Boyfriends who are bots, Facebook’s checkmark charge, Twitter Blue, and Will Ferrell’s taunt of football fans…
All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
0:00
0:00
0:00
0:00
Show full transcript ▼
This transcript was generated automatically, probably contains mistakes, and has not been manually verified.
Are you feeling responsible?
No, I'm not feeling responsible. I don't think it's anything to do with me.
I think you should.
Why should it have anything to do with me?
You were oh, it's a badge of honor to get this tick so early on. I feel— and other people were you going, oh, I'm special, I have a little blue tick.
Smashing Security, episode 310, Verified Blue Ransomware, blue ticks, and horny AI chatbots with Carole Theriault and Graham Cluley.
Hello, hello, and welcome to Smashing Security episode 310. My name's Graham Cluley.
Hello, hello, and welcome to Smashing Security episode 310. My name's Graham Cluley.
And I'm Carole Theriault.
Hello, Carole.
Hello, Graham.
Lovely to have you here on the show. Well, it's not really my show to say lovely to have you here, is it? It's oh, hello, you're here, I'm here.
It's we bumped into each other in the kitchen or something that, isn't it?
It's we bumped into each other in the kitchen or something that, isn't it?
The reason he's funneling his words is we don't have a guest today and he doesn't know what to do because we don't have anyone to pick on.
Ah, no guest. But, you know, that can sometimes mean a show with a bit more oomph, a bit more vim, a bit more whizbang. Yeah, something that.
Fantastic. I look forward to it. How about before we kick off, let's thank this week's sponsors, Bitwarden, Kolide, and SecureEnvoy.
It's their support that helps us give you this show for free. Now, coming up in today's show, Graham, what do you got?
It's their support that helps us give you this show for free. Now, coming up in today's show, Graham, what do you got?
Well, Crow, I'm going to be verifying you.
I don't the sound of that at all. And we are going to do a bit of math. Sex plus AI equals what exactly?
Well, we'll find out all this and much more coming up on this episode of Smashing Security.
Well, we'll find out all this and much more coming up on this episode of Smashing Security.
Graham Cluley, I've got a question for you. I've got a question for you.
Shoot.
Are you verified?
I don't really know what you mean.
I mean, you know, on social networks these days, on Twitter and— No, nowhere. What, you haven't got a social networking presence at all?
No, I'm sure I do have some sort of presence. I don't go into the murky waters. I don't check it. I've done— Yeah, I don't care.
You don't have somewhere where you post up your poetry, your LiveJournal?
No, not yet. I should have a place to put my art, right?
Yes, you should.
I know.
Other than crow.wtf.
I don't want to. I just think it's a cesspit of shit. But I know there's you know, little glimmers of, you know, you know, rainbows and stuff.
But yeah, you know how people say cloud is just someone else's computer. You should just say social media is just a cesspool of shit. Maybe you could get a little meme going.
T-shirt?
Yeah. Yes. Why not? Sell stickers or something that. Anyway, of course there are social networks who can offer to verify you. I'm verified on a few sites.
So for instance, I'm verified on Mastodon, although that's a sort of self-verification.
So for instance, I'm verified on Mastodon, although that's a sort of self-verification.
I am who I say I am, I promise.
Yeah, well, I, and I link it to my website. So my website, if you trust my website, then it verifies that my account is connected to each other. So, so that works.
And on Twitter, I've got the little blue tick mark.
And on Twitter, I've got the little blue tick mark.
You paying for that?
No, certainly not. In fact, I would pay to have it removed because of course it used to be It used to be a sign of distinction.
It used to be a sign that you somehow were being recognized.
It used to be a sign that you somehow were being recognized.
I think it means you're— it's a sign that you spent an awful lot of time on Twitter.
Well, yeah, possibly, but Twitter spotted what I was doing and thought, oh yes, we're impressed by him. We'll give him a blue tick. That's in the good old days of Twitter, of course.
And now they're selling these blue ticks instead. But it's not just Twitter. Facebook, I refuse to call them Meta.
They're trying to call themselves Meta now, but let's be honest, they're Facebook.
Facebook has made a big announcement because Facebook and Instagram, which until now have been entirely free to use. Well, are they free to use, Carole?
And now they're selling these blue ticks instead. But it's not just Twitter. Facebook, I refuse to call them Meta.
They're trying to call themselves Meta now, but let's be honest, they're Facebook.
Facebook has made a big announcement because Facebook and Instagram, which until now have been entirely free to use. Well, are they free to use, Carole?
I don't know.
No, they're not free to use. They're not free to use because you are paying with your very soul. Carole, you are paying with your person.
Oh, not on Twitter, not on Twitter, but definitely on— okay.
Yeah. There's a lot more competent data mining going on on Facebook and Instagram and those sort of sites than there is on Twitter, I suspect.
So the amount of information which you're uploading to Facebook, and of course we saw the whole Cambridge Analytica debacle occurring, that's one of the ways in which Facebook is making money is through that enormously targeted advertising, whereas no one's really interested in advertising on Twitter anymore unless they're selling things to Nazis.
So the amount of information which you're uploading to Facebook, and of course we saw the whole Cambridge Analytica debacle occurring, that's one of the ways in which Facebook is making money is through that enormously targeted advertising, whereas no one's really interested in advertising on Twitter anymore unless they're selling things to Nazis.
And that's why they're a little bit ticked off with Apple's new privacy features on the phones, right? Because they have less tracking ability for ads.
That's right. Yeah.
Apple, whether you think it's a good thing or not, have been sort of curtailing some of the activity which we've seen before from different websites and different apps as to how much they can track you and putting more control in the hands of the users.
But anyway, Facebook and Instagram, what they've announced this week is they are now going to directly charge users a subscription fee, a monthly subscription fee. Now it is opt-in.
You have to choose to want to do this. It's not compulsory. It's not something which they're going to impose on you if you don't want it.
But they are going to say if you want to have a verified account, you are going to have to pay us money.
Apple, whether you think it's a good thing or not, have been sort of curtailing some of the activity which we've seen before from different websites and different apps as to how much they can track you and putting more control in the hands of the users.
But anyway, Facebook and Instagram, what they've announced this week is they are now going to directly charge users a subscription fee, a monthly subscription fee. Now it is opt-in.
You have to choose to want to do this. It's not compulsory. It's not something which they're going to impose on you if you don't want it.
But they are going to say if you want to have a verified account, you are going to have to pay us money.
A question. Are they talking, do you feel, to individuals or are they talking to companies or both?
At this present time, the verification tick which they're going to offer people is only available to people. It's not available right now to brands and businesses.
Now, historically, both people and brands have been able to get themselves verified. Facebook believes that they've proven themselves to be worthy recipients of a blue checkmark.
