Digital arrest scams and stream-jacking
Smashing Security
Deep Dive
- Scammers impersonate law enforcement to extort money.
- Victims are coerced into transferring their savings for 'government verification'.
- Hundreds of people have fallen victim to similar scams, resulting in millions in losses.
Shownotes Transcript
I get the wife of horse through all this phone.
C, when you are so bold, your boat, when there was an amErica and policeman in new hampshire while we were driving through, and he was telling you to stop and pull over once about them, were you? No, you pulled over them in.
There was a gun on his that.
Smashing security episode three hundred and ninety four digital a arrest camm stream jacking with Carter rio and Green could hello, hello and welcome to smash security upside three hundred ninety four .
my name's ly and i'm Carol tario .
and cruel were joined today by very special guess very V I P. Yes delighted to welcome back mary of the ammonia .
hi thanks for having .
back SHE .
had a great change and you school of .
delete welcome back maria.
Thank you maria. Obviously in your day job you're working on n two case space daily t zero. What called something on is so many names.
T, minus space daily. That's the show I host.
Yes, that's the one.
And she's on hacking humans.
And I also on hacking humans. Yes, yes, yes.
How about we kick the show off? But first, let's think this week's wonderful sponsors, one password venta and treat locker, now coming up in today, show gram.
what you got dig restaurant worthy of a bollywood movie.
And what about emeria .
bits gets stream jacked.
okay. And i've got granny Daisy to the rescue. All this and much were going up on this episode of smashing security.
Now, chance, chance, I want to take you over to india today, where an extraordinary story is unfolding about how scammers have westernized people's fear of law enforcement.
OK.
okay, fair, fair. yes.
Are you scared? Please let you know if roscoe peak called train, you live in the states. Maria, yes, someone like that, where to stop you, pull you ever to one side.
I've had some experiences of law enforcement. I mean, their job is to intimidate. Yeah.
I don't enjoy IT.
I don't, but I don't think i'm supposed to.
Gram, we had A, I don't know, friendly chat with a highway cup once when I was driving.
We were driving through new hampshire.
Won't a little bit quickly.
And the police, ever in the states of guns and the standing in the middle, the freeway, tell us the stock was me. Yes, no, yes. So picture this right, where in india you are a respected neurologist in luck.
Now india, you are doctor rich, a tenant, an associate professor. You're at the top of your game. You are on your life's going well.
You recently came back from my conferencing. Goa, h. Neurology, that is your bag.
You are an expert. IT. You are competent. You are professional. That's some picture in you both. Okay, that's respective neurologists.
Okay, i'm right with that.
And then your phone rings. That's the phone, right? Guess I didn't have to do the sound effects.
That right? The phone rings and you pick up the phone and it's the telecoms regulator on the phone. You I say, oh, apparently your number has been used to send harassing messages.
harassing? Yes, okay, yeah. Messages of harassment have been sent from your phone up at twenty two times.
There have been complaint twenty two times. There's a lot of complaints that's more than we had about last week's episode. Is that a lot of complaint? Moments later, a senior policeman joined the call.
I don't know. He wrestles the phone of the telecoms Operator is he accuses doctor r. Chia of using a joint bank count with her mother to loan a money for the trafficking of women and children.
As a respected geologist, if this is true, this is gotta be quite a difficult situation .
being IT is a bit of a sticky pick isn't IT IT is, I mean, maria, have you ever been accused of laundry money .
for the trafficking .
of women and children? And I, if you if you were pulled over by, let's imagine on the telephone rather than on the great way.
pull over by the cop on the phone. okay?
He doesn't member .
how that works and well. And while i've been working from home for long time and while this conversation is going on, you you're feeling bit nervous but told this was this was that you hear this course of voices, shout in the background, arrest, arrest.
no. Oh.
okay. I would think .
it's a print call. What she's doing upset. She's thinks he can be true, right?
I'd be like that .
too and this policemen on the other side says, well, the police gonna come in five minutes to arrest you. All of our police stations have been alerted to you. Don't go on the run SHE says that can be true and he says, don't work down where? He said, because I am calling from india's federal detective agency, the C. B, I, the central of investigation, and he says this is a matter of national secrecy, he says, and because of the high stakes involved, I will try and talk to my colleagues, and I will persuade them not to put you in physical custody, says this placement, says, instead, you're gonna put in digital custody. Have you heard of .
digital custody?
Digital custody? No.
this is where rather than, I guess, is he makes a lot of sense, especially in these cash strap times, rather than putting someone in A A cell, they say you're going to be watched on your phone twenty four hours a day in your room. So you have to set up your phone in a corner of the room, turn the camera on, we will watch you. We will question you via skype call as we investigate until we cleared you. You have to obey our rules.
interesting. Okay.
what kind of sensible in some ways, right?
