Who has been warning Italian criminals that their phones are wiretapped? Can you trust your voice to protect your bank account? And why is TikTok being singled out by investigators?
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.
0:00
0:00
0:00
0:00
Show full transcript ▼
This transcript was generated automatically, probably contains mistakes, and has not been manually verified.
Do you have a particular problem with Angela Merkel? Is it true you called her an unfuckable lard-ass? No, I have never had any problems with Angela Merkel.
Smashing Security, Episode 311: TikTok, Wiretapping, Phishing and Your Deepfake Voice as Your Password with Carole Theriault and Graham Cluley.
Hello, hello, and welcome to Smashing Security episode 311. My name's Graham Cluley.
Smashing Security, Episode 311: TikTok, Wiretapping, Phishing and Your Deepfake Voice as Your Password with Carole Theriault and Graham Cluley.
Hello, hello, and welcome to Smashing Security episode 311. My name's Graham Cluley.
And I'm Carole Theriault.
And Carole, who have we got in the hot seat this week joining us?
We have the lovely Dinah Davis. Dinah, it's been, I don't know, a year since you've been on?
Couple of years.
Yeah, I think so. I'm excited though. I love listening to you guys and I love chatting with you guys, so it's gonna be good. Woo!
And Dinah, tell us what you get up to in the world of cybersecurity these days?
Yeah, so I've been working with an organization called the Rogers Cybersecurity Catalyst.
I'm on their board, and they have been doing amazing work getting much more diverse people into cybersecurity. They're a 9-month speed program out of Toronto.
And then just, you know, working with a lot of other startups and trying to help mentor them and help them get off their feet.
I'm on their board, and they have been doing amazing work getting much more diverse people into cybersecurity. They're a 9-month speed program out of Toronto.
And then just, you know, working with a lot of other startups and trying to help mentor them and help them get off their feet.
Marvelous.
Let's thank this week's sponsors, Bitwarden, Kolide, and Dorata. It's their support that helps us give you this show for free.
Now, coming up in today's show, Graham, what do you got?
Now, coming up in today's show, Graham, what do you got?
Hey, it's-a me-o. I'm a wiretapper.
OK. Dinah, what about you?
I want to talk about the security value of biometric data.
Ooh, biometrics. And I'll be talking about why some adult TikTok addicts might be despairing. All this and much more coming up on this episode of Smashing Security.
Now, chums, chums, I want you to imagine the scene. There you are. You are a drug trafficker in Rome, Italy.
I don't know the first thing about that. How could I imagine that? You know—
I don't know, what kind of drugs here? Does that make a difference? Or—
Yeah, what year are we talking? What city area? Are we in a gang?
We're in a druggy part of Rome, Italy, right?
I'm sure that doesn't exist.
You're checking out your wife's car because you're worried there might be something going on.
You find a GPS transmitter attached to your wife's car, and you think, "Oh, what's going on here?
Someone is trying to track my movements." It's just embarrassing, the accents, though.
You find a GPS transmitter attached to your wife's car, and you think, "Oh, what's going on here?
Someone is trying to track my movements." It's just embarrassing, the accents, though.
Seriously.
Right? And you're wondering, "Is this the police?" you're thinking. "What's going on?" Might your phone be tapped as well?
Okay, this is moving very fast for your story. So basically, we've got a drug dealer. He's worried that he's being spied upon.
He checks his wife's car, finds a GPS, and now is panicking that he's being listened to by somebody.
He checks his wife's car, finds a GPS, and now is panicking that he's being listened to by somebody.
Exactly. Maybe it is.
I mean, we have proved that, you know, if they're using a secure phone, that that's not going to be helpful.
Right. Several times on this show, I think, over the years.
Yeah.
So he thinks, "Could my phone be tapped?" And he calls his friend Camilla, and Camilla says, "Don't worry.
I know someone who can find out if you're being tapped or not by the police. I've got a friend at the court," she says.
"He does me lots of favors." This woman is 27-year-old Camilla Marlinera.
She is a trainee lawyer, and she has allegedly— allegedly, I better say that because she's a trainee lawyer— she's allegedly been finding out who the police are snooping upon in Rome.
Now, Italy— you may not know this, I didn't know this until I did some investigations— Italy is apparently the most wiretapped country in Europe.
I know someone who can find out if you're being tapped or not by the police. I've got a friend at the court," she says.
"He does me lots of favors." This woman is 27-year-old Camilla Marlinera.
She is a trainee lawyer, and she has allegedly— allegedly, I better say that because she's a trainee lawyer— she's allegedly been finding out who the police are snooping upon in Rome.
Now, Italy— you may not know this, I didn't know this until I did some investigations— Italy is apparently the most wiretapped country in Europe.
According to whom?
Really?
According to Italian politicians. Some say it is more.
Then it's definitely one side, one party says.
They're very reliable, very trustworthy, Italian politicians. Some say it's more wiretapped than anywhere else in the world. They love tapping phones.
In fact, €200 million every year is spent on bugging the phones of hundreds of thousands of mafia mobsters, drug dealers, fraudsters, ice cream salesmen, plumbers wearing dungarees, the whole caboodle of Italian people.
In fact, €200 million every year is spent on bugging the phones of hundreds of thousands of mafia mobsters, drug dealers, fraudsters, ice cream salesmen, plumbers wearing dungarees, the whole caboodle of Italian people.
It's kind of weird.
And probably some poor innocent people.
Yeah, right, just scooped up in the net. But I'm just surprised there's so many gangsters living there because of tax codes in Italy. Yeah, why wouldn't they go somewhere—
Have you not heard of the mafia? Have you not?
I have heard of the mafia.
There is a criminal contingent. It's not just half a dozen.
I've seen the movies, right?
I mean, I've never— is that actually true or is it just the movies? I really don't know.
I listen to podcasts, actually. Apparently it is true.
Let's stress to all of our lovely Italian listeners, we know there's lots of people in Italy who aren't criminals, but there is obviously a criminal issue as well, to some extent.
And some of them are making a lot of money through things like drugs and human trafficking and all sorts of nastiness.
And sometimes people who aren't criminals are getting tapped as well. So for instance, journalists have had their conversations tapped.
There have been journalists who were reporting on immigration and the handling of immigrants. They were being—
And some of them are making a lot of money through things like drugs and human trafficking and all sorts of nastiness.
And sometimes people who aren't criminals are getting tapped as well. So for instance, journalists have had their conversations tapped.
There have been journalists who were reporting on immigration and the handling of immigrants. They were being—
Yeah, this has happened in the UK as well. Right?
Yes.
Yes.
It's not the only country where this has happened. It's just you're saying it's the most—
Or shockingly, it might be happening in the US. Oh my God.
Dun dun dun.
Oh, as if. As if.
Well, according to Italian prosecutors, it's the only way they can penetrate the mafia and listen to corrupt deals being struck by white-collar crooks, financial fraud, all these sort of things.
And so what they do is they ring up the phone company and say, hey, you know, it's the police here.
'Can we monitor this call?' And they say, 'Of course, no problem.' But when the criminals use an end-to-end encrypted messaging app like Signal to communicate, or as you mentioned, Dinah, one of these many secure messaging apps created by the police—
Well, according to Italian prosecutors, it's the only way they can penetrate the mafia and listen to corrupt deals being struck by white-collar crooks, financial fraud, all these sort of things.