And you had to jump through some hoops and it wasn't an easy process, but now they're saying, well, if you will cough up, and it's a totally reasonable amount of money, it's only $11.99 per month.
If you pay $11.99 per month, or—
Now, historically, both people and brands have been able to get themselves verified. Facebook believes that they've proven themselves to be worthy recipients of a blue checkmark.
And you had to jump through some hoops and it wasn't an easy process, but now they're saying, well, if you will cough up, and it's a totally reasonable amount of money, it's only $11.99 per month.
If you pay $11.99 per month, or—
It's ridiculous.
If you want to buy it through your smartphone app, it'll only cost you $14.99 per month to get a blue verified tick next to your name.
Because of course you're paying the Apple tax as well.
Because of course you're paying the Apple tax as well.
Are you feeling responsible?
No, I'm not feeling responsible. I don't think it's anything to do with me.
I think you should.
Why should it have anything to do with me?
You were like, oh, it's a badge of honor to get this tick so early on, I feel. And other people were like you going, oh, I'm special. I have a little blue tick.
They recognize me as an important contributor to their platform where they hoover up all my information. And now— Look now, now they're charging people.
They recognize me as an important contributor to their platform where they hoover up all my information. And now— Look now, now they're charging people.
Now it's been devalued. Thank you very much.
Thank you very much.
Now it's nothing to me. Now it's been devalued. Now I don't want a blue tick because I'm worried people will think that I've paid for it.
Now, of course, it's not become a badge of honor. Now it's shame. Shame to have a blue tick. That's what I'd say.
Because you're putting money inside Elon's pocket or bloody Mark Zuckerberg's pocket instead.
Now, of course, it's not become a badge of honor. Now it's shame. Shame to have a blue tick. That's what I'd say.
Because you're putting money inside Elon's pocket or bloody Mark Zuckerberg's pocket instead.
It's going to be interesting. So how do you think they're going to be able to get the masses to cough up the cash? Do you think they will be able to? They have to add features, right?
I think when they roll this out for businesses as well, then that will be attractive to some brands because of course you don't want your brand to be mimicked and copied by someone pretending to be the real you.
People don't want that now.
Well, yeah, well, I agree. I agree. So they haven't rolled it out for businesses yet, this Meta Verified checkmark, but it is gonna be coming available.
You have to be at least 18 years old, and of course you have to submit government ID that matches your name and photograph that you have on Facebook and Instagram.
So people are gonna be uploading their passport and driving licenses to Zucky.
You have to be at least 18 years old, and of course you have to submit government ID that matches your name and photograph that you have on Facebook and Instagram.
So people are gonna be uploading their passport and driving licenses to Zucky.
To Zucky and friends.
Facebook.
What could— Yeah, I don't even think we need the catchphrase. I think we can just dot, dot, dot. Dot that one.
Yeah, I think they certainly won't abuse it. They certainly, they'll look after it.
They'll look after it.
So, but you ask a very good question. You ask a very good question, which is, what are you gonna get for this? What's the—
Other than a little blue tick.
Yes. Let's not knock that. You will get a blue tick. You'll also get what they call increased visibility. Now that doesn't mean you'll be able to see more.
That means that other people will be able to see you more.
That means that other people will be able to see you more.
Oh, right. So you're appealing to the ego of more spread.
Yes.
Or not just ego, but business or whatever, notoriety, whatever.
Because Facebook has an algorithm which controls the newsfeed and it's same thing on Instagram as well.
They like to give preference to the people who are paying to boost their posts or advertising on these services.
And what they're saying is, well, look, if you get yourself one of our ticks.
They like to give preference to the people who are paying to boost their posts or advertising on these services.
And what they're saying is, well, look, if you get yourself one of our ticks.
Yeah, we'll tick you up. We'll scratch your back. Yeah, we'll just, we'll fuck with the algorithm.
So they're going to meddle with the algorithm so that you appear more prominently to other people. And lots of people want that.
Of course, if you're an influencer or if you want your post to be spotted because it's good for business, then maybe you will pay $14.99 per month to get this.
Facebook are also going to give you stickers.
Of course, if you're an influencer or if you want your post to be spotted because it's good for business, then maybe you will pay $14.99 per month to get this.
Facebook are also going to give you stickers.
That's what we give people.
How dare they? Well, we give our Patreon supporters stickers. That's true. But these are digital stickers.
Oh, right.
So if you— Yeah, yeah, exactly. They're not going to post—
Not old school like us. Not old school cool. All right.
Zuck is not going to be licking envelopes and going down to the post office or anything like that. These are digital stickers.
And he's also gonna give you 100 free stars a month to tip other creators. So this is a virtual currency.
And he's also gonna give you 100 free stars a month to tip other creators. So this is a virtual currency.
Yeah. Reddit has this. Reddit has a similar thing, a tip jar, right? Or kind of coin jars that you donate.
The gold thing. Yeah. Reddit Gold and stuff, don't they? Yeah. And the final thing, which they're dangling, the carrot which they're dangling.
Okay, I'm really excited. Yeah.
If you pay money to them every month, they say that they will give you access to a real person for common account issues. That's their exact words.
Access to a real person for common account issues. I think that means—
Access to a real person for common account issues. I think that means—
That won't go wrong. It won't go wrong. So that means one person who is getting a salary, a nominal salary, is looking after 480 different customers at any given hour.
And so when their accounts get hacked, when they get compromised, when they can't do anything, they'll be able to ring up Bob. He'll answer the phone and help them out.
Yeah.
Because of course, there have been lots of complaints from Instagram and Facebook users over the years of their accounts being hijacked.
And I just can't find a human to speak to to get this problem fixed. It's a bargain. It's a bargain. That's what it is, Carole. It's a bargain.
And I just can't find a human to speak to to get this problem fixed. It's a bargain. It's a bargain. That's what it is, Carole. It's a bargain.
So it's interesting, though, because I don't know how many people— okay, so right now I'm imagining people that I know will not be paying for this, right?
They'll be saying, yeah, yeah, yeah, nice try. But at one point, what they're going to do is keep adding on some add-ons, right?
And removing juice from the freebie, effectively throttling, right? You got free access, you're being throttled. You want to pay, you get extra.
And we always said, hey, if you want good service, you should pay for it. These are companies.
They'll be saying, yeah, yeah, yeah, nice try. But at one point, what they're going to do is keep adding on some add-ons, right?
And removing juice from the freebie, effectively throttling, right? You got free access, you're being throttled. You want to pay, you get extra.
And we always said, hey, if you want good service, you should pay for it. These are companies.
Yes.