Um I want to .
go to the bathroom. Can I go to the bathroom?
Oh, oh. Where there are rules grow, there are rules which are shared with you, and some of the rules include you have to place the phone everywhere you go in the house while you're cooking, while you're sleeping, even when you go to the lu, you are allowed to place outside the lu, but only after you've show them there's no other exit from the lou. So if they're tracking this .
woman's every move.
why do they just get a rumble and camera?
But this this all hinges on her complying with what they're saying and they're not there in person. So they're just assuming that she's one of those role follower types.
but if you're .
not a rule follower.
this just falls apart. No, but Frankly, I get the of but when there was when there was an american, a policeman in new hampshire, we were driving through IT and he was telling you to stop and power once about them. Were you? No, you pulled over.
Then there was a good on his hip. That's.
oh, was IT really a gonna? Was IT a water pizza? Was he really a policeman, or was he wearing fancy dress? We don't know.
I could have been anything. I think he does protest too much and i'm .
right now the problem was that doctor chikor has got a rubbish phone IT doesn't have a camera on IT it's no fashion phone so she's told by the policeman, right? He says what you're going to do is you're gonna drive down to the store and buy a smart phone right now. And this respected neurologist does exactly that.
He comes down to the store. SHE buys erself a smart phone, and SHE begins a paying the rules. This new smart phone with its Cameron is watching her every move.
SHE lies to her workplace. SHE says i'm too well to come into the hospital where I work. SHE told her relatives SHE was too sick to see them when her uncle pop tran to her house. SHE hid under the bed with her phone camera running all the time, so he wasn't actually dork, didn't want him to see her through the windows. He died the bed.
Kevin wakes .
up her medical students at night, asking them to go out and buy extra data for her to keep the digital arrest going. This goes on with this long list of rules for seven days. Oh my god.
poor woman.
Oh my god.
All the time she's been questioned about her life and and they've logistics, they know all about her. They know where she's been. They know she's been at this conference.
I know stuff that they found on social media and the scammers, and yet, news flash. And I know you'll a shock you by worst scammers. What I even faked a trial done via skype. There was a fake court online where he was ordered to dress in White to show respect to the judge, because judges are real stickler s for dress codes.
They committed to the bit, okay, yeah.
And the court is, say, my love, if we need to make sure we've got the right person, you have to verify your identity. So could you transfer your savings? Oh, temporary.
It's only just for government verification. And of course, that's what he did. SHE transfer her savings into the city.
Oh my god, this is awful. He lived the nightmare. This for a woman.
Well.
this is the thing believable. Like, even if he had the wish of wanting to call cop, SHE was kind of terrorized in her own home because SHE mentally fell into their trap.
Well, he thought he was talking to the cops. So why you the cops on the cops?
Because they must have been something where you going. I can't believe cops do this.
But genuinely, who would you call?
Yeah, and this was IT because after this happened, and he thought is a bit strange, I don't seem to be in digital custody anymore. They don't seem to be Carrying on with the trial.
And where is my money?
Where's my money? So he started google in digital arrests. And what he found is that hundreds of people have had the same experience in index SHE went down to the police station and again, he was unsure, is this a real police station? Am I reporting to the genuine police? And he said them, this is what's happened.
If you heard of IT, the policeman apparently laughed at her h, which is a very sympathetic, and they said, this is happening all time. So similar digital rest of being taken place across the country. People have lost in total millions and millions.
You asked me, actually, when I got loafed, yeah loafed. We went call.
So there was no lapd in one at all.
That was seria. That was A A. That was a mixture of upset. The emotions were bubble out of me. So the problem is so big.
Last month, prime minister mode of india warned about IT journey's monthly radio address, but the scammers behind this, they are believed to run call centres in cambodia, Manda r laws. And possibly the individuals are working. These call centres are actually working against their will.
We talked before about these pick botching scams and other scams, the people working in the cool center have had their passport taken away from them, and they effectively slept. It's surrender. But lots of people were found for this.
Another guy felt for this was actually a guy who was writing the autobiography of the prime minister. And again, he was duped. And that he says, whether knew all about me, they found out information, but they appeared to be genuine police. Sometimes they actually have video calls with you, and they dressed up as policeman, where in the little uniforms.
high school theater club stuff like their dreams, we can make IT on broadway. So we're going to make IT in scams. We're gonna do IT our way.
Demand is astonishing, isn't IT. So at the indian cops of arrested some people in connection these digital arrest roads. But IT seems there's quite a lot of IT going on.