And so what they do is they ring up the phone company and say, hey, you know, it's the police here.
'Can we monitor this call?' And they say, 'Of course, no problem.' But when the criminals use an end-to-end encrypted messaging app like Signal to communicate, or as you mentioned, Dinah, one of these many secure messaging apps created by the police—
Exactly.
—in order to spy on crooks. Yeah.
Well, in those cases, the police may have to infect the mobile phone with spyware to listen in instead.
Now, what might surprise you is normally right-wing political parties are very keen to clamp down on crime, aren't they?
They say, we're tough on crime, we're tough on the causes of crime, we're going to lock people up and throw away the key.
They say, we're tough on crime, we're tough on the causes of crime, we're going to lock people up and throw away the key.
OK, who says that?
Typically right-wing— everyone. Everyone who wants to get elected says, we're going to give criminals a hard time.
OK, right. Yeah. So yeah, politics 101. OK, yeah.
But in Italy, right-wing politicians hate wiretapping.
Some right-wing politicians.
Because probably they're involved with the mafia.
Yeah, well, that's one theory. Allegedly, allegedly. Yes, careful, Dinah, say, throw some allegedlys in. That could be a reason.
Well, the reason that many people think is because they are furious that left-wing newspapers keep publishing juicy stories based on wiretaps.
So the police hear all these things being said by right-wing politicians, they tip off the newspapers, who then go and print it in their tabloid newspapers, all the juicy stuff.
Do you remember Silvio Berlusconi, former prime minister of Italy?
Well, the reason that many people think is because they are furious that left-wing newspapers keep publishing juicy stories based on wiretaps.
So the police hear all these things being said by right-wing politicians, they tip off the newspapers, who then go and print it in their tabloid newspapers, all the juicy stuff.
Do you remember Silvio Berlusconi, former prime minister of Italy?
Yes. How could we forget, Graham?
Come on. He was a proto-Trump, wasn't he? He got into trouble because he used to have parties which were called bunga bunga parties with showgirls.
This is according to the English tabloids, of course, you're getting this information.
And Italian tabloids. I didn't know you read Italian.
Based on your accent, I assumed not, but you know.
15 years ago, Berlusconi was being investigated. Yeah.
And police heard him saying, amongst other things, that he didn't want to hog the attention of all the female guests at a party that he was planning, because he said the 'fuck' must go around.
I'll bleep out that word.
And in 2014, the BBC's Jeremy Paxman in an interview with Berlusconi, asked him to confirm reports that he had been secretly recorded on a wiretap calling Angela Merkel, who was then German Chancellor— oh yes— an unfuckable lard-ass.
Oh my God, yes. Let's listen to that right now. Do you have a particular problem with Angela Merkel? Is it true you called her an unfuckable lard-ass?
No, I have never had any problems with Angela Merkel.
And police heard him saying, amongst other things, that he didn't want to hog the attention of all the female guests at a party that he was planning, because he said the 'fuck' must go around.
I'll bleep out that word.
And in 2014, the BBC's Jeremy Paxman in an interview with Berlusconi, asked him to confirm reports that he had been secretly recorded on a wiretap calling Angela Merkel, who was then German Chancellor— oh yes— an unfuckable lard-ass.
Oh my God, yes. Let's listen to that right now. Do you have a particular problem with Angela Merkel? Is it true you called her an unfuckable lard-ass?
No, I have never had any problems with Angela Merkel.
Because that's important. Yes. That, you know, your fuckability is so important as to, you know, what kind of leader you could be. It's incredibly important.
Yeah.
How many Italian people must have just put— just shaken their heads and just gone, oh my God. It's just so embarrassing.
So embarrassing. So many would tougher anti-wiretapping legislation to come into force. If only to keep themselves out of the headlines.
Okay, yeah.
But here is this woman. Remember this woman, Camilla Marañonera, right? Who allegedly was offering to find out if a suspected drug trafficker's phone was tapped. And guess what?
His phone was tapped. Which means that the police heard her, allegedly, offering to find out if his phone was tapped.
His phone was tapped. Which means that the police heard her, allegedly, offering to find out if his phone was tapped.
What? Seriously? She's just incriminated herself. Yes.
And so the police, when they heard her alleged claim that she could find the person in the court that she'd just have to pay €300 to, to find out if the tapping was occurring or not, the police then thought, right, we're gonna have to find out who in the court is helping this woman allegedly find out who's being tapped and who isn't.
Okay, but if you're the person trying to find out if other people are tapped, why would you have any conversations on the phone.
Do they not watch the movies? We know that you go for a walk near a waterfall, right?
She did try. Yes, yes, you could do that. Yes. We know this. She did put the Hoover on. Exactly. She did go to the effort of using an encrypted messaging app.
So she was using the Signal app. She was making a voice call via Signal.
So she was using the Signal app. She was making a voice call via Signal.
I use Signal. Yeah, I use Signal too.
Yeah, right. So we all use Signal. I didn't—
I'm not confirming or denying anything like that. I'm not complaining about that.
No comment, Your Honour. No comment.
Yeah, that's my voice as well. He's so good at accents, eh?
Anyway, what she didn't realise was that just using Signal, even though Signal isn't one of those apps written by the police, as far as we know, the police had installed a Trojan app on her phone and could monitor— they managed to do that and could monitor her communications.
So they must have known something before that then.
Oh no, I'm sorry. I've misled you. My research was failing. So they had the guy tapped. They had the alleged drug dealer tapped. Then they saw that he was having a call with her.
And then they put spyware on her phone to see who else she was speaking to, because allegedly she was using Signal.
And then they put spyware on her phone to see who else she was speaking to, because allegedly she was using Signal.
Sounds like a fun place to live, eh?
Well, exactly. So, she was heard, allegedly, on this call saying she'd make contact amongst the people who have the headphones on.
So, she was gonna speak to the wiretappers to find out if they were wiretapping this other guy. Meanwhile, not realising the wiretappers were listening to her.
Hopefully different wiretappers.
So, she was gonna speak to the wiretappers to find out if they were wiretapping this other guy. Meanwhile, not realising the wiretappers were listening to her.
Hopefully different wiretappers.
Inception of the wiretapping.
You should have called this a Bungle Bungle Party Part 2.
So she has been, allegedly, she's refused to name her sources inside the court. She apparently has told accomplices that she's been very careful.
So she only meets her contact, she only makes contact with him when she's got a list of people that she wants to check, not just one by one.
And they phone each other up, they let it ring a number of times, then they hang up, and this means, "I'm ready to receive, you know, your message or your list or whatever." So there's all kinds of cloak-and-dagger stuff going around.
Any horses' heads? No horses' heads as far as I know.
So she only meets her contact, she only makes contact with him when she's got a list of people that she wants to check, not just one by one.
And they phone each other up, they let it ring a number of times, then they hang up, and this means, "I'm ready to receive, you know, your message or your list or whatever." So there's all kinds of cloak-and-dagger stuff going around.
Any horses' heads? No horses' heads as far as I know.
What? It's from The Godfather. Oh, right.