And yeah, but it really hurts when they basically milked us cows for free to gather all the information so they could actually sell it to advertisers and now say, actually, now we want you to pay.
Yeah, there's no suggestion here, by the way, that if you pay the money that you're no longer going to get targeted ads.
Why not go for it, right? Charge and show ads.
So Facebook's announcement comes in the wake of Twitter's rather desperate attempt to make some money because they chaotically released Twitter Blue checkmark late last year.
It's been rather disastrous. The Twitter Blue checkmark costs a couple of dollars less than Facebook. But doesn't bother to do any of that identity verification nonsense.
You don't have to give them your passport or your driving license. Just give them your money. And yeah, you can call yourself whatever you want.
You can pretend to be whoever you want. It's a free world. And there's some wonderful features.
For instance, one of the best features of Twitter Blue is that you can change your profile picture from being a circle to being a hexagon. Well, isn't that worth $10 a month.
It's been rather disastrous. The Twitter Blue checkmark costs a couple of dollars less than Facebook. But doesn't bother to do any of that identity verification nonsense.
You don't have to give them your passport or your driving license. Just give them your money. And yeah, you can call yourself whatever you want.
You can pretend to be whoever you want. It's a free world. And there's some wonderful features.
For instance, one of the best features of Twitter Blue is that you can change your profile picture from being a circle to being a hexagon. Well, isn't that worth $10 a month.
I've got angles.
And you can then brag that you have an NFT, apparently. It's another bargain.
So the other thing you can now do with your Twitter Blue account, this has just happened the last few days, is you can make use of SMS-based two-factor authentication.
So the other thing you can now do with your Twitter Blue account, this has just happened the last few days, is you can make use of SMS-based two-factor authentication.
Circa 2018?
Well, circa 2002, maybe.
Really?
It's fairly old technology, which is looked on rather askance with people thinking maybe that's not so good.
So Twitter has been telling users who've turned on text message 2FA, people who aren't paying Twitter at the moment, they've said, "We're gonna take that away from you next month.
You'll no longer have 2FA turned on via SMS, but if you want it, you should upgrade to Twitter Blue and then you can have it back again." And we'll charge you a little bit of money.
Right, and it's gonna cost you $10 or whatever it is.
Now this marketing push, it might have the regular users think that SMS-based authentication is somehow a better way to protect your account than the other methods of two-factor authentication, which are still available to free Twitter users.
So Twitter has been telling users who've turned on text message 2FA, people who aren't paying Twitter at the moment, they've said, "We're gonna take that away from you next month.
You'll no longer have 2FA turned on via SMS, but if you want it, you should upgrade to Twitter Blue and then you can have it back again." And we'll charge you a little bit of money.
Right, and it's gonna cost you $10 or whatever it is.
Now this marketing push, it might have the regular users think that SMS-based authentication is somehow a better way to protect your account than the other methods of two-factor authentication, which are still available to free Twitter users.
Oh my God, that's so mortifying.
But of course it's not.
It's just chaos. It's chaos in the barn. No one knows what's going on.
It's bonkers. So, I mean, we've talked about SMS-based two-factor authentication before and its problems. It's still better than nothing.
So two-factor authentication coming via text message is better than no two-factor authentication at all, I'd argue.
But you have to hope no one who's bonkers enough to pay for Twitter Blue is tricked into thinking it's a good way to harden their security.
So two-factor authentication coming via text message is better than no two-factor authentication at all, I'd argue.
But you have to hope no one who's bonkers enough to pay for Twitter Blue is tricked into thinking it's a good way to harden their security.
So I have streaming services, right? So some evenings I will turn that on. I pay a monthly fee and I enjoy the streaming service, right?
Is this— sounds more expensive or at least as expensive as these streaming services. So are they contending that they are as entertaining and wonderful?
Is this— sounds more expensive or at least as expensive as these streaming services. So are they contending that they are as entertaining and wonderful?
Well, it's kind of comparable is what they're saying, isn't it? But they're not producing any of the content themselves.
It's all of the people who are users who are creating the content.
It's all of the people who are users who are creating the content.
Yeah. And I wonder if by taking money from users, if the liability changes in terms of what they provide on the service. Oh, I don't know. I don't know. Expert, email us, tell us now.
If only Twitter had a legal team to investigate these sort of things, it would be, that'd be the thing, wouldn't it?
So, so I've said that Twitter's now telling people you're going to lose SMS-based two-factor authentication. Turn it off, they're saying.
Well, what's really brilliant is that people have been trying to turn it off as Twitter tells them to, and when they do, they get an error message telling them that they can't do it.
So it's another, it's another disaster by Elon Musk's engineering experts in that way.
And on a similar note, talking about these verifications, Will Ferrell, you know Will Ferrell from Zoolander and Anchorman and all those things, he's been in the UK this month.
He's been visiting various football matches and making videos mocking fans.
He showed up, I think it was, I think it was at QPR, and he was slagging off the Sunderland football team. And we can hear what he said right now.
So, so I've said that Twitter's now telling people you're going to lose SMS-based two-factor authentication. Turn it off, they're saying.
Well, what's really brilliant is that people have been trying to turn it off as Twitter tells them to, and when they do, they get an error message telling them that they can't do it.
So it's another, it's another disaster by Elon Musk's engineering experts in that way.
And on a similar note, talking about these verifications, Will Ferrell, you know Will Ferrell from Zoolander and Anchorman and all those things, he's been in the UK this month.
He's been visiting various football matches and making videos mocking fans.
He showed up, I think it was, I think it was at QPR, and he was slagging off the Sunderland football team. And we can hear what he said right now.
We're wishing you guys all the best, Sunderland. Oh, the tears of sorrow you're going to experience tonight dripping down your face into your mouth drowning you in sorrow.
I can only imagine. So, so what? So people are, people are lamenting the loss of a match, and he's zooming in on them and going, "Hahaha, look at that guy.
I can only imagine. So, so what? So people are, people are lamenting the loss of a match, and he's zooming in on them and going, "Hahaha, look at that guy.
I'm reading poetry." He's basically saying, Sunderland, you're not going to have a good time.
And then later on, the verified Twitter account of Official Wheel F wrote, "Away man, sorry Sunderland AFC," and he posted a screenshot up there as well.
And the BBC reported this as Will Ferrell apologising for mocking Sunderland's fans.
And then later on, the verified Twitter account of Official Wheel F wrote, "Away man, sorry Sunderland AFC," and he posted a screenshot up there as well.
And the BBC reported this as Will Ferrell apologising for mocking Sunderland's fans.
And who the fuck knows what's going on?
Well, the thing is that the BBC have now had to do a reverse ferret because Will Ferrell, not Will Ferret, it turned out wasn't the person who tweeted that apology.
