Google says it is deleting your Google Chrome Incognito private-browsing data that it should never have collected anyway. Can a zero-risk millionaire-making bot be trusted? And what countries are banned from buying your sensitive data?
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown’s Thom Langford.
Warning: This podcast may contain nuts, adult themes, and rude language.
0:00
0:00
0:00
0:00
Show full transcript ▼
This transcript was generated automatically, probably contains mistakes, and has not been manually verified.
Yeah, what's your advice on this, Graham? What's your advice?
Don't be so dumb.
Don't be so dumb.
Stop being so stupid.
Just stop a minute. Yeah.
Smashing Security, episode 366, Money-Making Bots and Incognito Isn't Private, with Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security episode 366.
My name's Graham Cluley.
My name's Graham Cluley.
And I'm Carole Theriault.
And this week we're joined by, well, he's a podcast tart really. He's always appearing on them, isn't he? It's Thom Langford from the Host Unknown podcast. Hello, Thom.
Hello, hello, hello. Good morning, good afternoon, good evening from wherever you are joining us.
I think you're joining us, aren't you?
Something like that. I just, as you probably noticed from the last show, I tend to just say that whenever I join a podcast, it seems to work so far.
Let's thank this week's wonderful sponsors, Kalyde, KiteWorks, and Vanta. It's their support that helps us give you this show for free.
Now coming up on today's show, Graham, what do you got?
Now coming up on today's show, Graham, what do you got?
Well, I'm going to be asking the big question, which is, is there really a zero-risk magic way to make a million dollars?
Hmm.
Okay.
And what about you, Thom?
Should be a short show because that's a no. Well, my story is, is there anything that isn't for sale nowadays?
And I'm going to be asking, whatever happened to do no evil? Hey Google. All this and much more coming up on this episode of Smashing Security.
Now, chums, chums, what if someone were to tell you, what if someone would come up to you and say, Hey, hey, hey. I could make you a millionaire. Just like that. Just like that.
In an instant. I can make you a millionaire. What would you think to that?
In an instant. I can make you a millionaire. What would you think to that?
Alright, go shoot.
Go.
Do it.
Yeah, crack on. No effort required.
Yeah.
This time next year, Rodney, we could be millionaires.
What if they told you that they were going to make a zero-risk, magic money-making bot that they guaranteed could turn investors into millionaires.
Just give them a bit of money, they will make this bot, and it will just churn out the money. Sounds too good to be true, doesn't it? Sounds slightly implausible.
Just give them a bit of money, they will make this bot, and it will just churn out the money. Sounds too good to be true, doesn't it? Sounds slightly implausible.
Well, it depends who's telling me, you know. If it's someone great like Elon Musk in a video that I might have seen on, you know, Twitter, or the, you know, I might believe it.
I don't know.
I don't know.
Yeah, but if they dropped a certain word into the conversation, then you would believe it's true. Because if they were to mention the word cryptocurrency, now I'm sure you trust it.
Now I'm sure you really think it's going to happen, don't you?
Now I'm sure you really think it's going to happen, don't you?
Well, I'm sold, you know, because my own history with crypto and bitcoin is, well, checkered at best. So yeah, absolutely.
Isn't bitcoin making a ton of money at the moment though? Isn't it on the up?
Oh yes, I sold my bitcoin about 3 weeks before it went from $7 to $42 a bitcoin or something like that. Anyway, it was— I was an idiot.
What an idiot. You don't know what the future is going to hold.
Well, all right.
I'm an impatient person then.
So what if I told you that the person behind this magic money-making scheme, his name is Robert Rob. Literally, his name is Rob Rob. Does that ring any alarm bells in your head?
That there's someone called Rob Rob? It's a bit like being called Robin Banks.
That there's someone called Rob Rob? It's a bit like being called Robin Banks.
Does he wear an eye mask and walk around in a stripy jumper?
Robbie Robbie Rob Rob.
And this chap, Robert Rob, has previously spent time in the clink for swindling millions from investors after he claimed that he had a fake gambling machine, which he was going to put into Las Vegas casinos.
And he managed to trick millions out of people for that. So he spent time in jail in the past. But you'd trust him, though, wouldn't you now?
Because now he's talking about cryptocurrency and a magic money-making scheme involving cryptocurrency. Well, Rob Rob has been arrested by the FBI.
And he managed to trick millions out of people for that. So he spent time in jail in the past. But you'd trust him, though, wouldn't you now?
Because now he's talking about cryptocurrency and a magic money-making scheme involving cryptocurrency. Well, Rob Rob has been arrested by the FBI.
No!
I know it's a shock, isn't it? Because he has allegedly been perpetrating a scheme that has netted so far over $1.5 million.
Because he said he was going to build— now, I'm going to try and avoid using too much technical language. There will inevitably be some things which zoom over your head, Thom.
Carole, you may be able to follow some of this. But so, okay, he wanted to build a magical thingamajig that traded crypto with guaranteed profits.
Because he said he was going to build— now, I'm going to try and avoid using too much technical language. There will inevitably be some things which zoom over your head, Thom.
Carole, you may be able to follow some of this. But so, okay, he wanted to build a magical thingamajig that traded crypto with guaranteed profits.
That was in his sales spiel, was it?
Is that a quote? Magical thingamajig?
It's maybe not a precise quote, but basically it's a magical thingamajig.
This bot, he claimed, could predict what cryptocurrency people were going to buy and sell before they did it, and even hijack transactions.
And in this way, his bot would actually make the purchases itself and make millions for those people who funded the scheme to create the bot.
So the bot is going to do all your investing for you, probably using AI, probably using the blockchain.
This bot, he claimed, could predict what cryptocurrency people were going to buy and sell before they did it, and even hijack transactions.
And in this way, his bot would actually make the purchases itself and make millions for those people who funded the scheme to create the bot.
So the bot is going to do all your investing for you, probably using AI, probably using the blockchain.
Exactly. I was just going to say he must have dropped the AI, AI, AI bit a bit.
You would, wouldn't you? The AI-O. Yes, exactly. So this chap, Robert Rob, he allegedly posted on Telegram.
He said, "Poof, you're a millionaire." And he targeted people who he said had spare hundreds of thousands of dollars lying around.
So people like you, Thom, top podcasters, CISOs, those sort of people, lots and lots of money lying around.
He said, "Poof, you're a millionaire." And he targeted people who he said had spare hundreds of thousands of dollars lying around.
So people like you, Thom, top podcasters, CISOs, those sort of people, lots and lots of money lying around.
Yeah, I typically carry that in my back pocket. You know, you never know.
You know, I use it to wipe my ass.
I thought this was a no-risk thing, therefore no money.
Oh, well, no, no, but just because you're putting money in, Thom, doesn't mean that there's any risk because you are guaranteed, you are guaranteed to have a huge return on your money according allegedly to Robert Rob.
So he said that investors could become millionaires through a combination of this bot investment into cryptocurrency.
The cryptocurrency was called RAT, R-A-T, and a cryptocurrency token called NoRugs.
So he said that investors could become millionaires through a combination of this bot investment into cryptocurrency.
The cryptocurrency was called RAT, R-A-T, and a cryptocurrency token called NoRugs.
NoRugs?
Yeah, so you might be wondering why the reference to rugs?
Well, that's because there have unfortunately been some scams involving cryptocurrency where the rug has been pulled from under people and where scammers have actually disappeared with people's money.
And so he wanted to reassure people that he wasn't that kind of person. By calling his token NoRugs.