Yeah, yeah, yeah, yeah, yeah.
Okay. So— Camilla Marinera. She's now under arrest. She denies all wrongdoing, whose father just happens to be a convicted drug dealer. That's maybe how she became a lawyer.
Oh my God.
Dinah, what have you got for us this week?
Yeah, so I wanted to talk about the value of biometric data. So Graham, Carole, how many kinds of biometric data are you currently using in your daily life?
Can you define it for me just so I make sure I don't look dumb later?
Fingerprint, iris scan, face scan, that kind of stuff.
I think the only one I'm doing is fingerprints on my phone. So I don't have Face ID turned on. I don't bank with anyone who asks to hear my voice.
So yeah, finger and thumbprint, I suppose.
So yeah, finger and thumbprint, I suppose.
I don't even use that. I have actually a password.
So I have fingerprint for my phone and my laptop and my iPad, 'cause I guess I'm lazy. And then I also have a Nexus card.
And so if you don't know what that is, it's basically a program between Canada and the US that lets me go in and out of the US much more easily.
And so if you don't know what that is, it's basically a program between Canada and the US that lets me go in and out of the US much more easily.
It's the aisle in the airport that you watch them go to, ding, ding, ding, and you're, no, no, I hate you.
Yes. And especially since I live close to Toronto Pearson, and that place is a horror show, it is very important to have the Nexus card.
Yep. I can imagine.
You get through everything, but it's a very difficult airport. Yeah, they have my facial fingerprint and retinal data. And in the past, I have also used my voice.
I don't think it was for banking though. I think it was for Aeroplan points, which if you don't know what that is, it's just flying points with Air Canada.
So two weeks ago or something, I heard you guys talking with Dave Bittner and you were talking about the AI-generated voices with a company called ElevenLabs, right?
And it lets you make replicas of people's voices and you know, Dave played an example and it was really good.
I don't think it was for banking though. I think it was for Aeroplan points, which if you don't know what that is, it's just flying points with Air Canada.
So two weeks ago or something, I heard you guys talking with Dave Bittner and you were talking about the AI-generated voices with a company called ElevenLabs, right?
And it lets you make replicas of people's voices and you know, Dave played an example and it was really good.
I thought it was amazing 'cause it really did sound like Dave, didn't it? I mean, you could tell it was him.
It did. It really did. So that was interesting.
And then I came across an article by Joseph Cox and he decided to see if he could break into his own bank account via the telephone system using ElevenLabs.
So long story short, he totally did it. But so he put a whole bunch of samples of his voice into ElevenLabs.
Then he called the bank and only using files and audio clips from ElevenLabs, he was able to log in.
And then I came across an article by Joseph Cox and he decided to see if he could break into his own bank account via the telephone system using ElevenLabs.
So long story short, he totally did it. But so he put a whole bunch of samples of his voice into ElevenLabs.
Then he called the bank and only using files and audio clips from ElevenLabs, he was able to log in.
Welcome to Lloyds Bank.
So we can get you to the right place in your own words, please say the reason for your call.
Check my balance. Okay, please say or key in your date of birth. Please say, my voice is my password.
My voice is my password.
Thank you. He was able to check his balance, list all of his recent transactions and transfers, and I mean, who knows what else he could get up to, right?
Do you continue banking with a bank after you've done that? Because that must piss them off that someone, a journo, does this and then writes about it.
I wonder if you clean out your account before you publish, just in case.
I wonder if you clean out your account before you publish, just in case.
I don't know. I mean, I feel I would. I think I would too.
I bet he did.
Yeah. So that made me think about okay, but what should we be using biometric data for? And when is it okay? And the thing is I can't change my fingerprint, right?
If somebody's got it, it's gone. It's gone for life.
And you know, I've seen it happen 'cause when I worked at BlackBerry, we were putting fingerprint scanners into these smart card readers we were building for the government.
And we would try and practice to see how many times we could get a gummy bear to lift a fingerprint and then use it. 'Cause we thought I mean, is this a real attack vector or not?
I mean, things have gotten a little bit better, but still, it's not good. The security of just a fingerprint alone is not strong.
If somebody's got it, it's gone. It's gone for life.
And you know, I've seen it happen 'cause when I worked at BlackBerry, we were putting fingerprint scanners into these smart card readers we were building for the government.
And we would try and practice to see how many times we could get a gummy bear to lift a fingerprint and then use it. 'Cause we thought I mean, is this a real attack vector or not?
I mean, things have gotten a little bit better, but still, it's not good. The security of just a fingerprint alone is not strong.
Right? Yeah, that's so scary. And so many people are in prison based on that. You know, I'm just saying, forensically.
Right. And so I thought, okay, well, I use it. I do use it all the time.
My daughter even can access my phone because I put one of her fingerprints in it so she can change the music while we're driving. Okay, well, why is that okay or not okay?
You know, somebody close to me could easily get into my phone, right? If I had Face ID or fingerprint while I'm sleeping, no problem.
My daughter even can access my phone because I put one of her fingerprints in it so she can change the music while we're driving. Okay, well, why is that okay or not okay?
You know, somebody close to me could easily get into my phone, right? If I had Face ID or fingerprint while I'm sleeping, no problem.
They can get in. You have the phone in front of them and then you scare them so their eyes open and then you catch it. That's what you gotta do.
Or if you're drunk as a skunk and, you know, careering around your living room. Yeah, they could do, yeah.
But presumably I trust these people anyway, right? They are my family. So I trust them anyway.
You're lucky. No, I'm kidding. I was kidding. My husband's gorgeous. I'm just kidding.
I'm just kidding. But what happens if you leave your phone on a plane? Which, by the way, I did this year, which is a horror show.
You don't ever want to experience 16 days without a telephone.
You don't ever want to experience 16 days without a telephone.
Forget Snakes on a Plane. But yeah, forgetting your phone on a plane is even worse.
Yeah, in New Zealand. In New Zealand on your way home. Oh, yeah. I got it back. I got it back. And I wiped everything remotely. Yeah. So I was okay.
I wasn't worried someone was getting in with my fingerprint ID. Right. So if I randomly leave it someplace, I'm not worried about that.
And it's more likely they would try to, you know, brute force the password on it or whatever. Yeah. So I feel that okay, convenience is possibly a good use of it.
It makes it super easy for me to get in. There's always this balance of cybersecurity and usability.
We all know that the best thing would be this amazing 12 to 18-digit password that no one else knows. But that's not very convenient to put into your phone all the time.
I wasn't worried someone was getting in with my fingerprint ID. Right. So if I randomly leave it someplace, I'm not worried about that.
And it's more likely they would try to, you know, brute force the password on it or whatever. Yeah. So I feel that okay, convenience is possibly a good use of it.
It makes it super easy for me to get in. There's always this balance of cybersecurity and usability.
We all know that the best thing would be this amazing 12 to 18-digit password that no one else knows. But that's not very convenient to put into your phone all the time.
So, no, it's irritating actually. I can tell you from my own.
Yeah.
Oh yeah. Carole, if it's irritating, I've got a great suggestion for you. You could just have 12 letters A or something, or, you know, you don't have to have a complicated password.
Yeah. Just have a really easy one.