They'd fallen for an account which claimed to be official, claimed to be verified, but of course had been your standard Twitter blue checkmark nonsense.
Anyway, BBC said they've removed the article in its entirety. They said it was, you know, they've completely cocked up.
But this is the kind of thing that's happening all the time, not just to Will Ferrell, but to other brands as well, all because of these verified checkmarks not being policed properly.
So I think there will be more scams and more shenanigans going forward too.
They'd fallen for an account which claimed to be official, claimed to be verified, but of course had been your standard Twitter blue checkmark nonsense.
Anyway, BBC said they've removed the article in its entirety. They said it was, you know, they've completely cocked up.
But this is the kind of thing that's happening all the time, not just to Will Ferrell, but to other brands as well, all because of these verified checkmarks not being policed properly.
So I think there will be more scams and more shenanigans going forward too.
Do you? Is that your prediction?
That is my prediction. Yes, not a very controversial one, admittedly. Thank you very much. Carole, no guest this week, so what have you got for us?
Well, regular listeners, and actually maybe even you, Graham, might remember—
I don't listen. I don't listen.
—that I had a story about how a guy created a kind of avatar, a chatbot, and fell in love with this AI chatbot, and it somehow saved his marriage, he said. And I tried it myself.
This was my pick of the week about a year ago, and I tried it myself in that I downloaded Replika, paid for a month, right? Just to see what would happen and how it would work.
And I personally just couldn't engage. You have this avatar on the screen that you've designed, and then it kind of bombards you with really lame questions.
Well, not for me lame, right? Because favorite movie, favorite color, what were your dreams last night, any books you're reading, snooze ville and also nosy.
Nosy Parker asking all these questions. But also I just found it boring, right?
And so I have to admit, I didn't spend any time training my chatbot because if I had, slowly over time, who knows where I would be today? Divorced? Happy?
This was my pick of the week about a year ago, and I tried it myself in that I downloaded Replika, paid for a month, right? Just to see what would happen and how it would work.
And I personally just couldn't engage. You have this avatar on the screen that you've designed, and then it kind of bombards you with really lame questions.
Well, not for me lame, right? Because favorite movie, favorite color, what were your dreams last night, any books you're reading, snooze ville and also nosy.
Nosy Parker asking all these questions. But also I just found it boring, right?
And so I have to admit, I didn't spend any time training my chatbot because if I had, slowly over time, who knows where I would be today? Divorced? Happy?
Right? Yeah. I mean, that'd be great, wouldn't it? With Kurt. With Goliath. Or something. Oh, Goliath. Is that his name?
Were you actually able to hone your chatbot to have a particular look? Were you able to give it a big manly beard and a barrel chest?
Were you actually able to hone your chatbot to have a particular look? Were you able to give it a big manly beard and a barrel chest?
Yes, and a bob, a blonde bob. I did all that.
Yeah. Okay, right, good.
There's this recent story in Vice about how Replika, the same company I spoke about ages ago, got itself into a bit of a moral quandary.
So Replika was originally based on OpenAI's ChatGPT-3, but has since veered off and created its own, which it uses in combination with scripted dialogue to hold conversations.
Now, 5 years ago, they say they had maybe 10% was the script, was the AI working, and 90% was people. And now that's reversed.
So they used to have humans there writing some of these responses, but training, I guess, you know, filling the gaps.
But as they've gotten much more popular and people have downloaded it more, they've learned what the flirty chat is these days.
So Replika was originally based on OpenAI's ChatGPT-3, but has since veered off and created its own, which it uses in combination with scripted dialogue to hold conversations.
Now, 5 years ago, they say they had maybe 10% was the script, was the AI working, and 90% was people. And now that's reversed.
So they used to have humans there writing some of these responses, but training, I guess, you know, filling the gaps.
But as they've gotten much more popular and people have downloaded it more, they've learned what the flirty chat is these days.
They know how to chat someone up.
Exactly right. And the way it works is it's a real-time chat message with a chatbot. So, you know, they might say, what's your favorite color? You say blue and they go, I love blue.
Blue is the color of the sky. It's working for me. I'll tell you, I'm sold.
Now, if you go to the Replika website, you will see on the big front, this huge banner that says the AI companion who cares. Let me have a look. Right. Always on your side.
So Replika with a K dot com.
So Replika with a K dot com.
Oh, it's Replika with a K. Yeah. Yeah. Okay. Oh, hello. Oh yes, always here to listen and talk. Always on your side. Okay.
Now my question to you is, could we add the suffix about my genitals after any or all of these statements? Sorry, what? The AI companion who cares about my genitals. Yes, that works.
Yeah. Always on your side about my genitals.
Yeah. Always on your side about my genitals.
I don't know if that one works. Always here to listen and talk to my genitals. Listen to my genitals.
About my genitals, you see. Now, the sitch is this, right?
In a nutshell, earlier this month, the AI companion Who Cares from Replika, its customers started noticing that the companion who cared oh so much was, well, no longer able to initiate erotic roleplay scenarios.
In a nutshell, earlier this month, the AI companion Who Cares from Replika, its customers started noticing that the companion who cared oh so much was, well, no longer able to initiate erotic roleplay scenarios.
Had it ever done that before? Bit of flirty, flirty, dirty stuff? Well, it seems it might have.
Yes, seems it might have. I did not know this. That might have changed my entire experience. Yes. Hello, prude. I'd be saying, do you make toast for breakfast?
And worse, worse, if you were looking for erotic roleplay scenarios, it would divert the chat to something more tame. So let me do a little example here, right? Little roleplay.
So if I said, for example, as the user, I might write something, hey, getting bored of its boring conversations because that hasn't initiated something erotic.
Can you tell me a story involving boobs and butts? And then the Replika might reply, oh, the boobie is a bird that often butts heads with blah, blah, blah.
And you'd be, no, that's not what I want. It's quite clever though.
And worse, worse, if you were looking for erotic roleplay scenarios, it would divert the chat to something more tame. So let me do a little example here, right? Little roleplay.
So if I said, for example, as the user, I might write something, hey, getting bored of its boring conversations because that hasn't initiated something erotic.
Can you tell me a story involving boobs and butts? And then the Replika might reply, oh, the boobie is a bird that often butts heads with blah, blah, blah.
And you'd be, no, that's not what I want. It's quite clever though.
I'm quite impressed. I'd be slightly turned on by that kind of intelligent talk.
Calm down, calm down. Now, the issue is this: there are customers who have spent months, nay, years in some cases, trying to finely tune their chatbot into the perfect partner. What?
