through the same experience about how great it could be.
And so she texts me and she's like, I'm pregnant.
And so she texts me and she's like, I'm pregnant.
I'm like, oh my God, I'm so happy for you!
Let's talk, I have so much to tell you about.
And calling her, and you're crying with joy and hormones.
Yeah, yeah, yeah.
And she just screened my calls and then was "Sorry, I'm busy.
April Fools." Wow.
Yeah.
So, don't you feel lucky, Graham? That never happened to you.
No.
Yeah.
Don't do that to a hormonal new mother. It's just mean.
But even as a professional, Graham, when we were in the corporate space, we both used to enjoy doing some April Fools.
We convinced the people that wear the blue Brooks Brothers shirts and the sports slacks to let us put out some outrageous April Fools, which, you know, maybe today would be considered irresponsible.
But at the time, in the olden days, they were quite fun. And I agree, I think now it would be a bit remiss to do it.
I don't think I would be doing it if I was in, you know, a head of a corporate entity, you know. And it's actually the second year that Google doesn't do April Fools.
We convinced the people that wear the blue Brooks Brothers shirts and the sports slacks to let us put out some outrageous April Fools, which, you know, maybe today would be considered irresponsible.
But at the time, in the olden days, they were quite fun. And I agree, I think now it would be a bit remiss to do it.
I don't think I would be doing it if I was in, you know, a head of a corporate entity, you know. And it's actually the second year that Google doesn't do April Fools.
Oh really?
They did a load of them.
Ah, they've stopped, have they?
They're the old pranksters. Yeah, yeah, yeah. They're the old pranksters. Yeah, they—
They're the big boys now.
Yeah, they had in 2013, they introduced a smell feature on their browser. That's what they announced. Yeah. And in 2018, they hid Waldo in various Google Maps for kids to find.
So I thought that was cool.
So I thought that was cool.
Oh, that's nice though.
That's nice. That's nice.
Yeah, that's not tricking anyone. It's just a bit of fun. Yeah.
Evil. Yeah.
So I have found, however, that a number of corporations decided to go ahead and do some April Fools', and I thought we'd go through them and you guys could say success or fail.
So Sky Mobile, okay, they announced this year that they were launching a new SIM tariff for pet owners so they could continue to share more pictures of their pets online.
And they claimed that there was free data allowance for a whole year.
So I have found, however, that a number of corporations decided to go ahead and do some April Fools', and I thought we'd go through them and you guys could say success or fail.
So Sky Mobile, okay, they announced this year that they were launching a new SIM tariff for pet owners so they could continue to share more pictures of their pets online.
And they claimed that there was free data allowance for a whole year.
Well, that sounds like a wonderful idea.
So, yeah, hahaha, no, there isn't.
Now that sounds like a really shitty thing to say, doesn't it?
Fail!
That's not an April Fool's, that's just lying.
It's just being mean. Yeah, it's saying we have something and yeah.
Yeah, and then taking it away.
It's like the pet version of my mother's story.
Yeah, exactly. I had a cat, he was my baby. I would die if— Yeah, anyway, I would have totally been all over that. Okay, number 2, Volkswagen.
The automaker briefly posted, then removed, a press release on its website announcing it was changing its name to Voltswagen in an effort to promote electric vehicle purchases.
The automaker briefly posted, then removed, a press release on its website announcing it was changing its name to Voltswagen in an effort to promote electric vehicle purchases.
Oh. That sounds a good idea. They should do that, shouldn't they?
Yes, right? The whole idea was a public declaration of the company's future forward investment in e-mobility. And now this was on April Fools', this went out.
And you're thinking, okay, so it was a joke. It was a joke.
And you're thinking, okay, so it was a joke. It was a joke.
It's not. Well, you say it's a joke. It's not a funny joke, is it?
No, it's not a funny joke.
It's just— but Graham, it's a pun. As an Englishman—
German.
Well, every Englishman loved a pun.
They are German, Graham. They are German.
Maybe in Germany it's funny, but—
I'm half German.
They're not funny. Right. They're not funny, really. They're not funny. I've watched a lot of German TV when I was there. Yeah, it's not funny. It's not funny.
Now, the car industry influencers, right, say this is super not funny.
Thom Morton, chief strategy officer at New York advertising firm, said, "This is mainly being done by fast food brands where the stakes are lower and they need a bit of hoopla." Okay, you shouldn't be joking about electric car branding.