Yeah. Just have a really easy one.
And then I was thinking, okay, what about my Face ID for country entry? Right. That seems maybe it should be more serious, right? What happens then?
But then I'm thinking, okay, well I have to walk up to these booths, right, that scan my face. I put my passport in and so I need to be there in person.
So unless you're gonna go all Mission Impossible, you 3D print somebody's face, put the mask on, and then use my passport, I think it's okay.
But then I'm thinking, okay, well I have to walk up to these booths, right, that scan my face. I put my passport in and so I need to be there in person.
So unless you're gonna go all Mission Impossible, you 3D print somebody's face, put the mask on, and then use my passport, I think it's okay.
I thought when you said Mission Impossible that you would actually use some wires to go above that whole fiasco and just fly over the border control.
Remember, they're always peeling off a face. That's true. I was peeling off the face. So I think for some things biometric data is perfectly fine.
I think getting into your bank account, things for that are online only, I think maybe no. The voice, I think it's a total no now.
Maybe only as a two-factor, but I wouldn't—I would totally not be cool if my bank account—
I think getting into your bank account, things for that are online only, I think maybe no. The voice, I think it's a total no now.
Maybe only as a two-factor, but I wouldn't—I would totally not be cool if my bank account—
What if they made you do a funny accent for the voice when you log into your bank accounts.
I don't think that matters, does it?
So—yeah, your Italian accent. That would be really good. Exactly, exactly.
If they've only got samples of your regular accent, and they don't know what you sound like if you're pretending to be French, for instance, Dinah, then I'm just thinking the bank could record that.
And I'm similarly thinking with facial recognition. If they asked you to gurn, pull a particularly ugly face.
So again, if your real face is something which is shared with the public, you're not normally gurning or doing some really ugly thing.
I can picture people doing that as they try and get through passport control. Just a thought. Just a thought. These are just ideas. I'm just sharing them with the world.
And I'm similarly thinking with facial recognition. If they asked you to gurn, pull a particularly ugly face.
So again, if your real face is something which is shared with the public, you're not normally gurning or doing some really ugly thing.
I can picture people doing that as they try and get through passport control. Just a thought. Just a thought. These are just ideas. I'm just sharing them with the world.
I don't think it actually works that way.
It does not? Carole, what have you got for us this week?
Before I start, do either of you TikTok? No. Okay, you laugh. You laugh, okay?
I'm thoroughly addicted to Instagram, and I know that if I went into the TikTok world, I would not escape it.
So yeah, I loaded it once on my phone and realized how addictive it was, and I'm like, nope, this can't be on my phone.
So yeah, I loaded it once on my phone and realized how addictive it was, and I'm like, nope, this can't be on my phone.
Yeah, I don't think anyone wants to see me dancing, so I'm not going to become a TikToker.
Yeah, but not even a TikToker, but someone who also just hoovers all that stuff up, one of these talker stalkers.
Realistically, I am still seeing all the TikTok content on Instagram, so I guess republished, I see.
Yeah, well, the thing is, I would call it an internet sensation, right? But it's starting to worry governments and institutions.
And we're going to endeavor to try and answer the hot question, what they are worried about. What are you guys worrying about?
And we're going to endeavor to try and answer the hot question, what they are worried about. What are you guys worrying about?
Are they worried that it's run by a Chinese company?
I would be. China seems to come up a lot, doesn't it, as a complaint about it?
Yes, because it started off as Musical.ly, right? And it was a platform to share lip-syncing services in 2014.
But 4 years later, Chinese firm ByteDance acquired Musical.ly and renamed it to TikTok. And it became more than just a platform to lip sync, right?
It's now called a short-form video hosting service, and it's used by millions.
But 4 years later, Chinese firm ByteDance acquired Musical.ly and renamed it to TikTok. And it became more than just a platform to lip sync, right?
It's now called a short-form video hosting service, and it's used by millions.
My niece is an athlete, and she competes at hurdles and she's very good. And she told me she put up a video on TikTok the other day and it had half a million views.
It's unbelievable.
It's unbelievable.
That's a lot. Wow. So it is extraordinary.
Now it may be that they repeat themselves all the time and maybe she left it on all night. So it was just playing. I don't, but still, I mean, she got to half a million.
Wow. Yeah, that's amazing maths there.
I think that'd be a bit hard to manufacture, but okay. All the bots, all the bots.
All the bots in the whole world. Well, you know, according to Cloudflare back in 2021, it was actually, it made it to number one position ahead of Google too. Can you believe that?
Yeah, I mean, we were all really bored in the pandemic, so I think there was a serious amount of TikToking happening, right?
And it's gone back down, so it's now below the other main socials— the Instas, the Twitters, the Facebooks, right?
As a non-TikToker, I was okay, well, let me just see what's hot right now. What's going on in the TikTok world?
And so I saw one news piece about a TikToker who quits every job she's ever had over the most minor inconveniences. This is what her channel focuses on, apparently.
Quote, I started doing this thing where I could clock in and I would sit in the break room for 10 hours every single day. And I did this for a month until I got caught.
And then they wanted me to explain myself. So I just quit. So, you know, this is intense.
As a non-TikToker, I was okay, well, let me just see what's hot right now. What's going on in the TikTok world?
And so I saw one news piece about a TikToker who quits every job she's ever had over the most minor inconveniences. This is what her channel focuses on, apparently.
Quote, I started doing this thing where I could clock in and I would sit in the break room for 10 hours every single day. And I did this for a month until I got caught.
And then they wanted me to explain myself. So I just quit. So, you know, this is intense.
It's a high quality kind of person there, you know, right.
And the other one was this UK TikTok star radio presenter attempted to do the world's highest pancake flip. And in the article I saw, it didn't even explain if he managed it or not.
He went up the I360 in Brighton and then flipped a pancake while up sailing down the viewing tower. So, you know, I'm just thinking really important stuff, right?
He went up the I360 in Brighton and then flipped a pancake while up sailing down the viewing tower. So, you know, I'm just thinking really important stuff, right?
Yeah, I'm pretty sure TikTok's just full of all of that because my Instagram feed is full of all that stuff too, right?
So why the heck are some high-powered folks not happy? Because this week the European Commission announced its ban of TikTok from government-issued devices.
So more than 35,000 workers to remove TikTok from official handsets as well as personal phones with access to EU Council services.
And it cites, as you predicted, growing concerns about the Chinese-owned video sharing app.
So more than 35,000 workers to remove TikTok from official handsets as well as personal phones with access to EU Council services.
And it cites, as you predicted, growing concerns about the Chinese-owned video sharing app.
Well, think about this though. Think about this. What permissions does TikTok need for you to be able to post TikToks, right? It needs microphone, it needs video.
It probably needs access to storage folders to pick up videos you've already played. And you're not a savvy person and say only while in this app.
And even then, what else are they doing? They've got the permissions. They can be going through the rest of your document folders.
So I think it's not necessarily what the app can do or what it's supposed to do, but what it can do clandestine, behind the scenes. Totally, 100%.
It probably needs access to storage folders to pick up videos you've already played. And you're not a savvy person and say only while in this app.
And even then, what else are they doing? They've got the permissions. They can be going through the rest of your document folders.