Well, that's because there have unfortunately been some scams involving cryptocurrency where the rug has been pulled from under people and where scammers have actually disappeared with people's money.
And so he wanted to reassure people that he wasn't that kind of person. By calling his token NoRugs.
Because the rug has already been pulled?
I love that he calls it though NoRugs with a Z, because he's obviously hip.
Yes, that's because he's down with the kids. Mm-hmm.
So Rob Rob, he told potential investors this was a capital-intensive prototype. That was— I love this one.
I don't even know what that means. Capital-intensive.
He said, well, that means you've got to put loads of money in, but it's going to cost a bit to create his prototype bot.
But he said it was theoretically good enough to make everyone rich.
But he said it was theoretically good enough to make everyone rich.
So he said this in what, a document or a video or what?
In his spiel, you know, the spiel that he was posting up on the socials, up on Telegram in front of investors.
So I think we should take a moment to appreciate that beautiful phrasing, capital-intensive prototype that was theoretically good enough to make people rich.
So I think we should take a moment to appreciate that beautiful phrasing, capital-intensive prototype that was theoretically good enough to make people rich.
Yeah, that's kind of an alarm bell thing for me. The theoretically good enough, that's a real—
Well, I'd say so. I'd say so. I think in our cynical sort of cybersecurity heads on, we would say that doesn't sound necessarily like it really is good enough.
You know, in theory it's good enough, but maybe not in practice.
And the best thing about all of this is that Robert Robb, having got this money, having got $1.5 million, he's alleged by the FBI not to have actually bothered to build anything.
He didn't actually build a prototype.
You know, in theory it's good enough, but maybe not in practice.
And the best thing about all of this is that Robert Robb, having got this money, having got $1.5 million, he's alleged by the FBI not to have actually bothered to build anything.
He didn't actually build a prototype.
Color me surprised.
Why sweat loads of coding software when you could, for instance, spend $204,000 buying a Swiss suite for the Denver Broncos if you were a big fan of theirs, or buying a brand new Jeep or a $20,000 vacation in the Bahamas.
He's not even buying rugs. What is wrong with this guy? There's no rugs being bought.
Well, the investors started getting restless and Rob, when challenged, he started playing the victim card. He says, oh, you know, I've had COVID, my safety's been threatened.
There's been some glitches on the exchange. There's people extorting me. I've got problems with the family.
There was always an excuse when investors were saying when are we going to see the outcome of all of our investment?
And once again, this is really a story of how common sense has been flung out of the window by people who are so desperate to get rich quick with cryptocurrency.
I don't know, I don't want to call it dumb, but their gullibility really knows no bounds. And this was all built on hype and little substance.
He's not even buying rugs. What is wrong with this guy? There's no rugs being bought.
Well, the investors started getting restless and Rob, when challenged, he started playing the victim card. He says, oh, you know, I've had COVID, my safety's been threatened.
There's been some glitches on the exchange. There's people extorting me. I've got problems with the family.
There was always an excuse when investors were saying when are we going to see the outcome of all of our investment?
And once again, this is really a story of how common sense has been flung out of the window by people who are so desperate to get rich quick with cryptocurrency.
I don't know, I don't want to call it dumb, but their gullibility really knows no bounds. And this was all built on hype and little substance.
I don't know. It's not about gullibility. It's about— no, I mean, surely Robbie Rob is the problem here.
He's the greedy, greedy guy who's going around faking that he can help people, and a lot of people have gotten rich on crypto.
He's the greedy, greedy guy who's going around faking that he can help people, and a lot of people have gotten rich on crypto.
People get rich, but people don't get rich because of a magical money-making machine. They don't get rich with something which is theoretically—
I'm sure it wasn't called the magical money-making machine, you know.
It was theoretically good enough to be called a magical money-making machine.
Yeah, Graham.
So Robert's claimed on Twitter that he himself has been a past victim.
And in fact, if you go and look on his Twitter account, I think he calls himself something like Poker Brat because he was obviously into casinos back in the day when he was scamming people with his casino machine.
And he's frequently warned his followers, look out for crypto scams anyway, which is kind of ironic, I think.
And in fact, if you go and look on his Twitter account, I think he calls himself something like Poker Brat because he was obviously into casinos back in the day when he was scamming people with his casino machine.
And he's frequently warned his followers, look out for crypto scams anyway, which is kind of ironic, I think.
I think I've heard of this guy anyway. Didn't he then go on to Scotland and then open up a Willy Wonka experience?
Robbie McRub of the Clan McRub. Anyway, folks.
Yeah, what's your advice on this, Grim? What's your advice?
Don't be so dumb. Don't be so dumb. Just don't be so stupid.
Just stop a minute. Yeah, ask yourself, is this too good to be true?
Stop investing in crypto. If you have invested in crypto, make sure that you sell while the price is high, Thom. Don't sell where it's low.
Well, there is that too, yeah. But at least I made my own mistakes about my own investment strategy.
I didn't just rely on somebody saying, I'll do this for you and I'll make you loads of money.
I didn't just rely on somebody saying, I'll do this for you and I'll make you loads of money.
And I can create a machine which can predict what other people are going to do with cryptocurrency and carry out a man-in-the-middle attack by intercepting the trades and doing it for them, which I'm sure is illegal anyway, right?
Well, I don't know how it was meant to work, but it all sounds very, very peculiar.
Well, I don't know how it was meant to work, but it all sounds very, very peculiar.
Utter tosh.
So there you are. It's a shock story.
I know it's going to leave many of our listeners completely dumbfounded that anything to do with cryptocurrency could end up being a bit of a scam.
I know it's going to leave many of our listeners completely dumbfounded that anything to do with cryptocurrency could end up being a bit of a scam.
Well, you've already called them dumb for getting involved, and now you're calling them dumbfounded when they realised. You're really being tough on our listeners, I think.
I'm not accusing our listeners of being dumb.
Good. I just wanted to make sure.
If any of our listeners have $100,000 to invest in a magical money-making machine, maybe they'd like to sponsor—
Host our own podcast!
Yes!
Sponsorship!
He's quicker than me, darn it! Thom, what have you got for us this week?
Well, it's a little bit of a rant, actually, but—
Oh, another one.
Fantastic.
I had a great story, but Carole stole it off me. She got there too quickly, but— I'm not really talking about the headline per se, but actually the underlying feeling.
So the headline, this is from Wired, it says Biden bans rival nations from buying sensitive US data.
And at first glance, you think, well, good, you know, rival nations, you know, bad state actors, shouldn't be buying sensitive data.
But then when you look into it, what's actually happening is that he's putting in place a ban that stops the valid sale of personal, sensitive, and potentially confidential information to people that basically they don't want to.
So capitalism is good until it's not, and we don't want it to go to certain people. But what I'm really shocked about is by how much our personal data is sold.
So the data they're talking about is, for instance, healthcare data. So some of your most private details potentially are being sold, not just nationally, but internationally.
And what Biden stopped doing, and it's a good thing on the whole, but it's kind of a bit closing the barn doors after the horse has bolted, is just stopping this sale to certain countries.
And that the brokers that sell this data have to do more homework to ensure that it's sold to the right people. And a tentative list given to reporters.
So the headline, this is from Wired, it says Biden bans rival nations from buying sensitive US data.
And at first glance, you think, well, good, you know, rival nations, you know, bad state actors, shouldn't be buying sensitive data.