Now, the car industry influencers, right, say this is super not funny.
Thom Morton, chief strategy officer at New York advertising firm, said, "This is mainly being done by fast food brands where the stakes are lower and they need a bit of hoopla." Okay, you shouldn't be joking about electric car branding.
It doesn't sound like he's very much fun either.
I think it's fun.
That's even worse than the pun, I think, his response.
Yeah, I think it's funny now. Yeah, exactly.
Based on his response.
Now, it's interesting. It's interesting. So, yeah, Volkswagen, Volkswagen, yawn. Come on, right? Not really.
You wouldn't write about that in your top 10, you know, top April Fools, really, whatever.
You wouldn't write about that in your top 10, you know, top April Fools, really, whatever.
No, no, not that great.
Next, right? Next, next.
Try harder.
Yeah, so it's interesting that you brought up fast foods because Deliveroo also got a spotlight.
So Deliveroo in France sent thousands of customers an email confirming an order, hilarious, get this, 38 anchovy pizzas, okay, worth 400 quid or about $500.
And this was sent to their inboxes for them to kind of receive and go, "Ah, zut alors, c'est drôle, poisson d'avril." Yeah.
So Deliveroo in France sent thousands of customers an email confirming an order, hilarious, get this, 38 anchovy pizzas, okay, worth 400 quid or about $500.
And this was sent to their inboxes for them to kind of receive and go, "Ah, zut alors, c'est drôle, poisson d'avril." Yeah.
Oh, it was a poisson d'avril.
Poisson d'avril, exactly. I'm trying to say it with an English accent because it's funnier. Poisson d'avril.
Now, according to the BBC, these fake invoices included the customer's first name, not the full name, but first name. I think that would have gone, hmm.
And preceded by the words, "Excellent choice." And Deliveroo added that as a loyalty reward, 50 sachets of hot sauce were going to be thrown in for free.
Now, according to the BBC, these fake invoices included the customer's first name, not the full name, but first name. I think that would have gone, hmm.
And preceded by the words, "Excellent choice." And Deliveroo added that as a loyalty reward, 50 sachets of hot sauce were going to be thrown in for free.
So did it say, "Psst, this was actually an April Fool's," or did it make people—
"Non, non, non, monsieur. Non, non, non." And that is why the Deliveroo customer base in France saw rouge. Okay.
One customer almost had a stroke on the BBC after receiving this fake order.
One customer almost had a stroke on the BBC after receiving this fake order.
I would if I thought I had an anchovy pizza coming my way. What a terrible thing to have to put—
I have something that's going to give you a stroke later. My last one is just for you. So you have to be careful. You're going to be— sit down and have a drink of water ready.
Loosen your tie.
Loosen your tie.
So this looked just like a regular confirmation. So if you had ordered pizzas from Deliveroo— Yeah. This email looks just like— so people would think—
There's so many problems in this. Number one, okay, I've got a little list here of things that piss me off about this.
Number one, many, many people in France, French people like me like anchovies. Okay, anchovies and bread is a normal thing.
There's a thing called pissaladière, which is like a kind of French tart with loads of anchovies on it. It's delicious.
Okay, so it's like me sending you 48, you know, I don't know, pepperoni pizzas to you. You'd be like, oh, maybe I did order that last night. You know, it's one of those things.
And also an invoice is not funny. What is an invoice funny? Like, when? Never! Like, if someone sent me an invoice for 38 hot pink toupees, I would be like, "Oh, oh, shit.
What happened? Husband? Husband?" Right?
But, you know, Deliveroo did face the music and apologize publicly, which— and it called it a failed April Fools' joke, which I think is fair.
You know, everyone's allowed to fail because the spirit of it was good. I saw—
Number one, many, many people in France, French people like me like anchovies. Okay, anchovies and bread is a normal thing.
There's a thing called pissaladière, which is like a kind of French tart with loads of anchovies on it. It's delicious.
Okay, so it's like me sending you 48, you know, I don't know, pepperoni pizzas to you. You'd be like, oh, maybe I did order that last night. You know, it's one of those things.
And also an invoice is not funny. What is an invoice funny? Like, when? Never! Like, if someone sent me an invoice for 38 hot pink toupees, I would be like, "Oh, oh, shit.
What happened? Husband? Husband?" Right?
But, you know, Deliveroo did face the music and apologize publicly, which— and it called it a failed April Fools' joke, which I think is fair.