So I think it's not necessarily what the app can do or what it's supposed to do, but what it can do clandestine, behind the scenes. Totally, 100%.
And the EU Commission agrees with you, I think.
So they say that workers are required to remove the app at their earliest convenience, quote unquote, as long as that's before March 15th, at which point devices with the app installed will be considered non-compliant within the corporate environment.
So they say that workers are required to remove the app at their earliest convenience, quote unquote, as long as that's before March 15th, at which point devices with the app installed will be considered non-compliant within the corporate environment.
And blown up, exploded, destroyed.
Well, if they miss this 2.5-week deadline, the Commission's email and Skype for Business will be bricked, apparently. No, they're not playing around.
So do none of these devices have MDM on them?
I don't know. Yeah, to do it remotely.
Yeah. See, I wonder if it's in some environments it's your personal phone but it has more capabilities. So there, that's the one.
So if it's the work phone, if it's a device provided you by work and you then install TikTok on it, yeah, that's easy. They can say, and they say take it off.
That's kind of, you can understand that.
But if it's your own personal phone that they've asked you to bring into the office and access certain device, you know, through certain apps, it's a different kettle of fish.
So if it's the work phone, if it's a device provided you by work and you then install TikTok on it, yeah, that's easy. They can say, and they say take it off.
That's kind of, you can understand that.
But if it's your own personal phone that they've asked you to bring into the office and access certain device, you know, through certain apps, it's a different kettle of fish.
Can they legally do that? Can they legally tell you what can be on your own personal phone?
Because I know that's come up a lot at different places that I've worked, right, where you bring your own phone and then you basically— they have a management tool that allows you to work apps onto your phone and then nothing from your phone can talk to those work apps, right?
They were always very clear to say, we cannot see anything on your phone, we cannot delete anything on your phone that's not inside the work app part.
Because I know that's come up a lot at different places that I've worked, right, where you bring your own phone and then you basically— they have a management tool that allows you to work apps onto your phone and then nothing from your phone can talk to those work apps, right?
They were always very clear to say, we cannot see anything on your phone, we cannot delete anything on your phone that's not inside the work app part.
So that's until bossware came along.
Well, I mean, that's what they were saying because they probably presumably want to at least appear to be good companies and be good companies, right? So that's interesting.
Can they force you to do stuff with your own personal items?
I mean, they can just go all NSA and CSE on you and make you leave your phone at the door and not allow you to take any personal device into the office at all.
Can they force you to do stuff with your own personal items?
I mean, they can just go all NSA and CSE on you and make you leave your phone at the door and not allow you to take any personal device into the office at all.
And that's true. And the EU Commission is not the first governmental organization to do this. The FCC last year called on Apple and Google to remove TikTok from the app stores.
Do you remember?
Do you remember?
Yeah. I do remember that.
Yeah, over its pattern of surreptitious data practices following a report which revealed that ByteDance officials in Beijing had repeatedly accessed TikTok sensitive data that it had collected on US citizens.
I suspect these balloons that have been floating around are probably getting people even more nervous about it. The Wi-Fi beeps.
I suspect these balloons that have been floating around are probably getting people even more nervous about it. The Wi-Fi beeps.
Are they just to help the TikTok service? Is that what they are? They connect to TikTok?
I thought the balloons controlled by TikTokers who were taking drone footage of themselves flipping pancakes while they abseiled down buildings.
The thing is though, TikTok is trying its darndest to avoid this type of situation because a few days ago they announced two more data centers will be placed in Europe to really underline the fact that European data put on TikTok will stay in Europe.
But they may have been too late because also in the news this week is Canada, Dinah, you're in my homeland.
Yeah, because soon after the EU Commission's announcement, Canada's privacy protection regulators launched an investigation into TikTok over its collection of user data.
So, and they initiated it in the wake of now settled class action lawsuits in the United States and Canada, as well as numerous media reports related to TikTok's collection, use, and disclosure of personal information.
So they're basically saying we have total right to do this based on the evidence we have collected so far.
But they may have been too late because also in the news this week is Canada, Dinah, you're in my homeland.
Yeah, because soon after the EU Commission's announcement, Canada's privacy protection regulators launched an investigation into TikTok over its collection of user data.
So, and they initiated it in the wake of now settled class action lawsuits in the United States and Canada, as well as numerous media reports related to TikTok's collection, use, and disclosure of personal information.
So they're basically saying we have total right to do this based on the evidence we have collected so far.
Okay, but here's another question.
Go.
How is this any different from what Facebook or Google or Apple—
Not owned by ByteDance, not owned by ByteDance, not owned by ByteDance.
Yeah, I think it's just, it's not a Chinese company. Is that— is it? So it's okay as long as it's not a Chinese company? Oh God, we live in a weird world.
I hear you. But if we come back to what we were saying before, right, it does collect a lot of information. Those other apps do it too, right?
Microphones, phone access, all that stuff. But weirdly, and it's just interesting to watch right now, so politically, that BBC report that the UK is not yet following suit.
So UK Prime Minister Rishi Sunak is resisting calls to ban government officials from using TikTok amid renewed concerns from some conservative MPs.
So Alicia Kearns, she's the Common Foreign Affairs Committee chairwoman. She's leading the call for the UK government to follow the European Commission.
So it's hot waters right now for TikTok, right? Yeah. The thing is, what are they worried about?
The other question, I guess, because I asked you at the beginning, if you had TikTok, if you were TikTokers, what adults in very important jobs in government actually have TikTok on their phone?
Oh, probably lots actually.
Microphones, phone access, all that stuff. But weirdly, and it's just interesting to watch right now, so politically, that BBC report that the UK is not yet following suit.
So UK Prime Minister Rishi Sunak is resisting calls to ban government officials from using TikTok amid renewed concerns from some conservative MPs.
So Alicia Kearns, she's the Common Foreign Affairs Committee chairwoman. She's leading the call for the UK government to follow the European Commission.
So it's hot waters right now for TikTok, right? Yeah. The thing is, what are they worried about?
The other question, I guess, because I asked you at the beginning, if you had TikTok, if you were TikTokers, what adults in very important jobs in government actually have TikTok on their phone?
Oh, probably lots actually.
I think you'd be surprised, Carole.
Yeah, I think so.
I mean, you asked some security-conscious people, right, about it, and I knew about the China thing, so I haven't loaded it as well as I think it will be too addictive for me.
But I'm also— but so we are not— I don't think we're the target audience here.
I mean, you asked some security-conscious people, right, about it, and I knew about the China thing, so I haven't loaded it as well as I think it will be too addictive for me.
But I'm also— but so we are not— I don't think we're the target audience here.
I know, but you could just imagine you're walking down the halls of power and you're seeing people reading memos on their phone.
No, no, they're just giggling cats bouncing on trampolines in time to Bonnie Tyler or something.
No, no, they're just giggling cats bouncing on trampolines in time to Bonnie Tyler or something.
Hang on, I'm joining TikTok if they've got stuff like that on it.
That sounds great. No wonder we're freaking doomed, guys.
Our sponsor Collide has some big news. If you're an Okta user, then you can get your entire fleet to 100% compliance. How?
If a device isn't compliant, the user can't log into your cloud apps until they fix the problem. It's that simple.