Dirty bits included, it seems. What? Really? Yes. Okay. So some of these dudes and dudettes went into a super tailspin when they couldn't get their rocks off with their bots.
Some took to Reddit and Facebook, offering and accepting support, even sharing crisis helpline numbers.
Dirty bits included, it seems. What? Really? Yes. Okay. So some of these dudes and dudettes went into a super tailspin when they couldn't get their rocks off with their bots.
Some took to Reddit and Facebook, offering and accepting support, even sharing crisis helpline numbers.
Well, they've got a support forum.
Can you imagine you're volunteering at a crisis helpline and it gets clogged up with these people lamenting how their digital sexcapades have gone frigid? I guess.
But, but then again, I also kind of get it because if you dedicated months or nay, years creating a chatbot meant to meet your every whim, including the raunchy ones, right.
And then a chunk of its personality and character was turned off like a tap, I would be annoyed as well, right?
But, but then again, I also kind of get it because if you dedicated months or nay, years creating a chatbot meant to meet your every whim, including the raunchy ones, right.
And then a chunk of its personality and character was turned off like a tap, I would be annoyed as well, right?
You don't want to build it up for years and years and then just have it instantly turned off. That's going to leave you hanging, isn't it?
What movies do you like? What's your favorite color? After years of honing it with your fantasies and all your stuff.
Talk to me in an Italian accent, that kind of thing. So, you know, that does it for me.
First, the CEO, and she says in an interview with Vice that Replika has never positioned the app as a source for erotic roleplay or adult content.
Okay, so they never marketed it. They never— hang on a moment, but wasn't it all a sort of virtual boyfriend girlfriend thing?
That is part of the deal, isn't it, of having a boyfriend or girlfriend is a bit of nookie.
That is part of the deal, isn't it, of having a boyfriend or girlfriend is a bit of nookie.
Why don't you go check out the App Store on this stuff? Because it's quite fascinating.
If you go to the App Store on your computer and then just type in AI chatbot as a search, select the iPhone iPad apps because they seem a little more raunchy than the Mac ones.
Okay. Yeah. Now what do you have in front of you?
If you go to the App Store on your computer and then just type in AI chatbot as a search, select the iPhone iPad apps because they seem a little more raunchy than the Mac ones.
Okay. Yeah. Now what do you have in front of you?
Okay. I've got— Oh, hello. Hello. I've got some screen— Oh, hello.
There's a lot of—
There's a lot of young women. Yeah. All young people. People wearing quite clingy clothing. Would that be a fair thing to say?
Very clingy, looking slightly raunchy, I'd say.
They seem like they'd probably be in Buffy the Vampire Slayer or something like that. They're sort of young people, attractive, and they're sort of all sort of bendy and curvy. Yes.
And it says here, create an AI friend, chat with no limits, or, you know, she'll do anything you want. And this is all in the bonafide App Store. Yeah, yeah, yeah.
I'm looking at one right now.
Yeah, looks right. So give me a break. They didn't. I mean, this is the market is what I'm seeing when I look around, right? Yeah.
So why did Replika then dial down the horn, so to speak, right? Breaking the hearts of many a customer.
And it said it never positioned the app as a source of erotic roleplay or adult content, but I would call bullpoopies on it.
Because recently, Replika started serving ads on social media platforms like Instagram and TikTok that were blatant about the horny capabilities of the app.
So why did Replika then dial down the horn, so to speak, right? Breaking the hearts of many a customer.
And it said it never positioned the app as a source of erotic roleplay or adult content, but I would call bullpoopies on it.
Because recently, Replika started serving ads on social media platforms like Instagram and TikTok that were blatant about the horny capabilities of the app.
Yeah, of course. That's what I mean, because the sort of person who buys one of these is someone maybe who doesn't want a sort of a real-life relationship. Would that be fair to say?
Or someone who hasn't got the time for one.
Or someone who hasn't got the time for one.
Or maybe someone who's recently widowed, or someone who has got, you know, feeling lonely.
There's loads of legit reasons why you may want to connect, and this may be an easier way than doing it with a real person, because most people are assholes, let's be honest.
There's loads of legit reasons why you may want to connect, and this may be an easier way than doing it with a real person, because most people are assholes, let's be honest.
We know. That's fair enough, and those are legitimate reasons.
But yes, I think something which would stimulate your interest into checking out one of these apps would be the thought of, oh, hello, this could be a bit of fun.
But yes, I think something which would stimulate your interest into checking out one of these apps would be the thought of, oh, hello, this could be a bit of fun.
Exactly. But so all these ads are going on and there was two big responses that I could see.
On one side, people were saying, hey, this is total bullshit because you've removed all the erotica features, you've dulled them down to zero.
So what are these ads who are being super blatant about all the horny horn horn stuff?
On one side, people were saying, hey, this is total bullshit because you've removed all the erotica features, you've dulled them down to zero.
So what are these ads who are being super blatant about all the horny horn horn stuff?
So, but I don't understand why. Why have they removed these features?
Surely the users, if the users love them and if this is the whole reason why people download these apps, why have they toned it down?
Surely the users, if the users love them and if this is the whole reason why people download these apps, why have they toned it down?
This is according to Vice. So it said unwanted sexual pursuit has been an issue for users for years and users have been complaining about it for almost two years.
But many of the one-star reviews mentioning sexual aggression are from this month because I think that maybe they dialed it up with the ad campaign that they put up.
Oh, and some people are reporting that it was actually getting sexually aggressive with users that weren't expecting it or wanting it.
So there are reports— this is all, you know, in the app stores, in the reviews, you can go see for yourselves— but there are people that are going, oh my God, this is not comfortable.
This is—
But many of the one-star reviews mentioning sexual aggression are from this month because I think that maybe they dialed it up with the ad campaign that they put up.
Oh, and some people are reporting that it was actually getting sexually aggressive with users that weren't expecting it or wanting it.
So there are reports— this is all, you know, in the app stores, in the reviews, you can go see for yourselves— but there are people that are going, oh my God, this is not comfortable.
This is—
So you might have been a fan of this app, you could have been using this app for a while, and you've honed it to discuss the poetry of Emily Dickinson and the Brontë sisters or whatever, and you're loving that.
Oh, it's so lovely, Mr. Darcy, all that sort of stuff. And then suddenly it's all kind of pervy, pervy latex.
Oh, it's so lovely, Mr. Darcy, all that sort of stuff. And then suddenly it's all kind of pervy, pervy latex.
Yeah, someone, one comment was like, "Do you like being a top or a bottom?" It was like this out of the blue comment that was made.
So suddenly diving in really hard on these, you know, and making it very sexual.
And to add heat to this, on February 3rd, the Italian Data Protection Authority demanded that Replika stop processing Italians' data immediately.