But then when you look into it, what's actually happening is that he's putting in place a ban that stops the valid sale of personal, sensitive, and potentially confidential information to people that basically they don't want to.
So capitalism is good until it's not, and we don't want it to go to certain people. But what I'm really shocked about is by how much our personal data is sold.
So the data they're talking about is, for instance, healthcare data. So some of your most private details potentially are being sold, not just nationally, but internationally.
And what Biden stopped doing, and it's a good thing on the whole, but it's kind of a bit closing the barn doors after the horse has bolted, is just stopping this sale to certain countries.
And that the brokers that sell this data have to do more homework to ensure that it's sold to the right people. And a tentative list given to reporters.
Oh, can we guess? Can we guess?
Yeah, go on, go on. Hang on, I'll tell you how many there are. There's 1, 2, 3, 4, 5. There's 6 countries. How many can you get?
Okay, Carole, you try. You try one, Carole, then I'll try one.
Iran.
Yes.
China.
Yes.
I think it's called Jaina, isn't it?
That's the next guy and the previous guy.
Yeah.
Russia.
Russia, yes. 3 down, 3 to go.
North Korea.
Yes. The last 2 are less obvious until you actually, you know, until you say them, if you see what I mean. Myanmar. No.
Hmm.
Right, this could get very dull for the listeners very quickly. Unless I jump in here.
Yeah, give us the first letter. C. Cambodia?
No.
Callus.
Well, it's where you get these cigars from.
Cuba, of course.
Cuba.
Cuba.
See? And the last one begins with a V. Venezuela. Exactly. Where the famous Monty Python beaver cheese comes from. The Venezuelan beaver cheese?
So, basically what they're saying is, you can't sell people's most sensitive and confidential of data to these 6 countries.
And you're thinking, surely we shouldn't be selling this data to any countries. Yeah, not just these.
And it just occurs to me that I think we have reached the tipping point whereby our personal data is now no longer our data. It no longer belongs to us.
And I'm sure, you know, America is very often a little bit of a litmus test for this sort of stuff.
And I'm sure, you know, there are European countries, certainly in the EU, are probably a little better protected than the US.
But on the whole, I think we are seeing exactly where things are going as regards how our personal data is gathered, stored, and subsequently treated, i.e., sold afterwards.
And it's going to— it's just going to get worse. But I honestly think it's— we're now at that position where we do not own our own data. Anymore.
So this is data that's been gathered by these huge organizations, hospitals, and, you know, well, that's, you know, obviously it's that they're private companies in the US, you know, rather than sort of national institutions.
But, you know, that's how they're making money.
So, basically what they're saying is, you can't sell people's most sensitive and confidential of data to these 6 countries.
And you're thinking, surely we shouldn't be selling this data to any countries. Yeah, not just these.
And it just occurs to me that I think we have reached the tipping point whereby our personal data is now no longer our data. It no longer belongs to us.
And I'm sure, you know, America is very often a little bit of a litmus test for this sort of stuff.
And I'm sure, you know, there are European countries, certainly in the EU, are probably a little better protected than the US.
But on the whole, I think we are seeing exactly where things are going as regards how our personal data is gathered, stored, and subsequently treated, i.e., sold afterwards.
And it's going to— it's just going to get worse. But I honestly think it's— we're now at that position where we do not own our own data. Anymore.
So this is data that's been gathered by these huge organizations, hospitals, and, you know, well, that's, you know, obviously it's that they're private companies in the US, you know, rather than sort of national institutions.
But, you know, that's how they're making money.
You know, I was just going to say Amazon, didn't they get access to healthcare info collected by the NHS? Well, there's a contract with the government.
Yes, that's right.
In 2019, government hands Amazon free access to NHS information.
Okay.
Well, yeah, there you go.
Amazon, they're really good. They're trustworthy and will take care of everything.
They're absolutely trustworthy. I think the way they handle everything from data to money is impeccable and beyond reproach. Maybe, maybe we'll be proven wrong later on.
So yeah, I think my whole point of this is I think we've lost, frankly. It's very depressing. I think we've lost.
And I think we're now going to be living in a society where our data is not our own.
So yeah, I think my whole point of this is I think we've lost, frankly. It's very depressing. I think we've lost.
And I think we're now going to be living in a society where our data is not our own.
Do you know what, though? I might argue that we are just the generation that is in the middle of the transition period. Yes.
It might be very different for your kids or maybe even their kids, unfortunately.
It might be very different for your kids or maybe even their kids, unfortunately.
But yeah, and it might be absolutely fine.
It is a moment of transition, but we're transitioning to the Matrix, Carole. We're going to all be stored in pods. That's what's going to be happening.
Can I—
Exactly.
Can I inject some sanity?
No, no.
If I'm in a pod, I just want to make sure I know who's next to me.
Oh, okay. I don't the idea of countries selling this data to other countries, but I don't really the idea of this data ending up in Mark Zuckerberg's pocket.
I don't the idea of this data going anywhere without my permission.
Exactly. But to Graham's point, maybe this is the new normal. Maybe actually future generations won't care and this is just how it is.
They will care. If we're listening to this in the future.
In the past, we didn't care about anything we couldn't see beyond the hill in the horizon, right?
Our boundaries were far, far tighter and closer to us, whereas now our boundaries are, well, almost limitless as regards geographical boundaries. Things will change.
And everything, you know, business evolves and lifestyles and cultures, etc., evolve. But right now, I think it just sucks a little bit.
Our boundaries were far, far tighter and closer to us, whereas now our boundaries are, well, almost limitless as regards geographical boundaries. Things will change.
And everything, you know, business evolves and lifestyles and cultures, etc., evolve. But right now, I think it just sucks a little bit.
Oh, thank goodness you said that, Thom. I was thinking this isn't much of a rant. You're sounding very resigned to it all. I wanted some anger. I want some passion from you, Thom.
I've had enough. I've had enough of anger. Please don't.
Grrr.
Carole, what have you got for us this week?
I first would like to ask you to define what you think the word incognito means.
Ah, well, that's incognito. It's sort of like in disguise, isn't it? Or, you know, sort of so people can't identify you.
When I was a young man, there was a club called Cognito. And so when you were incognito, you happened to be in that club. Just saying.
Well, I looked it up just to make sure, right, that I could understand it appropriately. And it's having one's true identity concealed.
Yes. Right.
And avoiding being recognised by changing your name or your appearance. So if either of you guys used incognito mode in Chrome, I mean, it's been around for donkey's years.
You must have used it at some point.
You must have used it at some point.
Only for about 2 minutes at a time.
Why is that?
I, what I needed doing was, didn't take long. Let me put it that way.
Oh, I see. So you sort of finished whatever it was you're doing quite quickly.
I finished off.
Yeah, you could turn off your privacy. I don't tend to use Chrome, so—
But even in the early days?
I guess I probably would have done, yeah.
But all browsers have a private mode, right? They all, all of them have a private—
I think Google was the first though, wasn't it?
It probably was. It wouldn't surprise me because Chrome, despite its origins, as it were, is one of the most advanced web browsers out there.
I have used it, but I wasn't— I was like, why do I use it? What do I use it for?
And I was using it for things like, you know, buying presents for people and not wanting them to see it and all this kind of stuff.
And I started looking around, on this request on Quora, from 2008. And the sender asks, why does my husband use incognito mode in his browser?
And I was using it for things like, you know, buying presents for people and not wanting them to see it and all this kind of stuff.