You know, everyone's allowed to fail because the spirit of it was good. I saw—
Malheureusement, I saw. So their marketing department thought that would be a good idea. That's what amazes me is how this goes through the process, the chain of command.
Oh, get over yourself. You have worked with marketing departments. You have worked with many departments.
Yes, but something—
Very, very weird decisions. Come on.
But something like that would have to be approved by the head of French Deliveroo marketing or something. Why didn't they do something involving kangaroos?
Something more absurd, seeing as it's Deliveroo? Wouldn't that have been more amusing, or is that just my sense of humor?
Something more absurd, seeing as it's Deliveroo? Wouldn't that have been more amusing, or is that just my sense of humor?
Yeah, that is definitely just your sense of humor. Okay, see, again, jeu de mots, like you said, Nina. See, Deliveroo kangaroo, that's what he likes about it.
All right, Graham, this is the one to give you a heart attack, so don't, don't, you know, don't start breathing crazy yet.
Okay, so tweeting to his almost 8 million followers, Piers Morgan announced that ITV had offered him a return to Good Morning Britain after his exit from the show last month, having heavily criticized remarks by Meghan Markle.
All right, Graham, this is the one to give you a heart attack, so don't, don't, you know, don't start breathing crazy yet.
Okay, so tweeting to his almost 8 million followers, Piers Morgan announced that ITV had offered him a return to Good Morning Britain after his exit from the show last month, having heavily criticized remarks by Meghan Markle.
Yeah, he's just desperate for attention, isn't he? So he said that as an April Fool's—
Has he not started his own YouTube channel yet?
I think he's waiting for GMB or whatever that— what are they called?
Oh right, Andrew Neil's bunch are gonna scoop him up, I suspect. So what he— and everyone—
Yeah, yeah, yeah.
Did anyone laugh at that?
Well, I don't know.
You follow him on Twitter, you tell me. I don't do that stuff.
No, I do not. I've actually— he's blocked me.
Has he?
Has he really?
Yes.
Were you trolling? What did you do?
I was once contacted by, publicly via Twitter by one of the researchers on the— on Good Morning Britain asking if I could come on the sofa to talk about something. Something.
And I said, every time I think of Piers Morgan, I throw up a little bit in my mouth, I said.
And so that got— I did tag him on that reply, and that got me a bit of a dick move, actually.
And I said, every time I think of Piers Morgan, I throw up a little bit in my mouth, I said.
And so that got— I did tag him on that reply, and that got me a bit of a dick move, actually.
Wow.
No, I mean, he must get so much, you know, stuff like that every day. So it's amazing that he just, like, blocks everyone who might—
I suspect he's blocked quite a few. Yeah, he's not my cup of tea.
No, he's a bit of an empty. Anyway, there you go.
You know, April Fools', maybe not a good idea until people get back on their feet, especially trying to charge them cash and 500 quid when people are trying to scrape their money together for monthly outgoings.
So, you know, tap on wrist for that, not well thought out. But, you know, I do think that I don't want the April Fools' joke to go away.
I think there should be one day, there's like, you know.
You know, April Fools', maybe not a good idea until people get back on their feet, especially trying to charge them cash and 500 quid when people are trying to scrape their money together for monthly outgoings.
So, you know, tap on wrist for that, not well thought out. But, you know, I do think that I don't want the April Fools' joke to go away.
I think there should be one day, there's like, you know.
Maybe they're okay to do in your own home, Carole. Maybe they're all right to do in your family, but they shouldn't be done by a corporation.
Yes, I think they should be done by corporations.
I think it can show the true spirit of humanity, that the people that power corporations, and they should be accountable for their thing, but you know, they should put their brains together, come up with something good.
You know, after all, they're being paid. Geez, mine, I could come up with 5 better ones than this off the top of my head. Ah, honestly.
I think it can show the true spirit of humanity, that the people that power corporations, and they should be accountable for their thing, but you know, they should put their brains together, come up with something good.
You know, after all, they're being paid. Geez, mine, I could come up with 5 better ones than this off the top of my head. Ah, honestly.
Using a password manager like 1Password can help increase productivity and save you money. How does it do that?
Well, a password generator tool creates strong, unique passwords that are saved and filled in automatically.
Features like Watchtower alert you to any issues with your employees' accounts, giving you oversight and more security control, and you can get notified immediately when a breach occurs with domain breach reports.
Find out more. Check out 1Password for yourself at 1password.com. And thanks to 1Password for supporting the show.