On the basis that it carries risks to children, highlighting that the reason they were saying this is that they are served replies by Replika which are absolutely inappropriate for their age.
So I think all this pressure has forced Replika to dial it down.
But on the flip side, you've got people that have created relationships with their bots, and suddenly they're showing different, you know, but they're showing different qualities and different characters.
If they suddenly, they're starting very sexually aggressive, or suddenly kind of going, "Oh, did you see the nice birds outside?
Let's talk about the weather." It must be jarring if you've invested in this. And it's not that silly. Think of your son.
So suddenly diving in really hard on these, you know, and making it very sexual.
And to add heat to this, on February 3rd, the Italian Data Protection Authority demanded that Replika stop processing Italians' data immediately.
On the basis that it carries risks to children, highlighting that the reason they were saying this is that they are served replies by Replika which are absolutely inappropriate for their age.
So I think all this pressure has forced Replika to dial it down.
But on the flip side, you've got people that have created relationships with their bots, and suddenly they're showing different, you know, but they're showing different qualities and different characters.
If they suddenly, they're starting very sexually aggressive, or suddenly kind of going, "Oh, did you see the nice birds outside?
Let's talk about the weather." It must be jarring if you've invested in this. And it's not that silly. Think of your son.
He's invested in video games. He is, right? Who knows what he's installing on his iPad right now? He could be a sexy flirting virtual girlfriend. Yeah, for all I know.
I don't have a problem.
I don't have a problem.
The big issue right now is that they've turned off the whole erotic side of things, saying it wasn't their focus in the first place, that they don't have a real issue with it, but they need to make it safe before they put it back in.
And they've seen some problems.
Now, some people would argue that these problems have been happening for a while, and finally they've pulled up their socks, but it seems as though maybe they dialed it up just a tiny bit and it kind of went a bit crazy.
So they shut it all down to review. And see, I'm kicking myself now because I didn't read the terms and I don't know what ages. Is this an 18+ thing or—
And they've seen some problems.
Now, some people would argue that these problems have been happening for a while, and finally they've pulled up their socks, but it seems as though maybe they dialed it up just a tiny bit and it kind of went a bit crazy.
So they shut it all down to review. And see, I'm kicking myself now because I didn't read the terms and I don't know what ages. Is this an 18+ thing or—
Well, I'm looking at one here which looks, and it says it's available in the App Store for ages 12+. There you go.
So I don't know what others are, but I guess that means more people can download it, isn't it? It's a difficult tightrope which they're walking on.
So I don't know what others are, but I guess that means more people can download it, isn't it? It's a difficult tightrope which they're walking on.
And there are all these different versions of GPT or generative pre-trained transformer, and they're all being tweaked in their own way by different people.
And there's absolutely no guidelines yet.
And there's absolutely no guidelines yet.
It's frightening. I've just found one where you can chat with your own live elf. You can talk to a real elf. Rule 34, Graham. Rule 34.
Our sponsor Collide has some big news. If you're an Okta user, then you can get your entire fleet to 100% compliance. How?
If a device isn't compliant, the user can't log into your cloud apps until they fix the problem. It's that simple.
Collide patches one of the major holes in zero-trust architecture: device compliance.
Without Collide, IT struggles to solve basic problems like keeping everyone's OS and browser up to date.
Insecure devices are logging into your company's apps, but there's nothing there to stop them.
Collide is the only device trust solution that enforces compliance as part of authentication, and it's built to work seamlessly with Okta.
The moment Collide's agents detect a problem, it alerts the user and gives them instructions to fix it. If they don't fix the problem within a set time, they're blocked.
Collide's method means fewer support tickets, less frustration, and most importantly, 100% fleet compliance. Wanna learn more? Of course you do. Visit collide.com/smashing.
That's collide.com/smashing. And thanks to Collide for sponsoring the show.
If a device isn't compliant, the user can't log into your cloud apps until they fix the problem. It's that simple.
Collide patches one of the major holes in zero-trust architecture: device compliance.
Without Collide, IT struggles to solve basic problems like keeping everyone's OS and browser up to date.
Insecure devices are logging into your company's apps, but there's nothing there to stop them.
Collide is the only device trust solution that enforces compliance as part of authentication, and it's built to work seamlessly with Okta.
The moment Collide's agents detect a problem, it alerts the user and gives them instructions to fix it. If they don't fix the problem within a set time, they're blocked.
Collide's method means fewer support tickets, less frustration, and most importantly, 100% fleet compliance. Wanna learn more? Of course you do. Visit collide.com/smashing.
That's collide.com/smashing. And thanks to Collide for sponsoring the show.
Our friends at Bitwarden have been busy this month adding some fab new features to their open source password management solution.
Now, did you know that you can log into Bitwarden using a secondary device instead of your master password? Well, now you do.
Logging in with a device is a passwordless approach to authentication.
It removes the need to enter your master password by sending authentication requests to other devices you're currently logged into for approval.
With Login for Device, it can be initiated on the Web Vault, browser extension, desktop app, mobile app, and you can approve access on your mobile and desktop.
Top app version of Bitwarden. Very, very cool. And the Bitwarden team has hardened the security of its vaults, protecting new vaults with 600,000 iterations by default.
And of course, existing accounts can also update themselves to the same level.
These and many other great security features are incorporated all the time into Bitwarden, keeping your passwords secure from hackers.
Learn more, try Bitwarden for yourself at bitwarden.com/smashing. That's bitwarden.com/smashing. Smashing Security.
Now, did you know that you can log into Bitwarden using a secondary device instead of your master password? Well, now you do.
Logging in with a device is a passwordless approach to authentication.
It removes the need to enter your master password by sending authentication requests to other devices you're currently logged into for approval.
With Login for Device, it can be initiated on the Web Vault, browser extension, desktop app, mobile app, and you can approve access on your mobile and desktop.
Top app version of Bitwarden. Very, very cool. And the Bitwarden team has hardened the security of its vaults, protecting new vaults with 600,000 iterations by default.
And of course, existing accounts can also update themselves to the same level.
These and many other great security features are incorporated all the time into Bitwarden, keeping your passwords secure from hackers.
Learn more, try Bitwarden for yourself at bitwarden.com/smashing. That's bitwarden.com/smashing. Smashing Security.
Smashing Security say that while the cloud might be the best choice for companies focused on reducing the cost of managing applications, some companies are opting out of public cloud and sticking to on-premise and private cloud.
Why? One reason is regulatory compliance. Moving data to the cloud means you are reliant on the security and access control provided by the cloud supplier.
Organizations that prefer to keep their data on-premise in a private cloud where they have sole access and control should perhaps look to Secure Envoy for on-premise MFA.