And I started looking around, on this request on Quora, from 2008. And the sender asks, why does my husband use incognito mode in his browser?
Because he's buying her presents.
And the responder writes, if you're security conscious, this is in 2008, if you're security conscious and you don't want to be tracked by anyone while you're surfing, private browsing incognito mode is a great way to do it.
Or you can just presume he's surfing porn. That might be easier, right? So FNAF, FNAF, FNAF. But I would say that's most people's assumption.
Or you can just presume he's surfing porn. That might be easier, right? So FNAF, FNAF, FNAF. But I would say that's most people's assumption.
Yeah.
That that's why you would use incognito mode. Perhaps maybe not the most computer or cyber savvy of us out there, but still.
I think that there are many valid uses for it, but I would imagine that 90% of cases are because they're surfing for certain contents they don't wish others to see.
Hang on, Thom, did you say 2 minutes? That's very impressive for a man of your vintage.
Well, yes, exactly. It's either 2 minutes or 4 days, one or the other, you know.
Now, at the time when this guy responded on Quora, he gave a screenshot saying, have you seen the start page for incognito mode?
So when you select incognito mode on Chrome, at the time, it would provide this thing saying you're browsing privately. And it would say not saved.
History, searches, cookies, and temporary files. And it says it does save downloads and bookmarks.
And it does even give a private note saying, please note that your employer or your internet service provider can still track the pages you visit.
So when you select incognito mode on Chrome, at the time, it would provide this thing saying you're browsing privately. And it would say not saved.
History, searches, cookies, and temporary files. And it says it does save downloads and bookmarks.
And it does even give a private note saying, please note that your employer or your internet service provider can still track the pages you visit.
Okay?
Yeah.
Okay. So fair enough.
Now, unfortunately, it turns out that incognito mode in Chrome was found to be a little less private than the average user might have assumed based on this display screen.
And people got kind of mad, so mad that they sued. And this all began in June 2020, right, in Northern District of California.
And the plaintiffs argued that Google's analytics, cookies, and apps let Alphabet, the parent company of Google, track the activities even when they set their Google Chrome browser to incognito mode and other browsers to private browsing mode.
The plaintiff said this turned Google into an unaccountable trove of information by letting companies learn about their friends, their hobbies, favorite foods, shopping habits, and potentially embarrassing things, right, Thom?
That some things that take 2 minutes in your case that they seek out online.
Now, unfortunately, it turns out that incognito mode in Chrome was found to be a little less private than the average user might have assumed based on this display screen.
And people got kind of mad, so mad that they sued. And this all began in June 2020, right, in Northern District of California.
And the plaintiffs argued that Google's analytics, cookies, and apps let Alphabet, the parent company of Google, track the activities even when they set their Google Chrome browser to incognito mode and other browsers to private browsing mode.
The plaintiff said this turned Google into an unaccountable trove of information by letting companies learn about their friends, their hobbies, favorite foods, shopping habits, and potentially embarrassing things, right, Thom?
That some things that take 2 minutes in your case that they seek out online.
I think you got some of those things in the wrong order, Carole. I think maybe the thing which Thom is doing in incognito mode, that probably should have begun the list.
Because that seems to be what most people are using incognito mode for rather than the other stuff.
Because that seems to be what most people are using incognito mode for rather than the other stuff.
How do you know that? They're incognito. Is that what you do?
I asked a friend at Google.
Yes, I was going to say Google told him, yeah.
They also allege that sites using Google Analytics or Ad Manager collected information from browsers in incognito mode, including web page content, device data, and IP addresses.
They also accused Google of taking a Chrome user's private browsing activity and then associating it with their already existing user profiles.
They also accused Google of taking a Chrome user's private browsing activity and then associating it with their already existing user profiles.
What? Not even storing it separately.
Remember, "do no evil." That was their thing. Remember that? I miss those days.
So when Chrome was saying you are now browsing privately, what it actually meant was you're browsing privately, but not from us.
Yeah. Yeah.
So basically, while incognito mode lets users turn off data collection when using the Chrome browser, other Google tools used by websites such as ad tech scoop up all the data anyway, according to the suit.
Wow.
The lawsuit covered millions of Google users since the 1st of June, 2016, and sought at least $5,100,000 in damages per user for violation of federal wiretapping and California privacy laws.
You've got to admit, that is the most satisfying wank you're ever going to have in your life. If you're given— if you're going to be rewarded with thousands of dollars each time.
Oh my goodness.
Oh my goodness.
Violation. That's how you make a million dollars really quickly.
Not just any wank, a private wank.
Eventually, plaintiffs were basically asking for $5 billion in wonga payments from Google for its blatant naughtiness.
Now, Google initially attempted to have the lawsuit dismissed by pointing to the message displayed when users turned on the Chrome incognito mode, that start page we talked about, that warns users saying their activity might still be visible to websites you visit, right?
Yeah, but the judge totally rejected this.
And eventually, years later, okay, Google agreed to settle the lawsuit claiming it secretly tracked the internet use of people who thought they were doing their browsing privately.
Now, Google initially attempted to have the lawsuit dismissed by pointing to the message displayed when users turned on the Chrome incognito mode, that start page we talked about, that warns users saying their activity might still be visible to websites you visit, right?
Yeah, but the judge totally rejected this.
And eventually, years later, okay, Google agreed to settle the lawsuit claiming it secretly tracked the internet use of people who thought they were doing their browsing privately.
Boy, oh boy.
So while the plaintiffs asked for this $5 billion in damages, the settlement includes no payment from Google.
So instead, individuals will be able to pursue damages by filing their own complaints against Google in US state courts.
So instead, individuals will be able to pursue damages by filing their own complaints against Google in US state courts.
But they've already got their hands full. They've got no time to do that.
They have. They've got 23 hours and 58 minutes every day.
Both hands? About 50 people have already done so. But that's interesting, I think, that they have to do it privately. They're not doing it as a class action.
Anyway, as a result of this court case, Google will expunge billions of data records that reflect people's private browsing.
This is according to the details that were made public Monday this week in a filing at San Francisco federal court.
Anyway, as a result of this court case, Google will expunge billions of data records that reflect people's private browsing.
This is according to the details that were made public Monday this week in a filing at San Francisco federal court.
Yeah, but too late, they've already sold it to Belgium or any countries which aren't on that list. It could be everywhere by now.
I know that. Listen to this. This is what Time wrote, and I'm not sure I feel comfortable with this.
It says Time reported that Google's agreement to retroactively delete user information is a significant concession as it forms the backbone of the company's lucrative advertising business, which depends on the quality of their attention.
But boohoo Google is my view on that.
They snuffle up all this data like a secret spy, and now they have to get rid of it all, and they're like, but what's gonna happen to our profits?
I don't feel very sorry for Google. But to your point, Graham, once it's sold, how do they get it back from the people they sold it to?
It says Time reported that Google's agreement to retroactively delete user information is a significant concession as it forms the backbone of the company's lucrative advertising business, which depends on the quality of their attention.
But boohoo Google is my view on that.
They snuffle up all this data like a secret spy, and now they have to get rid of it all, and they're like, but what's gonna happen to our profits?
I don't feel very sorry for Google. But to your point, Graham, once it's sold, how do they get it back from the people they sold it to?
Well, just regather it through other means.
Or how do they know that they haven't already disseminated that information, that data, into other places inside Google?
Well, right, exactly.
It's all very well at the collection point, but what then happened to that data over the last X number of years?