Collide patches one of the major holes in zero-trust architecture: device compliance.
Without Collide, IT struggles to solve basic problems like keeping everyone's OS and browser up to date.
Insecure devices are logging into your company's apps, but there's nothing there to stop them.
Collide is the only device trust solution that enforces compliance as part of authentication, and it's built to work seamlessly with Okta.
The moment Collide's agents detect a problem, it alerts the user and gives them instructions to fix it. If they don't fix the problem within a set time, they're blocked.
Collide's method means fewer support tickets, less frustration, and most importantly, 100% fleet compliance. Want to learn more? Of course you do. Visit collide.com/smashing.
That's collide.com/smashing. And thanks to Collide for sponsoring the show.
If a device isn't compliant, the user can't log into your cloud apps until they fix the problem. It's that simple.
Collide patches one of the major holes in zero-trust architecture: device compliance.
Without Collide, IT struggles to solve basic problems like keeping everyone's OS and browser up to date.
Insecure devices are logging into your company's apps, but there's nothing there to stop them.
Collide is the only device trust solution that enforces compliance as part of authentication, and it's built to work seamlessly with Okta.
The moment Collide's agents detect a problem, it alerts the user and gives them instructions to fix it. If they don't fix the problem within a set time, they're blocked.
Collide's method means fewer support tickets, less frustration, and most importantly, 100% fleet compliance. Want to learn more? Of course you do. Visit collide.com/smashing.
That's collide.com/smashing. And thanks to Collide for sponsoring the show.
Our friends at Bitwarden have been busy this month adding some fab new features to their open-source password management solution.
Now, did you know that you can log into Bitwarden using a secondary device instead of your master password? Well, now you do!
Logging in with a device is a passwordless approach to authentication.
It removes the need to enter your master password by sending authentication requests to other devices you're currently logged into for approval.
With Login for Device, it can be initiated on the Web Vault, browser extension, desktop app, mobile app, and you can approve access on your mobile and desktop app version of Bitwarden.
Very, very cool. And the Bitwarden team has hardened the security of its vaults, protecting new vaults with 600,000 iterations by default.
And of course, existing accounts can also update themselves to the same level.
These and many other great security features are incorporated all the time into Bitwarden, keeping your passwords secure from hackers.
Learn more, try Bitwarden for yourself at bitwarden.com/smashing. That's bitwarden.com/smashing.
Now, did you know that you can log into Bitwarden using a secondary device instead of your master password? Well, now you do!
Logging in with a device is a passwordless approach to authentication.
It removes the need to enter your master password by sending authentication requests to other devices you're currently logged into for approval.
With Login for Device, it can be initiated on the Web Vault, browser extension, desktop app, mobile app, and you can approve access on your mobile and desktop app version of Bitwarden.
Very, very cool. And the Bitwarden team has hardened the security of its vaults, protecting new vaults with 600,000 iterations by default.
And of course, existing accounts can also update themselves to the same level.
These and many other great security features are incorporated all the time into Bitwarden, keeping your passwords secure from hackers.
Learn more, try Bitwarden for yourself at bitwarden.com/smashing. That's bitwarden.com/smashing.
When do you have insight into your compliance, security, and risk postures? If it's right before an audit, you're in the same boat as many other organizations.
With Drata, G2's highest-rated cloud compliance software, you'll have continuous monitoring and visibility into your risk security controls and audit readiness.
For standards like SOC 2, ISO 27001, GDPR, HIPAA, and more.
Plus, Drata can streamline compliance for over 14 frameworks and even automate the custom frameworks and controls you create to meet your organization's unique security needs.
With more than 75 native integrations and a risk management solution, you'll have a tool that will scale with you.
Professionals from companies like Notion, Lemonade, and BambooHR have shared how crucial it has been to have Drata as their trusted compliance partner.
Listeners, you can get 10% off Drata and waived implementation fees by visiting smashingsecurity.com/drata. That's D-R-A-T-A.
With Drata, G2's highest-rated cloud compliance software, you'll have continuous monitoring and visibility into your risk security controls and audit readiness.
For standards like SOC 2, ISO 27001, GDPR, HIPAA, and more.
Plus, Drata can streamline compliance for over 14 frameworks and even automate the custom frameworks and controls you create to meet your organization's unique security needs.
With more than 75 native integrations and a risk management solution, you'll have a tool that will scale with you.
Professionals from companies like Notion, Lemonade, and BambooHR have shared how crucial it has been to have Drata as their trusted compliance partner.
Listeners, you can get 10% off Drata and waived implementation fees by visiting smashingsecurity.com/drata. That's D-R-A-T-A.
And welcome back. Can you join us at our favorite part of the show? The part of the show that we call Pick of the Week.
Pick of the Week. Pick of the Week.
Pick of the Week is the part of the show where everyone chooses something they like.
Could be a funny story, a book that they read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. It doesn't have to be security related necessarily.
Could be a funny story, a book that they read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. It doesn't have to be security related necessarily.
Better not be.
Well, my Pick of the Week is not security related. Good. I want to cast my mind back to when I was a young man going to school in 1980. There I was, I was out of shorts.
I was thinking of the '30s there for some reason.
I know, but there I was in short trousers walking into school.
What I want to know is what kind of hairdo did you have in those nights?
I was probably a mullet.
Did you have the mullet?
I was very, very square. I was the only kid at school who had a briefcase.
Did you really? Cool.
I had a briefcase, yes, and a shoelace for a zipper as well. But that's for another show.
That's the best. Anyway, I remember that one of the pressing issues at the time in the very early 1980s was, of course, the threat of imminent nuclear war.
And there were sort of infomercials on the TV.
And there were sort of infomercials on the TV.
That just took a dark turn.
Yeah, no, comedy show, comedy show.
Well, that's what it was. That's what it was.
When I was about 11 or 12, there was lots of talk about that and painting your windows to stop the radiation blast, hiding under the table, that kind of thing.
And it was something we were quite worried about. This was sort of pre-Gorbachev, and it seemed to be quite a possibility.
When I was about 11 or 12, there was lots of talk about that and painting your windows to stop the radiation blast, hiding under the table, that kind of thing.
And it was something we were quite worried about. This was sort of pre-Gorbachev, and it seemed to be quite a possibility.
You listen to a lot of Sting?
No, things were never that bad, Carole. But in 1980, Tyne Tees Television in the UK, they put out a magazine show for teenagers called Check It Out.
You know, those sort of TV shows they put on for teenagers where they're all really hip and they're wearing multicoloured dungarees and things like that, being very friendly.
Hello, everybody. Hello. And today we're going to tell kids in the northeast of England the lowdown on nuclear war. And so you can watch this 20-minute programme.
This actually happened. This actually happened. You can watch this programme on YouTube. It's a delight from start to finish.
The entire glorious episode is up there and you will see them in all their multicolours being very upbeat.
As they explain how to use a chemical toilet and packing your baked beans and things which you can. And this was put out at sort of tea time for teenagers.
If there was a nuclear war, what horrors could we expect?
Well, imagine a 1-megaton bomb hitting Tyneside as a ground burst and the same size bomb on Teesside exploding as an air burst. What?