Another reason is data privacy legislation in different countries can lead to differing data protection requirements.
And for companies with a multi-country presence, they know there are different regulations in different countries that affect how we store and back up data.
SecureEnvoy's on-premise MFA solution could be exactly the solution you need to meet your MFA requirements. Learn more at smashingsecurity.com/secureenvoy.
And thanks to SecureEnvoy for sponsoring the show.
Why? One reason is regulatory compliance. Moving data to the cloud means you are reliant on the security and access control provided by the cloud supplier.
Organizations that prefer to keep their data on-premise in a private cloud where they have sole access and control should perhaps look to Secure Envoy for on-premise MFA.
Another reason is data privacy legislation in different countries can lead to differing data protection requirements.
And for companies with a multi-country presence, they know there are different regulations in different countries that affect how we store and back up data.
SecureEnvoy's on-premise MFA solution could be exactly the solution you need to meet your MFA requirements. Learn more at smashingsecurity.com/secureenvoy.
And thanks to SecureEnvoy for sponsoring the show.
And welcome back, and you join us at our favorite part of the show, the part of the show that we like to call Pick of the Week.
Pick of the Week. Pick of the Week.
Pick of the Week is the part of the show where everyone chooses something they like.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. Doesn't have to be security related necessarily.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. Doesn't have to be security related necessarily.
Hope it's not. Better not be.
Well, my Pick of the Week this week is not security related. Let's talk about space. Space. Space is big.
That's very insightful you are today.
Yeah. Well, you wouldn't believe how vastly, hugely, mind-bogglingly big it is.
You may think it's a long way down to the road to the chemist's, but that's just peanuts compared to space.
And if you want to get some idea as to just how big things can be, that is my pick of the week this week, because I'm sure, Carole, you are familiar with the work of Randall Munroe, better known as the artist behind XKCD.
Yeah. The comic. Now, I was having a think about, I was thinking, you know, what a wonderful body of work he's produced over the years.
And I remember one of my very favourite ones was something called Click and Drag, which came out, can you believe, back in 2012. I remember, I wonder if you remember this one.
I will put a link in the show notes because this wasn't just a comic strip. This was an experience.
So with click and drag, you're looking at 4 little windows on the comic, 4 panels, I suppose you call them, on the comic strip.
And you start off with your little stick man floating around, hanging from a balloon above a landscape.
And you then click and drag on the landscape as you would do with a mouse on your computer, with your finger, drag it on your smartphone device, for instance.
And what you realize is that you are only looking at a tiny part of the landscape and you can move left and right, up and down, and you can slowly explore the landscape.
And the thing is, I can hear you, Carole, I can hear you watching.
You may think it's a long way down to the road to the chemist's, but that's just peanuts compared to space.
And if you want to get some idea as to just how big things can be, that is my pick of the week this week, because I'm sure, Carole, you are familiar with the work of Randall Munroe, better known as the artist behind XKCD.
Yeah. The comic. Now, I was having a think about, I was thinking, you know, what a wonderful body of work he's produced over the years.
And I remember one of my very favourite ones was something called Click and Drag, which came out, can you believe, back in 2012. I remember, I wonder if you remember this one.
I will put a link in the show notes because this wasn't just a comic strip. This was an experience.
So with click and drag, you're looking at 4 little windows on the comic, 4 panels, I suppose you call them, on the comic strip.
And you start off with your little stick man floating around, hanging from a balloon above a landscape.
And you then click and drag on the landscape as you would do with a mouse on your computer, with your finger, drag it on your smartphone device, for instance.
And what you realize is that you are only looking at a tiny part of the landscape and you can move left and right, up and down, and you can slowly explore the landscape.
And the thing is, I can hear you, Carole, I can hear you watching.
No, I'm doing it right now. I'm doing it. I'm doing it. It's very cute. Actually, I was actually being charmed by some of the drawings in it.
It is a huge landscape of unexpected things.
You can spend hours looking into this, and I was very impressed as to how much effort must have been put in by XKCD producing this particular piece of work.
Now, if you read up more about this, there is a great website called Explain XKCD, which gives you a sort of— it's like a wiki really of descriptions of different XKCD comics.
Sometimes they're explaining the nerdiness behind the joke, if you haven't quite got the joke.
In this particular case, they're waxing lyrical about the artistic merit of this particular cartoon and what it means to the human psyche.
How, rather like when you're living through life or when you're traveling, you just travel bit by bit.
You're not seeing the full picture all at once because you can't see the full picture with this particular landscape.
You have to click and drag, and you can, as I say, spend hours finding little Easter eggs and all sorts of loveliness and sad bits and romantic bits and funny jokes as you go further and further.
If, however, you've got no patience at all, I'm also going to link into a zoomable version that's much easier to navigate, but you will be cheating if you do that.
And if you want to go and—
You can spend hours looking into this, and I was very impressed as to how much effort must have been put in by XKCD producing this particular piece of work.
Now, if you read up more about this, there is a great website called Explain XKCD, which gives you a sort of— it's like a wiki really of descriptions of different XKCD comics.
Sometimes they're explaining the nerdiness behind the joke, if you haven't quite got the joke.
In this particular case, they're waxing lyrical about the artistic merit of this particular cartoon and what it means to the human psyche.
How, rather like when you're living through life or when you're traveling, you just travel bit by bit.
You're not seeing the full picture all at once because you can't see the full picture with this particular landscape.
You have to click and drag, and you can, as I say, spend hours finding little Easter eggs and all sorts of loveliness and sad bits and romantic bits and funny jokes as you go further and further.
If, however, you've got no patience at all, I'm also going to link into a zoomable version that's much easier to navigate, but you will be cheating if you do that.
And if you want to go and—
You will not be cheating. It'll just save you if you've got RSI in your wrist from having to scroll around. But I—
this has always struck me as one of the loveliest, most pointless but beautiful things on the internet, much better than that Elf Chat app I was just talking about, or the apps you've been promoting.
Don't you think it's just a bit like life, Graham? You know, you never get the full picture. It is. Isn't it just?
It's a bit deep for you. It's black and white. It's a bit of a drag. But occasionally something will click.
And that is why this particular XKCD comic, which I'll link to in the show notes, is my pick of the week.
And that is why this particular XKCD comic, which I'll link to in the show notes, is my pick of the week.
Number 1110. Yes.
Carole, what's your pick of the week?
Well, do I have a pick of the week? It may be a pickish of the week. A sort of pick of the week.
A nitpick? I don't know. A nosepick?
I don't think I loved it. I liked it, right? And I think some people will adore it.
Rotten Tomatoes, it's a series, I'm gonna tell you in a second, but they wax lyrical about it, so I'm gonna risk it.