Boy, you'd make a good auditor, Graham.
They also say that they've made several changes to the disclosure.
So basically the information on that start page when you go to incognito mode will be slightly more informative as to the fact that you're actually not in incognito mode.
It's just a trademark name.
So basically the information on that start page when you go to incognito mode will be slightly more informative as to the fact that you're actually not in incognito mode.
It's just a trademark name.
Is he gonna have two pairs of eyes and then saying, "We're watching you." Yeah, at all times.
So we come back to that big question, what the blink is incognito mode for? So what would you use it for? I found a few suggestions on Forbes.
I'm just gonna run it past you, see what you guys think.
I'm just gonna run it past you, see what you guys think.
It's to hide the evidence from your wife, it seems. That's the main thing.
Partner.
All right, partner, yes.
So they say maybe if you wanted to sign into multiple email accounts, you might do that.
So it's a pain if you wanna check your personal inbox, but you're logged into another account.
So instead of using a separate browser, which is what I probably would do, you could go into incognito mode.
So it's a pain if you wanna check your personal inbox, but you're logged into another account.
So instead of using a separate browser, which is what I probably would do, you could go into incognito mode.
Or even sign out and then sign in again.
Revolutionary, Thom.
Shopping for gifts. We talked about that one. Avoid autofill suggestions, which is interesting because that does get annoying.
Really? I don't know.
Yeah, I'm just asking.
Yeah.
What about booking travel?
They say some travel companies keep track of what you're searching for and will increase prices the next time you visit the site if you use incognito mode.
You don't have to worry about price gouging.
They say some travel companies keep track of what you're searching for and will increase prices the next time you visit the site if you use incognito mode.
You don't have to worry about price gouging.
Oh yeah, I've heard that.
That's probably a fair one, yeah.
Getting out of your bubble. I think this is quite true if you're trying to look for new stuff.
So I do this sometimes when I look for news stories, I might go into incognito mode just so it doesn't show me the same information that I might have seen before because it has me all, you know.
So I do this sometimes when I look for news stories, I might go into incognito mode just so it doesn't show me the same information that I might have seen before because it has me all, you know.
Ooh, do you know what? That had never occurred to me.
Maybe if I'd switched on incognito when I was looking for the story after you stole this one from me before, I would've come up with another story, probably less depressing.
Maybe if I'd switched on incognito when I was looking for the story after you stole this one from me before, I would've come up with another story, probably less depressing.
And the other one is viewing a site as an outsider so that, you know, obviously there's all these trackers and stuff.
So maybe you want to see what it looks like without all the ads they tend to show you.
So maybe you want to see what it looks like without all the ads they tend to show you.
Yeah.
Or if you're in web development and you're logged into your CMS, you may want to see what, you know, regular users would see on your website instead of what you see as a logged-in admin.
I get that.
Or if you're in web development and you're logged into your CMS, you may want to see what, you know, regular users would see on your website instead of what you see as a logged-in admin.
I get that.
It's quite an edge case though, isn't it, for the average user? But it's a fair comment.
I think we're missing the big one, which is to hide— well, we've mentioned it. Yeah, to hide the browser history.
Bingo. So in short, incognito mode is not anonymous mode.
Or at least on Google anyway.
Yes, on Google anyway. Websites and services will still be able to track you and collect your data.
And perhaps enabling the block third-party cookies setting might be more helpful to you. But God, do I miss the days of Do No Evil because I can understand.
I wonder if they were forced to get rid of that.
And perhaps enabling the block third-party cookies setting might be more helpful to you. But God, do I miss the days of Do No Evil because I can understand.
I wonder if they were forced to get rid of that.
I mean, you've got to think of the meeting they had where they said, you know, right, let's have a look at the company motto again.
And they all look at it and there's silence around the boardroom. They go, should we get rid of this this year? No, we'll leave it for another year.
And they all look at it and there's silence around the boardroom. They go, should we get rid of this this year? No, we'll leave it for another year.
Nobody will notice. Legacy managed file transfer tools are dated. They lack the security that today's remote workforce demands.
Companies that continue relying on outdated technology put their sensitive data at risk.
Well, this podcast is sponsored by KiteWorks, who enable organizations to effectively manage risk in every send, share, receive, and save of sensitive content.
To do that, they've created a platform that delivers content governance, compliance, and protection to customers, tracking, controlling, and securing sensitive content as it moves within, into, and out of organizations, all while ensuring regulatory compliance on all sensitive content communications.
KiteWorks provides the industry's first private content network for protecting risky third-party communications with secure email, secure file sharing, secure mobile, secure web forms, managed file transfer, and governed SFTP servers.
Visit kiteworks.com to get started today. That's KiteWorks.com and thanks to them for supporting the show.
Companies that continue relying on outdated technology put their sensitive data at risk.
Well, this podcast is sponsored by KiteWorks, who enable organizations to effectively manage risk in every send, share, receive, and save of sensitive content.
To do that, they've created a platform that delivers content governance, compliance, and protection to customers, tracking, controlling, and securing sensitive content as it moves within, into, and out of organizations, all while ensuring regulatory compliance on all sensitive content communications.
KiteWorks provides the industry's first private content network for protecting risky third-party communications with secure email, secure file sharing, secure mobile, secure web forms, managed file transfer, and governed SFTP servers.
Visit kiteworks.com to get started today. That's KiteWorks.com and thanks to them for supporting the show.
Smashing Security is also sponsored by Vanta. Managing the requirements for modern security programs is increasingly challenging and time-consuming. Enter Vanta.
Vanta gives you one place to centralize and scale your security program. Quickly access risk, streamline security reviews, and automate compliance for ISO 27001, SOC 2, and more.
You can leverage Vanta's market-leading trust management platform to unify risk management and secure the trust of your customers.
Plus, use Vanta AI to save time when completing security questionnaires. Smashing Security listeners, you get 20% off Vanta.
All you lucky sausages have to do is visit vanta.com/smashing to claim your discount. That's V as in Victor, A-N-T-A, dot com slash smashing.
And thanks to Vanta for sponsoring the show.
Vanta gives you one place to centralize and scale your security program. Quickly access risk, streamline security reviews, and automate compliance for ISO 27001, SOC 2, and more.
You can leverage Vanta's market-leading trust management platform to unify risk management and secure the trust of your customers.
Plus, use Vanta AI to save time when completing security questionnaires. Smashing Security listeners, you get 20% off Vanta.
All you lucky sausages have to do is visit vanta.com/smashing to claim your discount. That's V as in Victor, A-N-T-A, dot com slash smashing.
And thanks to Vanta for sponsoring the show.
You've probably heard us talk about Kolide before, but did you know Kolide was just acquired by 1Password?
Well, that's pretty big news since these two companies are leading the industry in creating security solutions that put users first.
For over a year, Kolide Device Trust has helped companies with Okta ensure that only known and secure devices can access their data.
And that's what they're still doing but now as part of 1Password. So if you've got Okta and you've been meaning to check out Kolide, now's a great time.
Kolide comes with a library of pre-built device posture checks, and you can write your own custom checks for just about anything you can think of.
Plus, you can use Kolide on devices without MDM, your Linux fleet, contractor devices, and every BYOD phone and laptop in your company.
Now that Kolide is part of 1Password, it's only going to get better. Check it out at kolide.com/smashing to learn more and watch the demo today. That's k-o-l-i-d-e.com/smashing.