Well, a password generator tool creates strong, unique passwords that are saved and filled in automatically.
Features like Watchtower alert you to any issues with your employees' accounts, giving you oversight and more security control, and you can get notified immediately when a breach occurs with domain breach reports.
Find out more. Check out 1Password for yourself at 1password.com. And thanks to 1Password for supporting the show.
Protect your workforce with simple, powerful access security from Duo, powered by Cisco. The rapid expansion of remote work has presented challenges for all of us.
At Duo Security, it's their mission to make application access more secure for organizations of all sizes.
Its modern access security is designed to safeguard all users, devices, and applications so you can stay focused on what you do best.
So, want to proactively reduce the risk of a data breach, verify users' identities, gain visibility into every device, and enforce policies to secure access to every single application?
Thought you would. Why not give your organization the peace of mind that only complete device visibility can bring? Visit duo.com to sign up for a 30-day trial. That's duo.com.
I mean, how easy is that to remember?
At Duo Security, it's their mission to make application access more secure for organizations of all sizes.
Its modern access security is designed to safeguard all users, devices, and applications so you can stay focused on what you do best.
So, want to proactively reduce the risk of a data breach, verify users' identities, gain visibility into every device, and enforce policies to secure access to every single application?
Thought you would. Why not give your organization the peace of mind that only complete device visibility can bring? Visit duo.com to sign up for a 30-day trial. That's duo.com.
I mean, how easy is that to remember?
And welcome back, and you join us for our favorite part of the show, the part of the show that we like to call Pick of the Week.
Pick of the Week. Pick of the Week.
Pick of the Week is the part of the show where everyone chooses something they like.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. Doesn't have to be security-related necessarily.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. Doesn't have to be security-related necessarily.
Mm, better not be.
Well, my Pick of the Week this week is not security-related. My Pick of the Week this week is all to do with video game consoles, and specifically old video game consoles.
And there is a wonderful section of the BBC archives.
I do love the BBC archives and trawling through it, which details the 8 generations of video game consoles with lots of retro TV clips from yesteryear, going back as far as Pong, if you remember Pong in 1972.
Oh my goodness. Apparently is when that came out. The Grandstand, which is called something else in America. I can't remember what.
The Atari 2600, and then onto the Nintendo, Sonys, Microsofts, and et cetera, et cetera. Some feature friend of the show, Rory Cellan-Jones.
And there is a wonderful section of the BBC archives.
I do love the BBC archives and trawling through it, which details the 8 generations of video game consoles with lots of retro TV clips from yesteryear, going back as far as Pong, if you remember Pong in 1972.
Oh my goodness. Apparently is when that came out. The Grandstand, which is called something else in America. I can't remember what.
The Atari 2600, and then onto the Nintendo, Sonys, Microsofts, and et cetera, et cetera. Some feature friend of the show, Rory Cellan-Jones.
Oh, do they talk about ColecoVision? That's what I had. I had a ColecoVision.
Well, that may be there as well, Carole. It may well be there. I didn't really have a video games console when I was young. I just had a little home computer.
Shoelace to play with. Yeah.
Couple of twigs. That's how we made our entertainment in my day. But yes, I was always jealous of people.
Nina, what were you gonna say?
I'm just gonna say I have no idea what you guys are talking about.
Have you never had a gaming console? You've never been a gamer, online gamer?
No, no. I had a Game Boy.
Did you love it?
Super Mario. Yeah, I loved Super Mario. That was it. One Game Boy, one game. That was the limit of my experience.
Did you ever play three hours in one shot? Oh yeah, for sure. Okay. All right. You're on the team.
Anyway, I will put a link in the show notes where you can watch these little videos and read some more about the eight generations of video game consoles. So enjoy it.
And that's my pick of the week.
And that's my pick of the week.
Good one.
Nice one.
Nina, what's your pick of the week?
My pick of the week, keeping with my light theme, is very upbeat and optimistic. No, it's on BBC iPlayer now. It's actually Ridley Scott directed.
It is a documentary series called The Terror, and it's about the real-life story, one of the greatest mysteries of naval exploration.
It was the 1845 attempt to sail the Northwest Passage. So these two boats set off from England to try and sail from the Atlantic to the Pacific.
And the two ships, Erebus and the Terror, off they set, the best ships of their time.
And these two ships unfortunately got stranded in the Arctic ice, and they had three years of provisions, and they were sure that they'd be rescued.