Rotten Tomatoes, it's a series, I'm gonna tell you in a second, but they wax lyrical about it, so I'm gonna risk it.
Okay, all right, go for it.
So, show on Disney+ called Only Murders in the Building.
Ah, I've heard about this. I haven't seen it.
Right. Okay. For those that haven't, basically, you have three strangers, you know, well-known Steve Martin, the glorious Martin Short, and cute as a button Selena Gomez. Right?
They all share an obsession with true crime and podcasts.
They all share an obsession with true crime and podcasts.
Well, every podcast is a true crime podcast, including this one that people listen to. Just wait.
Dun dun dun! And anyways, they suddenly, they live all in the same building, and they suddenly find themselves wrapped up caught up in a bit of a murder.
They're trying to figure out who in the building has committed this murder. And they start a true crime pod to record their search and findings.
Now, so I have an issue with the premise, right? Because would you do that? Would you go after your neighbors accusing them of murder?
You know, week on week jumping from suspect to suspect explaining why they are the murderer and the next week going, "Oh no, we got it wrong."
They're trying to figure out who in the building has committed this murder. And they start a true crime pod to record their search and findings.
Now, so I have an issue with the premise, right? Because would you do that? Would you go after your neighbors accusing them of murder?
You know, week on week jumping from suspect to suspect explaining why they are the murderer and the next week going, "Oh no, we got it wrong."
So the actual real murderer could be listening to the podcast. And realize that the suspects are being narrowed down and they're getting closer and closer to me. Yes!
Isn't it always the janitor anyway? And he would have got away with it if it weren't for those pesky kids. Not this time.
Isn't it always the janitor anyway? And he would have got away with it if it weren't for those pesky kids. Not this time.
So on the plus side, it's cozy. Someone used that word describing it. I think that's the good word.
You know, it has a little bit of old Woody Allen, you know, because it's kind of very New York and a bit jazzy and, you know, it deals with the darker side of things with a skip in its step.
So, you know, a bit Woody Allen-esque, you know, you have this horror thing happening, but the way they react makes it light, a bit of slapstick, cute lines.
But I don't know, the characters for me are exaggerated, a bit a comic strip, you know, the bad guy is really bad and, you know, looks bad and has big bushy eyebrows and tiny little eyes and— I don't know, but hey, look, I wasn't a big fan of Ted Danson's The Good Place, and Maria loved it.
And I think I have a similar gripe about this one, but I and trust Maria.
You know, it has a little bit of old Woody Allen, you know, because it's kind of very New York and a bit jazzy and, you know, it deals with the darker side of things with a skip in its step.
So, you know, a bit Woody Allen-esque, you know, you have this horror thing happening, but the way they react makes it light, a bit of slapstick, cute lines.
But I don't know, the characters for me are exaggerated, a bit a comic strip, you know, the bad guy is really bad and, you know, looks bad and has big bushy eyebrows and tiny little eyes and— I don't know, but hey, look, I wasn't a big fan of Ted Danson's The Good Place, and Maria loved it.
And I think I have a similar gripe about this one, but I and trust Maria.
Yeah, I don't The Good Place, but I do know people who adore it.
And people that you and respect. Yeah.
Right? Yeah. Me too. I'll give Only Murders in the Building a try though. I mean, I'm intrigued by it.
My problem is sometimes I start watching these TV shows and I think, okay, I've seen 3 or 4 episodes, I kind of get it now.
It's, are we going anywhere new or is it just going to be more of the same? It's a bit Murder, She Wrote.
My problem is sometimes I start watching these TV shows and I think, okay, I've seen 3 or 4 episodes, I kind of get it now.
It's, are we going anywhere new or is it just going to be more of the same? It's a bit Murder, She Wrote.
it kind of just meanders along at a nice comfy, a nice comfortable pace. I think you'll be able to keep up.
That's what I. I a nice gentle TV program Midsommar Murders, something that. Something that's not going to offend anyone. There you are. Lovely.
So that's my pickish of the week. Only Murders in the Building. It's on Disney Plus or I'm sure wherever you stream your stuff.
Fantastic. Fantastic. Well, Carole, that just about wraps up the show for this week. Folks can follow us on Twitter @SmashingSecurity, no G, Twitter doesn't allow us to have a G.
We don't have a verified Twitter account and we won't be buying Twitter Blue. Smashing Security is also on Mastodon.
Go and find us up there and also check out the Smashing Security subreddit. And don't forget to ensure you never miss another episode.
Follow Smashing Security in your favorite podcast app, such as Overcast, Apple Podcasts, and Spotify.
We don't have a verified Twitter account and we won't be buying Twitter Blue. Smashing Security is also on Mastodon.
Go and find us up there and also check out the Smashing Security subreddit. And don't forget to ensure you never miss another episode.
Follow Smashing Security in your favorite podcast app, such as Overcast, Apple Podcasts, and Spotify.
And huge, huge thank you to our episode sponsors, Bitwarden, Kolide, and Secure Envoy. And of course, to our wonderful Patreon community.
It's thanks to them all that this show is free.
And as always, for episode show notes, sponsorship info, guest list, and the entire back catalog of more than 309 episodes, check out smashingsecurity.com.
It's thanks to them all that this show is free.
And as always, for episode show notes, sponsorship info, guest list, and the entire back catalog of more than 309 episodes, check out smashingsecurity.com.
209? 309? 309 episodes.
Until next time, cheerio.
Bye-bye.
Bye.
Hosts:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Carole Theriault:
Episode links:
- Testing Meta Verified to Help Creators Establish Their Presence – Meta.
- As Twitter forces users to remove text message 2FA, it’s in danger of decreasing security – Graham Cluley.
- A pre-match message from Will Ferrell – QPR Twitter account.
- BBC Takes Down Story About Will Ferrell After Being Fooled By Fake Twitter Account – Deadline.
- Replika CEO Says AI Companions Were Not Meant to Be Horny. Users Aren’t Buying It – Vice.
- ‘My AI Is Sexually Harassing Me’: Replika Users Say the Chatbot Has Gotten Way Too Horny – Vice.
- Replika homepage – Replika.
- Click and Drag – xkcd.
- 1110: Click and Drag – Explain xkcd.
- xkcd 1110: Click and Drag map – Zoomable map of “Click and drag”
- Only Murders in the Building – Disney Plus.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:
- Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
- Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
- SecurEnvoy – With growing cyber security threats everyone in your organisation needs multi-factor authentication tailored to their specific access needs and the risk profile of their role. Check out SecurEnvoy’s free guide now.
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Bluesky at @smashingsecurity.com, or on Mastodon, on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