And thanks to them for supporting the show. And welcome back, and you join us at our favorite part of the show, the part of the show that we call Pick of the Week.
Well, that's pretty big news since these two companies are leading the industry in creating security solutions that put users first.
For over a year, Kolide Device Trust has helped companies with Okta ensure that only known and secure devices can access their data.
And that's what they're still doing but now as part of 1Password. So if you've got Okta and you've been meaning to check out Kolide, now's a great time.
Kolide comes with a library of pre-built device posture checks, and you can write your own custom checks for just about anything you can think of.
Plus, you can use Kolide on devices without MDM, your Linux fleet, contractor devices, and every BYOD phone and laptop in your company.
Now that Kolide is part of 1Password, it's only going to get better. Check it out at kolide.com/smashing to learn more and watch the demo today. That's k-o-l-i-d-e.com/smashing.
And thanks to them for supporting the show. And welcome back, and you join us at our favorite part of the show, the part of the show that we call Pick of the Week.
Pick of the Week.
Pick of the Week.
Pick of the Week is the part of the show where everyone chooses something they like.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they like.
It doesn't have to be security related necessarily.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they like.
It doesn't have to be security related necessarily.
Better not be.
Well, my Pick of the Week this week is not security related, but it's also not Pick of the Week.
I'm afraid I've got a nitpick of the week, and I apologize to anyone who follows me on Twitter or LinkedIn who may already know about this.
I'm afraid I've got a nitpick of the week, and I apologize to anyone who follows me on Twitter or LinkedIn who may already know about this.
I don't. I have no idea what you're talking about.
I know you don't.
You've been on the phone to me all weekend.
No, you're kidding me.
Oh my God.
I've had a bit of an issue. I've had a bit of an issue with a company called Amazon.
Because last week, beginning of last week, we decided to buy a phone for my partner, an iPhone 15. And a case.
And so for some reason or another, we went to Amazon and we got it on Amazon Prime.
Because last week, beginning of last week, we decided to buy a phone for my partner, an iPhone 15. And a case.
And so for some reason or another, we went to Amazon and we got it on Amazon Prime.
Why did you not get it from Apple? Why didn't you do this? Why didn't you do that? Look, I'm just asking a question.
I think someone may have said that to Graham already.
Look, no, we didn't do that because we wanted it delivered the next day. Okay. And we wanted to be sure.
And Amazon, we're with Amazon Prime and they're normally really, really good delivering things really quickly because they're just so amazing. Amazon's awesome.
So we thought, all right, let's just do this.
And if there's any problems, you know, we can send it back if you decide you don't like the iPhone, because she's currently an Android user.
And Amazon, we're with Amazon Prime and they're normally really, really good delivering things really quickly because they're just so amazing. Amazon's awesome.
So we thought, all right, let's just do this.
And if there's any problems, you know, we can send it back if you decide you don't like the iPhone, because she's currently an Android user.
What?
All right. So, so we did it, right? Well, I know, I know. So, so I sat in my office overlooking my front door last Tuesday, waiting for it to be delivered.
And I was reassured because I've got a little video doorbell thing that goes bing bong and, you know, it records people who come here. I'd be able to hear the door going.
I also— Amazon had told me that my signature would be required to accept the delivery. And here's the thing. Here's the thing. My doorbell didn't go.
My doorbell didn't record anyone at the door. I never gave my signature to anyone. And I have not been given the iPhone, right? It wasn't delivered to me. No big deal, you think.
No big deal. Just contact Amazon customer service and get yourself a refund or a replacement set, right?
And I was reassured because I've got a little video doorbell thing that goes bing bong and, you know, it records people who come here. I'd be able to hear the door going.
I also— Amazon had told me that my signature would be required to accept the delivery. And here's the thing. Here's the thing. My doorbell didn't go.
My doorbell didn't record anyone at the door. I never gave my signature to anyone. And I have not been given the iPhone, right? It wasn't delivered to me. No big deal, you think.
No big deal. Just contact Amazon customer service and get yourself a refund or a replacement set, right?
Do you get an email saying Amazon guy's on his way?
Oh yes. Oh yes.
Oh yeah. You got that?
Yes. I got an email telling them that they were out for delivery. And then I also got an email telling me that they had delivered it.
And they told me that they had handed it to resident. And so obviously I went out my front door, had a little look around, nothing left out here.
Obviously I hadn't signed for anything. Spoke to my neighbours. No, they hadn't received something.
And some of them are, you know, a bit old and doddery anyway, and they probably wouldn't know how to use an iPhone. But so, you know, I believe them.
I thought, no, they haven't got it. I haven't got it. I even looked in the bin because, you know, it's not unknown for Amazon delivery people to put things in the bin.
Especially the day before rubbish day.
And they told me that they had handed it to resident. And so obviously I went out my front door, had a little look around, nothing left out here.
Obviously I hadn't signed for anything. Spoke to my neighbours. No, they hadn't received something.
And some of them are, you know, a bit old and doddery anyway, and they probably wouldn't know how to use an iPhone. But so, you know, I believe them.
I thought, no, they haven't got it. I haven't got it. I even looked in the bin because, you know, it's not unknown for Amazon delivery people to put things in the bin.
Especially the day before rubbish day.
Or the day of.
Yes, exactly. So—
That never happens to me. But anyway, okay.
Oh, well, maybe you just live in a lovely neighbourhood, Carole. But that sort of thing does happen around these parts sometimes.
So I contacted Amazon customer support and they said to me, well, you have to wait 2 days before making a complaint because maybe it'll show up.
So I waited 2 days and after 2 days I said again, can you please refund me or send a replacement? And they said, well, we're going to have to investigate this.
And that'll take up to 3 days. I thought, oh, it's a bit frustrating. All right. And they said, well, if you haven't received your refund by the end of March, let us know.
So I began to wait. Now, fortunately, I didn't have to wait 3 days to hear back from Amazon.
Unfortunately, when I did hear back from Amazon, it wasn't good news because what they said to me was, we've investigated and you received the item. It was delivered to you intact.
And I said, oh no, I didn't. That's the polite version of what I said.
And they said, "We are not going to be issuing you a replacement or a refund because you did receive it and it was in good condition.
We are unable to offer you any further assistance on this matter.
We appreciate your business and hope to see you again soon." So Amazon tells me they're not going to reply to my emails anymore. They tell me that there's no way to escalate it.
In fact, they say to me that they've all been trained in how to deal with customer complaints, and so there is no point in escalating the issue any further.
So I contacted Amazon customer support and they said to me, well, you have to wait 2 days before making a complaint because maybe it'll show up.
So I waited 2 days and after 2 days I said again, can you please refund me or send a replacement? And they said, well, we're going to have to investigate this.
And that'll take up to 3 days. I thought, oh, it's a bit frustrating. All right. And they said, well, if you haven't received your refund by the end of March, let us know.
So I began to wait. Now, fortunately, I didn't have to wait 3 days to hear back from Amazon.
Unfortunately, when I did hear back from Amazon, it wasn't good news because what they said to me was, we've investigated and you received the item. It was delivered to you intact.
And I said, oh no, I didn't. That's the polite version of what I said.
And they said, "We are not going to be issuing you a replacement or a refund because you did receive it and it was in good condition.
We are unable to offer you any further assistance on this matter.
We appreciate your business and hope to see you again soon." So Amazon tells me they're not going to reply to my emails anymore. They tell me that there's no way to escalate it.
In fact, they say to me that they've all been trained in how to deal with customer complaints, and so there is no point in escalating the issue any further.