On Tyneside, everyone in a mile of the blast would be killed, and there would be heavy damage for up to 2.5-mile radius.
This pamphlet would be given to every household if war threatened, with hints on turning your home into a shelter. And this was put out at sort of tea time for teenagers.
And I was watching this thinking, wow, what a wonderful thing that we're not living in that era. Well, maybe we are actually. Maybe we are. We're just blind to it.
Maybe we should be worried about this. Do you like the screenshots I've included there?
Someone described it as like having a nuclear holocaust explained to you by Rod, Jane, and Freddie from rainbow.
You know, those sort of TV shows they put on for teenagers where they're all really hip and they're wearing multicoloured dungarees and things like that, being very friendly.
Hello, everybody. Hello. And today we're going to tell kids in the northeast of England the lowdown on nuclear war. And so you can watch this 20-minute programme.
This actually happened. This actually happened. You can watch this programme on YouTube. It's a delight from start to finish.
The entire glorious episode is up there and you will see them in all their multicolours being very upbeat.
As they explain how to use a chemical toilet and packing your baked beans and things which you can. And this was put out at sort of tea time for teenagers.
If there was a nuclear war, what horrors could we expect?
Well, imagine a 1-megaton bomb hitting Tyneside as a ground burst and the same size bomb on Teesside exploding as an air burst. What?
On Tyneside, everyone in a mile of the blast would be killed, and there would be heavy damage for up to 2.5-mile radius.
This pamphlet would be given to every household if war threatened, with hints on turning your home into a shelter. And this was put out at sort of tea time for teenagers.
And I was watching this thinking, wow, what a wonderful thing that we're not living in that era. Well, maybe we are actually. Maybe we are. We're just blind to it.
Maybe we should be worried about this. Do you like the screenshots I've included there?
Someone described it as like having a nuclear holocaust explained to you by Rod, Jane, and Freddie from rainbow.
I did. Oh my God, those are—
Oh my God, yes, yeah, yes, that's incredible. But look at that chemical toilet is made out of a garbage can.
Yeah, it's a cat litter chair where they've taken the—
They've taken the top of the chair off and they've got pink toilet paper beside it because apparently you need pink toilet paper, which is probably something you could get in the '80s because, you know, people like to coordinate their bathroom colors.
But it is a fascinating time capsule. And so that, and I'll link to it in the show notes, is my pick of the week. Check it out. The TV programme for teenagers in 1980. Wonderful. Dinah.
No words. What's your pick of the week?
No words. What's your pick of the week?
I have to follow that one up. And it's a more serious topic, but okay. So, I grew up in Winnipeg, Manitoba, which is in Canada.
Manitoba has the highest proportion of indigenous people of any province in Canada. So I definitely, I grew up amongst and around a lot of different indigenous people.
And there's an indigenous group of people that is really unique to what they call the Red River Valley, which is this area of Manitoba, Saskatchewan, North Dakota, and they're called the Métis Nation.
And yeah, the Métis Nation. And their experience is much different from that of the Inuit or First Nations groups.
They are descendants of First Nations women and a group of European men called les voyageurs.
Manitoba has the highest proportion of indigenous people of any province in Canada. So I definitely, I grew up amongst and around a lot of different indigenous people.
And there's an indigenous group of people that is really unique to what they call the Red River Valley, which is this area of Manitoba, Saskatchewan, North Dakota, and they're called the Métis Nation.
And yeah, the Métis Nation. And their experience is much different from that of the Inuit or First Nations groups.
They are descendants of First Nations women and a group of European men called les voyageurs.
Oh, and for our non-French speakers, it just means voyagers.
Yeah, the term voyageurs originally described all explorers that came, you know, to Canada for exploring, fur trade, all that kind of stuff. Trees. Yeah.
To freeze, to hopefully not die of scurvy.
Eventually they became, it centered on one specific group that were basically these groups of mostly French Canadians, very young in their early twenties and stuff.
And they would be in these big canoes of 20 people in a canoe.
And one of the things in—and basically I'm gonna recommend a book here, but in this book that I've been reading, I'm all over the place. It's all good.
But in this book, one super cool thing that they talk about is that they used to go and canoe and travel for 16 hours a day at a paddle rate of 60 paddles per minute.
To freeze, to hopefully not die of scurvy.
Eventually they became, it centered on one specific group that were basically these groups of mostly French Canadians, very young in their early twenties and stuff.
And they would be in these big canoes of 20 people in a canoe.
And one of the things in—and basically I'm gonna recommend a book here, but in this book that I've been reading, I'm all over the place. It's all good.
But in this book, one super cool thing that they talk about is that they used to go and canoe and travel for 16 hours a day at a paddle rate of 60 paddles per minute.
No crumbs.
For 16 to 20 hours, right? And the way they kept up this beat or whatever was they sang. And so they have this really rich history, right?
And it's often romanticized in places like Manitoba.
We have I have fond memories of the Festival du Bois-Jal as a kid and eating bannock, which is this awesome bread that the indigenous people make over a fire.
And of course maple syrup snow popsicles. If you don't know what that is, you basically pour maple syrup on snow.
And it's often romanticized in places like Manitoba.
We have I have fond memories of the Festival du Bois-Jal as a kid and eating bannock, which is this awesome bread that the indigenous people make over a fire.
And of course maple syrup snow popsicles. If you don't know what that is, you basically pour maple syrup on snow.
Yeah. Not yellow snow.
No, not yellow snow. We learned that very young.
But I also remember doing a report on Louis Riel in high school, and he's kind of this, I mean, in the end he's a martyr basically of the Métis Nation, but he was a very strong political person.
And they weren't treated very well. They weren't First Nations, so, you know, they didn't fit in there. They weren't Inuit, they weren't European, they didn't fit in there.
And the best way to describe how the British, French, and later definitely the Canadian is that they basically, it was a genocide. And it, you can't even describe it in any other.
So this book is written by Jean Teillet. I hope I said her name right. I don't know. But she is the great-grandniece of Louis Riel.
She is an indigenous rights lawyer and highly respected in Indigenous community, goes through and talks about it basically from early 1800s all the way to today and how this group of people was treated.
And I just think for any Canadian, it's almost a must.
But I also remember doing a report on Louis Riel in high school, and he's kind of this, I mean, in the end he's a martyr basically of the Métis Nation, but he was a very strong political person.
And they weren't treated very well. They weren't First Nations, so, you know, they didn't fit in there. They weren't Inuit, they weren't European, they didn't fit in there.
And the best way to describe how the British, French, and later definitely the Canadian is that they basically, it was a genocide. And it, you can't even describe it in any other.
So this book is written by Jean Teillet. I hope I said her name right. I don't know. But she is the great-grandniece of Louis Riel.
She is an indigenous rights lawyer and highly respected in Indigenous community, goes through and talks about it basically from early 1800s all the way to today and how this group of people was treated.
And I just think for any Canadian, it's almost a must.
Guilt trip.
No, I'm kidding. And it's just really interesting. So, the book is called—I never even said that—The Northwest Is Our So that's my pick of the week.
Hey, so it's "The Northwest Is Our Mother," and the author is? Jean Teillet.
I guess it's T-E-I-L-L-E-T. Cool. Fantastic. I've sorted out Carole's Christmas present.