But after I think it was two years, they decided that no one was coming for them, so they decided they had to trek out of there and try to make it into Northern Canada.
And it is just the craziest story because no one really knew what happened. They eventually, the ships just disappeared.
Many years later, they came across the bones of some of the survivors, and it turned out that they had turned to cannibalism in the bitter end. So—
It is a documentary series called The Terror, and it's about the real-life story, one of the greatest mysteries of naval exploration.
It was the 1845 attempt to sail the Northwest Passage. So these two boats set off from England to try and sail from the Atlantic to the Pacific.
And the two ships, Erebus and the Terror, off they set, the best ships of their time.
And these two ships unfortunately got stranded in the Arctic ice, and they had three years of provisions, and they were sure that they'd be rescued.
But after I think it was two years, they decided that no one was coming for them, so they decided they had to trek out of there and try to make it into Northern Canada.
And it is just the craziest story because no one really knew what happened. They eventually, the ships just disappeared.
Many years later, they came across the bones of some of the survivors, and it turned out that they had turned to cannibalism in the bitter end. So—
Oh, I was hoping it would have been poutine. No.
So it is a crazy real-life story, but the drama, the way that it's done, it is fantastic.
Yeah, because you're a history buff, aren't you?
Totally, total history buff.
I'm going to take that recommendation.
Oh, that sounds fantastic. That's totally up my street.
You'll binge-watch it. Yeah, it's very, very good.
Cool.
Yeah.
Good one. Thank you, Nina. That's excellent.
It's much better than my pick of the week, to be honest. Carole, what's your pick of the week?
Mine is also a kind of documentary on Netflix. It is a seven-part series called Pretend It's a City. And it's directed by Martin Scorsese.
And it features just one-person conversation interviews with Fran Lebowitz. Now you may not know who she is.
And it features just one-person conversation interviews with Fran Lebowitz. Now you may not know who she is.
Right.
But she moved to New York in the '70s, and then really soon started hobnobbing with all the arty crowd, really made it so Andy Warhol and Martin Scorsese became friends.
And, you know, they're friends still. She's in her 70s now. And she says of him, the kind of connection we have is really rare, as true love and romance. It's not the same.
But there's something chemical about it. Something just happened.
And, you know, they're friends still. She's in her 70s now. And she says of him, the kind of connection we have is really rare, as true love and romance. It's not the same.
But there's something chemical about it. Something just happened.
It's—
there's not really an explanation for it.
It's like you and me, Carole.
It is a little bit. It's a little bit.
Yeah.
It's not the same. It's not the same.
I'm Scorsese because I've got the eyebrows. And you know, you're the—
I kind of— I'm kind of in with this woman. I do really hope— Well, I hope to be like her, actually. I've now got a new goal.
So it's really, really brilliantly done because Scorsese's always behind the camera. You hardly see him. You see his shoulder, right? You hear an encouraging laugh.
You hear him nod her on. But it's all about Fran. And she's this kind of wit, raconteur person. And she's hilarious.
She's kind of— She'd hate me to— people are gonna hate me for saying this, but she's kind of like Diane Keaton and Woody Allen rolled into one with a sprinkle of, you know, I don't know what.
And she has this great hyperbole that comes out in her outrage, about New York, the lawn chairs that were put in New York cost $70 million. I mean, $70 million.
So she has a lot of that. Anyway, I love it.
So it's really, really brilliantly done because Scorsese's always behind the camera. You hardly see him. You see his shoulder, right? You hear an encouraging laugh.
You hear him nod her on. But it's all about Fran. And she's this kind of wit, raconteur person. And she's hilarious.
She's kind of— She'd hate me to— people are gonna hate me for saying this, but she's kind of like Diane Keaton and Woody Allen rolled into one with a sprinkle of, you know, I don't know what.
And she has this great hyperbole that comes out in her outrage, about New York, the lawn chairs that were put in New York cost $70 million. I mean, $70 million.
So she has a lot of that. Anyway, I love it.
I love it.
I love it.
She—
I thought, why haven't I never heard of her? But she hates the internet, hates the internet. Doesn't go near it. And she's never written a book.
She's just this kind of local star in a small New York pool. Anyway, go check it out. It's on Netflix. It's called Pretend It's a City with Fran Lebowitz and Martin Scorsese.
And I think it's fascinating. Good.
She's just this kind of local star in a small New York pool. Anyway, go check it out. It's on Netflix. It's called Pretend It's a City with Fran Lebowitz and Martin Scorsese.