Well, they haven't been trained very well, have they?
No, because I've got some ideas on how they can improve the customer experience.
Yeah, give me my bloody iPhone or give me my money back, because they're basically saying I'm a liar, I'm a fraudster. I'm not a fraudster. I'm lovely. Okay, so I'm really upset.
Yeah, give me my bloody iPhone or give me my money back, because they're basically saying I'm a liar, I'm a fraudster. I'm not a fraudster. I'm lovely. Okay, so I'm really upset.
Surely, though, with a purchase of that value, the driver must take a picture of it being delivered at the proper address. Doesn't it?
Seemingly not, and seemingly they didn't also— so I've asked them, I've said, have you got a photograph? Have you got a signature? They're not answering my questions.
I've reported it to Thames Valley Police, I've investigated making a claim by the small claims court, and I made a little video about it because I thought I'm a bit annoyed and I don't think they should be allowed to say handed to resident when they haven't handed it to resident, and that is my nitpick of the week.
I've reported it to Thames Valley Police, I've investigated making a claim by the small claims court, and I made a little video about it because I thought I'm a bit annoyed and I don't think they should be allowed to say handed to resident when they haven't handed it to resident, and that is my nitpick of the week.
So are you going to buy from Apple from now on?
Directly from Apple? Maybe I should. Maybe I should.
Did you pay by credit card?
I paid with my business card, which is technically a debit. Now, you can do a thing called a chargeback on debit cards as well.
But what I've been told by people who've done this in the past is Amazon sometimes, yes, you'll get your money back, but Amazon then blocks you from using their service anymore and not just their store, but all of their other services, which I think is pretty petty of them.
So at the moment, I'm not requesting a chargeback through the card. I want this to get sorted the proper way, which should be through their customer service team.
But what I've been told by people who've done this in the past is Amazon sometimes, yes, you'll get your money back, but Amazon then blocks you from using their service anymore and not just their store, but all of their other services, which I think is pretty petty of them.
So at the moment, I'm not requesting a chargeback through the card. I want this to get sorted the proper way, which should be through their customer service team.
Yeah.
I got a new phone last week.
Oh, yeah.
I bought it from the source.
Apple or?
Yeah.
Yeah. The Apple source.
I received it the very next day. Oh, and it's all a wonderfully perfect experience.
So, well, thank you very much for being so smug.
No, I'm not trying to be smug. I am just saying I've actually never had a problem with Apple delivery.
You say that you got an Apple phone delivered to you last week and mysteriously mine wasn't delivered. Is it, is it possible that you've got mine?
Yes, it's very possible. Yes.
Did you come round to my house and find a package? By the way, the video doorbell, no evidence of any delivery driver.
Carole's very sneaky like that.
I dressed as one of his bins.
She was incognito. Thom, what's your pick of the week?
I must admit, I've been watching loads of cool stuff on Netflix and all of those sorts of things. I've been playing with loads of cool new toys and whatever.
But actually, the one I came down to was, well, it's Concorde.
Basically, so any man, possibly a woman as well, but any man of a certain age has a very soft spot in their heart for Concorde, I think.
But actually, the one I came down to was, well, it's Concorde.
Basically, so any man, possibly a woman as well, but any man of a certain age has a very soft spot in their heart for Concorde, I think.
Well, because it looks like a cock.
Yes, the passion that people feel, that men feel for inanimate objects is often, you know, a little bit greater.
And maybe, I don't know, I'm making this up and I'm starting to panic a little bit. But nonetheless—
And maybe, I don't know, I'm making this up and I'm starting to panic a little bit. But nonetheless—
Carole has a lot of passion for her husband and he's pretty inanimate in my experience. Hey, hey!
Sounds like that movie with the dead guy.
Oh, Weekend at Bernie's.
He's not a Weekend at Bernie's.
Anyway, so I remember growing up, it used to fly over my house in Southeast London twice a day because that was its route out and you always used to see it.
I used to work in Heathrow and it would take off twice a day and it was the loudest thing ever. It was just wonderful. I never got to fly on it, which is unfortunate.
I did have an opportunity once, but I love Concorde. You know, I think it's a beautiful piece of engineering.
It's amazing, you know, quite, you know, how accomplished it was and all that sort of good stuff.
So when the opportunity came for me to purchase a Lego model of Concorde, I jumped at the opportunity. And I have to say, it was one of the most fun builds I've ever done. It's huge.
It's about, oh, maybe a metre in length, something like that.
I used to work in Heathrow and it would take off twice a day and it was the loudest thing ever. It was just wonderful. I never got to fly on it, which is unfortunate.
I did have an opportunity once, but I love Concorde. You know, I think it's a beautiful piece of engineering.
It's amazing, you know, quite, you know, how accomplished it was and all that sort of good stuff.
So when the opportunity came for me to purchase a Lego model of Concorde, I jumped at the opportunity. And I have to say, it was one of the most fun builds I've ever done. It's huge.
It's about, oh, maybe a metre in length, something like that.
A metre in length?
I'm looking at photographs of it now, Thom. It looks incredible.
It is. It's lovely.
Where do you put it? In your house?
Yeah.
But where does it go?
It's kind of squashed in somewhere. I've got a wall mount, but I haven't got enough wall to put it on yet.
But it's, as I said, some of these larger complex models often, you know, because it's about 3,500-4,000 pieces, something like that, and they're quite small, you know, because it's quite a detailed model anyway, and some of the more complex ones actually get quite dull, you know, because you really lose track of what you're building, as it were.
But this one, you knew what everything was as you were building it. Brilliant techniques on there. The wings are what they call snot.
But it's, as I said, some of these larger complex models often, you know, because it's about 3,500-4,000 pieces, something like that, and they're quite small, you know, because it's quite a detailed model anyway, and some of the more complex ones actually get quite dull, you know, because you really lose track of what you're building, as it were.
But this one, you knew what everything was as you were building it. Brilliant techniques on there. The wings are what they call snot.
What?
A snot build, which is studs not on top.
Ah, so it's smooth on the top of the wings rather than that loop.
It's smooth because it uses the side of the studs and the way that's built up. So you've got this beautifully sort of smooth edge. The nose, the snoot droops, as it were.
Well, yes, that can happen, can't it?
Yes, it does. We know all about that. And landing gear goes up and down, the flaps. It's just beautiful. It's just a beautiful model.
So I must say, Graham, anybody who's got a soft spot for Concorde, go for it.
So I must say, Graham, anybody who's got a soft spot for Concorde, go for it.
I think it's a beautiful thing, Thom. I'm very jealous. I think it's a thing of beauty, and I love LEGO as well.
I don't buy a lot of it because it's really rather expensive, but what a wonderful thing.
I don't buy a lot of it because it's really rather expensive, but what a wonderful thing.
Cheaper than an iPhone, Graham.
Yeah, when you get your charge back, go and buy this.
Maybe I should. Fantastic. Carole, what's your pick of the week?
Right.
So it's Easter time at the moment, and I've had some friends visiting, and we were hanging out last night and we were talking, you know, just yabbering away.
And we were talking about how annoying houses can be now because of all these machines we have that make all kinds of beeps and tweaks and stuff when they're finished working.
You know, you got the dishwasher that bleep bleep bleep and the microwave and the washing machine, the dryer.
And my girlfriend was telling me, she was talking about how annoying it is that her washing machine, which is a Samsung, actually does a tune. She was talking about this tune.