As a Canadian, she should be listening to that. Yeah. Carole, what's your pick of the week?
Yeah, well, before I get into that, I'd just like to thank you both for teeing me up with, you know, nuclear holocaust and genocide. So thanks very much. We're very cheery today.
My pick of the week, listeners, is a new streaming series. It's basically for those people who like smart relationship dramas. It's called Fleishman Is in Trouble.
It's based on a book, right? I wish so much I had read the book before I'd watched the series.
The book, I just never got into my echo chamber, and then the series was there and I just ran to it. So, just setting the scene, Toby Fleishman is played by Jesse Eisenberg.
He's a recently divorced New Yorker in his 40s, and he starts using dating apps for the first time.
And while he finds lots and lots and lots of romantic success, surprisingly amount of romantic success, that he never achieved, you know, in his youth before that, his ex-wife Rachel, played by Claire Danes, disappears.
My pick of the week, listeners, is a new streaming series. It's basically for those people who like smart relationship dramas. It's called Fleishman Is in Trouble.
It's based on a book, right? I wish so much I had read the book before I'd watched the series.
The book, I just never got into my echo chamber, and then the series was there and I just ran to it. So, just setting the scene, Toby Fleishman is played by Jesse Eisenberg.
He's a recently divorced New Yorker in his 40s, and he starts using dating apps for the first time.
And while he finds lots and lots and lots of romantic success, surprisingly amount of romantic success, that he never achieved, you know, in his youth before that, his ex-wife Rachel, played by Claire Danes, disappears.
This took a turn I did not expect.
Okay, right, right. So, and I'm hoping that's not giving anything away, but I don't think it is. I think that happens fairly early in the show.
And but there's a lot of twists and turns in this, and you have to watch a man learn how to multitask more than he ever had to before because, you know, he's got the children, he works at a hospital, he has all these sexual partners, right?
In Manhattan. So, it's hard to balance and juggle all that. But, you know, he also is really wanting to find where his wife is. So, that's the story.
And the whole thing is narrated by Toby's uni friend. So, you're not ever sure whether she's reliable or not. You see what I'm saying?
And I think that's the secret sauce of the whole show. Because you watch it closely and you're "Ooh, that sounds interesting. That makes sense. But is she reading that?
Or does she know that?" So that's what I think keeps you going. Anyway, I thought it was great. Except for there's a lot of sex. So, oh, God. Or nude scenes.
A lot of, yeah, a lot of self-love. A lot of self-love. Oh my goodness. But the show is good. It has an unusual rhythm. It feels— it has nice honesty to it. So two thumbs up.
That's not a euphemism from me. Fleishman Is in Trouble streaming on FX and Hulu. And it's my pick of the week. Fantastic.
And but there's a lot of twists and turns in this, and you have to watch a man learn how to multitask more than he ever had to before because, you know, he's got the children, he works at a hospital, he has all these sexual partners, right?
In Manhattan. So, it's hard to balance and juggle all that. But, you know, he also is really wanting to find where his wife is. So, that's the story.
And the whole thing is narrated by Toby's uni friend. So, you're not ever sure whether she's reliable or not. You see what I'm saying?
And I think that's the secret sauce of the whole show. Because you watch it closely and you're "Ooh, that sounds interesting. That makes sense. But is she reading that?
Or does she know that?" So that's what I think keeps you going. Anyway, I thought it was great. Except for there's a lot of sex. So, oh, God. Or nude scenes.
A lot of, yeah, a lot of self-love. A lot of self-love. Oh my goodness. But the show is good. It has an unusual rhythm. It feels— it has nice honesty to it. So two thumbs up.
That's not a euphemism from me. Fleishman Is in Trouble streaming on FX and Hulu. And it's my pick of the week. Fantastic.
It's the guy from The Social Network, isn't it?
Yeah, The Social Network. Yeah. See, I don't find him at all attractive physically.
No? You wouldn't give him two thumbs up?
No. Not in that— I would kick him out of bed for eating crackers.
Anyway, that just about wraps up the show for this week. I think we should get out of here before we're arrested.
Dinah, I'm sure lots of our listeners would love to follow you online and find out what great stuff you're up to.
Dinah, I'm sure lots of our listeners would love to follow you online and find out what great stuff you're up to.
What's the best way for folks to do that?
LinkedIn, Dinah Davis, and also you can follow codelikeagirl.io, which is my online publication where there's lots of different women telling their stories in technology. Cool.
Super.
LinkedIn, Dinah Davis, and also you can follow codelikeagirl.io, which is my online publication where there's lots of different women telling their stories in technology. Cool.
Super.
And you can follow us on Twitter @SmashingSecurity. No G, Twitter @smashingsecurity. We also have a Mastodon account.
You can find it most easily by going to smashingsecurity.com/mastodon. And don't forget to ensure you never miss another episode.
Follow Smashing Security in your favorite podcast apps such as Apple Podcasts and Spotify.
You can find it most easily by going to smashingsecurity.com/mastodon. And don't forget to ensure you never miss another episode.
Follow Smashing Security in your favorite podcast apps such as Apple Podcasts and Spotify.
And huge, huge shout out to this episode's sponsors, Kolide, Bitwarden, Andrada, and of course to our wonderful Patreon community. It's thanks to them all that this show is free.
For episode show notes, sponsorship info, guest list, and the entire back catalog of more than 310 episodes, check out smashingsecurity.com.
For episode show notes, sponsorship info, guest list, and the entire back catalog of more than 310 episodes, check out smashingsecurity.com.
Until next time, cheerio. Bye-bye. Bye-bye.
Woo! Well done, Dinah. Thanks so much. Thank you, Dinah.
Yeah, no problem. Thanks for having me on. I really love it. It's so much fun. Oh, yay.
Well, now that we know that you're free and easy, we'll have loads of time. She's not working. She's free and easy.
She's still doing stuff, girl.
Sure.
She understands what I mean. I don't think she's worried. Yeah.
Hosts:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Carole Theriault:
Guest:
Dinah Davis – @dinah_davis
Episode links:
- Wiretapping Italian police tune in to hear their secrets being sold – The Times.
- Jeremy Paxman stuns Silvio Berlusconi with Angela Merkel insult allegation – The Guardian.
- Silvio Berlusconi interviewed by Jeremy Paxman on BBC Newsnight – YouTube.
- Protests grow in Italy over the wiretapping of journalists – Independent.
- How I Broke Into a Bank Account With an AI-Generated Voice – Vice.
- TikTok under investigation by Canadian privacy authorities – BBC.
- The UN’s cyber crime treaty could be a privacy disaster – IT Pro.
- TikToker outlines how she quit every job she’s had over the ‘most minor inconveniences’ Yahoo News.
- “Check It Out” episode about nuclear war from July 1980 – YouTube.
- The North-West Is Our Mother: The Story of Louis Riel’s People, the Métis Nation – GoodReads.
- Fleishman is in Trouble review – Jesse Eisenberg’s endlessly witty divorce drama is almost too good – The Guardian.
- Fleishman is in Trouble – Disney+
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:
- Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
- Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.
- Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Bluesky at @smashingsecurity.com, or on Mastodon, on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