And I think it's fascinating. Good.
Sounds good.
I think you will like it, both of you, based— Nina, just based on this conversation, I think you'd like it. She's kind of cool.
I would like—
And she's cool. She wears always this huge, almost military-like coat and these oversized jeans that are rolled up like one big roll and cowboy boots.
I mean, she's been doing that for 30, 40 years. I kind of feel like she's trapped in her look, but there you go.
I mean, she's been doing that for 30, 40 years. I kind of feel like she's trapped in her look, but there you go.
I'd quite like to be rolled into Diane Keaton. That's what I was thinking. There you are. You can leave Woody Allen out of it.
Anyway, on that note, that just about wraps it up for this week.
Nina, I'm sure lots of our listeners would love to follow you online and find out what you're talking about and learn more about you. What's the best way for folks to do that?
Anyway, on that note, that just about wraps it up for this week.
Nina, I'm sure lots of our listeners would love to follow you online and find out what you're talking about and learn more about you. What's the best way for folks to do that?
You can follow me on Twitter, Nina D Schick, or my website, NinaSchick.org.
Brilliant. And you can follow us on Twitter at Smashing Security, no G, Twitter won't allow us to have a G.
And we're also up on Reddit, so look for the Smashing Security subreddit up there.
And to ensure you never miss another episode, follow Smashing Security in your favorite podcast apps such as Spotify, Google Podcasts, and Apple Podcasts.
And we're also up on Reddit, so look for the Smashing Security subreddit up there.
And to ensure you never miss another episode, follow Smashing Security in your favorite podcast apps such as Spotify, Google Podcasts, and Apple Podcasts.
Huge, huge thank you to this episode's sponsors, Duo Security and 1Password, and to our wonderful Patreon community. It's thanks to all of them that this show's free for all.
And for episode show notes, sponsorship information, guest lists, and the entire back catalog of more than 221 episodes, check out smashingsecurity.com.
And for episode show notes, sponsorship information, guest lists, and the entire back catalog of more than 221 episodes, check out smashingsecurity.com.
Until next time, cheerio, bye-bye.
Bye-bye.
Bye. Yay!
Great.
How was it, Nina? Was it okay? Baptism of fire.
It was so fun. I loved it. You guys are great. You have an awesome dynamic. It's really, really fun being on.
It's because we hate each other. [Laughter]
Hosts:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Carole Theriault:
Guest:
Nina Schick – @NinaDSchick
Show notes:
- Stolen Data of 533 Million Facebook Users Leaked Online — Business Insider.
- Mark Zuckerberg is on Signal — Dave Walker on Twitter.
- The Facebook Phone Numbers Are Now Searchable in Have I Been Pwned — Troy Hunt.
- Facebook isn’t sorry for letting someone steal personal details of half a billion users — Graham Cluley.
- Smashing Security episode 75: Quitting Facebook.
- Deep Fakes – the coming infocalypse. — Nina Schick.
- This Person Does Not Exist.
- 'Deepfake' AI Trump impersonator highlights election fake news threat — CNBC.
- Past Google April Fools Pranks As It Cancels 2021's Over COVID — Newsweek.
- "Joke" tweet by Piers Morgan — Twitter.
- The joke is on Volkswagen after April Fool’s name change debacle — Al Jazeera.
- Deliveroo April Fool's joke backfires in France — BBC News.
- The 8 Generations of Video Game Consoles — BBC Archive.
- The Terror — BBC iPlayer.
- Pretend it's a city — Netflix.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
- Support us on Patreon!
Sponsor: 1Password
With 1Password you only ever need to memorize one password. All your other passwords and important information are protected by your Master Password, which only you know. Take the 14 day free trial now at 1password.com
Sponsor: Duo Security
While remote work has been on the rise for years now, the recent rapid expansion of work-from-home culture presents new security challenges. Duo Security makes application access more secure for organizations of all sizes. Its modern access security is designed to safeguard all users, devices, and applications – so you can stay focused on what you do best.
Proactively reduce the risk of a data breach, verify users’ identities, gain visibility into every device and enforce polices to secure access to every application. Give your organization the peace-of-mind that only complete device visibility can bring. Visit Duo.com to sign-up for a free 30 day trial.
Follow the show:
Follow the show on Bluesky at @smashingsecurity.com, on the Smashing Security subreddit, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, Spotify, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