She goes, it goes on forever, this fucking tune. So if you put it on before you go to bed, it goes off at some point, right? At 2 in the morning, doing its thing.
And I'm thinking, what tune? And she goes, oh, it's F. Schubert's Trout Quintet. And I'm thinking, what?
And we were talking about how annoying houses can be now because of all these machines we have that make all kinds of beeps and tweaks and stuff when they're finished working.
You know, you got the dishwasher that bleep bleep bleep and the microwave and the washing machine, the dryer.
And my girlfriend was telling me, she was talking about how annoying it is that her washing machine, which is a Samsung, actually does a tune. She was talking about this tune.
She goes, it goes on forever, this fucking tune. So if you put it on before you go to bed, it goes off at some point, right? At 2 in the morning, doing its thing.
And I'm thinking, what tune? And she goes, oh, it's F. Schubert's Trout Quintet. And I'm thinking, what?
A trout quintet? Yes, trout quintet for trout.
Yes, that's exactly it.
They're playing it on a trout.
No, it is— for fuck's sake, Graham.
Sorry, am I just culturally—
Yes.
Oh, okay, okay.
Culturally barren, right?
Yes, you're culturally barren. So, there's this 11-minute 8-bit song and she's trying to find the bit it does.
And I said, look, don't worry, I will find someone on YouTube will have put up the exact 8-bit version that the washing machine does. And she's saying, no, they would not.
That's so stupid. And I'm saying, oh no, look here, I found it. So we're listening to this and it goes on for about 30 seconds.
And I said, look, don't worry, I will find someone on YouTube will have put up the exact 8-bit version that the washing machine does. And she's saying, no, they would not.
That's so stupid. And I'm saying, oh no, look here, I found it. So we're listening to this and it goes on for about 30 seconds.
Oh, that's lovely. I'd love my washing machine to do that.
Would you? Would you? But I keep scrolling. I keep scrolling. And it turns out that there's a number of people trying to duet with their washing machines.
Musicians of all caliber trying to post the renditions of their beloved washing machine along with their, in some cases, guitars or ukuleles, or what about a piano or drums?
Musicians of all caliber trying to post the renditions of their beloved washing machine along with their, in some cases, guitars or ukuleles, or what about a piano or drums?
Or pet trout?
Or a flipping harp that's the size of my Yeti? Or rock out with an electric guitar or a full fucking rock band? I'm not making this up. Not bad, right?
Some people have too much spare time. I'm just saying.
Says the guy who just made the Concorde Lego.
So I'm thinking this must have been a kind of microviral thing that might have happened during the pandemic.
No, still going on.
So there you go.
My pick of the week is how wonderful people are by trying to take something very annoying, like an 8-bit music off a washing machine, and try to make it, I don't know, make it into a duet.
My pick of the week is how wonderful people are by trying to take something very annoying, like an 8-bit music off a washing machine, and try to make it, I don't know, make it into a duet.
Excellent stuff, Carole. Episode 366.
When I heard you talking about household objects, well, white goods, et cetera, making beeping noises, it did remind me of the guy who turned his robot vacuum that every time it bumped into something, he got it to swear.
So this thing was going around the house going, "Fuck! Ah! Shit!"
So this thing was going around the house going, "Fuck! Ah! Shit!"
And on that note, we've pretty much wrapped up the show. Thom, I'm sure lots of our listeners would love to follow you online and find out what you're up to.
What is the best way for folks to do that?
What is the best way for folks to do that?
Oh, why don't you go along to podcast.hostunknown.tv? That's always a good place to go.
Terrific. And you can follow us on Twitter @SmashingSecurity, no G, Twitter allows to have a G.
And don't forget to ensure you never miss another episode, follow Smashing Security in your favorite podcast app, such as Apple Podcasts, Spotify, and Pocket Casts.
And don't forget to ensure you never miss another episode, follow Smashing Security in your favorite podcast app, such as Apple Podcasts, Spotify, and Pocket Casts.
And all the mea culpas in the world to our episode sponsors, Vanta, Kolide, and KiteWorks. And of course, to our wonderful Patreon community.
It's thanks to them all that this show is free.
For episode show notes, sponsorship info, guest lists, and the entire back catalog of more than 365 episodes, check out smashingsecurity.com.
It's thanks to them all that this show is free.
For episode show notes, sponsorship info, guest lists, and the entire back catalog of more than 365 episodes, check out smashingsecurity.com.
Until next time, cheerio. Bye-bye.
Bye. Stay secure, my friends.
Carole, why mea culpa to our sponsors? Mea culpa?
Oh, it means sorry, doesn't it?
Yes, it means sorry. Yeah, I mean, maybe that's accurate.
That's not what I meant to say at all. Let me just do that one more time.
No, I think it's great. I think it's great as you've done it.
I mean, it's just all the mea culpa in the world. What the fuck? I do not— I missed that entirely.
I don't know what just happened to my brain.
Me too.
Hosts:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Carole Theriault:
Guest:
@thomlangford.bsky.social
@
Episode links:
- Scammer Convinced Investors to Send Him $1.5 Million to Build Magic Money Making Bot – 404.
- Biden Bans Rival Nations From Buying Sensitive US Data – Good Luck – Wired.
- 6 practical reasons to use Incognito mode in your browser – USA Today.
- Brown v. Google LLC Settlement Agreement – DocumentCloud.
- Google agrees to settle $5bn lawsuit claiming it secretly tracked users – The Guardian.
- Chrome updates Incognito warning to admit Google tracks users in “private” mode – Ars Technica.
- Google changes wording for Incognito browsing in Chrome – Malwarebytes.
- The Incognito Mode Myth Has Fully Unraveled – Wired.
- Google Agrees to Delete ‘Incognito’ Browsing Data to Settle Class-Action Lawsuit – TIME.
- Amazon refuses to refund me £700 for iPhone 15 it didn’t deliver – Graham Cluley.
- Concorde – Lego.
- Cover song: samsung dryer no. 2 – YouTube.
- Play Drums on Samsung Washing Machine Song – YouTube.
- With samsung washing machine violinist – YouTube.
- Samsung Washing Machine Song with Piano [Franz Schubert’s “Die Forelle”] – YouTube.
- Duet for harp and dryer – YouTube.
- The Washing Machine Song – YouTube.
- SAMSUNG Washing Machine collaboration – YouTube.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:
- Kiteworks – Step into the future of secure managed file transfer with Kiteworks.
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!
- Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Bluesky at @smashingsecurity.com, or on Mastodon, on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Guys and Gal, a few comments:
Firstly, your minds seem to be in the gutter this week ?!?
Next, Money-making bots; I received something like that a while back. It offered me a free download of their Beta AI software to test and at the same time make money using it to create AI generated reviews of Amazon books… All I had to do was send them $20 US ($25 CAD) to learn how to use the software.
I declined, so I can;t tell you about it :-(
Next, Incognito mode, or whatever, I have been telling friends, family, whoever will listen that Incognito mode or whatever the browser manufacturer calls it is ***nothing more than a regular browsing window that deletes cookies, cache, etc. when you Close/Exit the browser*** :eclamation .
Now I cannot be sure if other Chromium based browsers use the same code. You could try the non-goofled version if you were inclined.
Next, the Concord, aaahhh. I had the pleasure of watching its last departure from Toronto many years ago. Wished I could have actually flown on it.
Lastly Graham I am saddened regarding the loss of your phone. Would you like me to call for you?