So I think they're probably only grabs some of the people. The indian prime minister, he's given some advice, three steps to digital security. He says, stop.
He says, don't panic. Don't give away your personal information. Think he says, does that really sound like something a government agency would do, what they threaten on the phone? If IT smells fish IT probably is, which is good advice unless you have actually bought something said, I don't know that for bated so okay, sorry.
Well, i'm according that you're quote and he said, he said, so think and take action call the national cyber helpline he said, report the crime, inform your family all about this. And maybe we done knowledge, but we got a lot of this and this in india. Maybe we've an orbit to raise awareness of this as well.
hope? yes. And i'm actually talking about phones camps as well. So I do see .
this week interesting. So do you think this could happen to you?
Of course. Yeah, course. This chick would happen to us. And I would just be a way that would know I look at this .
one and go, or I wouldn't fall because that's the ultimate defense. Maria, what is your story for us this week?
So are either of you familiar with bits?
S, S, as in an eight of a bite.
Oh, that kind of bits. Um what if I told you that bit was a person? bits. The person.
person is IT with a, with a red. Yes, oh my god, how did I know? I just just in which case I definitely wouldn't know about them. I would have avoided them because that's a stupid way to smell bits. Who beats with A Z?
Or is the bits with A Z? Or is he is, I would say, as a yank, bits is a with at least sixty three thousands subscribers. And he is one of those gaming youtube ers where he streams himself for hours as he plays video games, which is a thing. yeah. okay. So a lot .
of focus are in the wrong .
line of work, because I love video games. And I just like, could I make money just playing civilization all day with people watching me as I swear at gandhi? I mean, I could happen. Maybe i'm doing maybe .
but you like talking tumoral and .
I do I do like the gap. I'm just rethinking my career right now as i'm speaking to think we is second mean, I do this. Um yes, of bits is a utility gaming streamer and he's got a lot of followers.
He's worked really hard over many, many years to build up his his account. IT is a career. People make money doing this somehow. His dream is very cold. Zy, he's sitting in his game. My chair, there's lot of like a bluggy ory L, D lights behind him, making IT look very much like a gaming cave within. There's a like a fireplace in the background, very good, like a gaming lodge.
I imagine kids watching that would like one day. That's gonna be me one day and me .
as an another kid going one day. That's gonna me now like I subscribe everybody.
yes. So I click through to his channel. He has an enormous fire running. Is that for real?
Um you know i've actually been wondering, is that like a gas fireplace, what the deal is .
because that IT looks quite nice that so much fire I am that looks danger there's a lot .
of co so in your room so I can't be good for your venning said .
I just went looked at is generous. Oh dear, he looks like he got fire, is like he's burning.
burning with the flame of gaming. Yes, he's very a good time. So he update this video uh, very recently with the title. Simply, my youtube channel got deleted last night.
Oh yeah.
uh, not she's doing not is doing so um mr. Bits was sz. mr. Bits was the victim of a thing that I am just learning about called stream jacking, which is a targeted attack that tends to go right after youtube ers with a large following. Can you guess what the goal is of stream jacking you was yet .
it's going to be to .
promote something or advertise to all those sixty three thousand people who follow him?
Yes, what what? What pretty. How could somebody with bad intensions be willing to redirect people to do or purchase? Or any currently .
say skilling isn't there the news .
fat on tiktok swilling oil in order to yeah you sill oil in your mouth for for like a minute .
or two like.
like, like mouth wash like and then yeah anyway whatever okay right IT clipped .
to it's crypt of it's eventually it's a cyp todos camp. It's it's a very, very long way of going getting to crypto camp. But the thing that I found a nursing about this here, sort of the chinnook of what happened to to mr.
Bits, he was casually browsing twitter, slash ex, whatever. How are calling IT now? And he got a security notice thing. There was an attempted log in on his account.
I'm guessing the geo fencing or whatever, was noticing somebody was trying to logged in to a session from a different location. And then pretty right after he got logged out of his account, and any time I tried to log back in, he couldn't. And at the same time, his TV logging out, i'm guessing you maybe that's the fire placing TV. So his TV .
logged out. His fireplace .
logged out.
as one's fireplace .
often does.
yes.
Then he went on to his youtube, he tried to get onto his youtube be account, and he found out that that account he also could not access. So IT had been in hacked twitter.
The hat must have been having kittens. And because this is is a whole life, is our existence, is a youtube channel. IT is.
yep. And his whole identity of his youtube channel also changed pretty much immediately. The channels name the banner up at the top of the channel. Even the email edges and his password all prety much instantly changed. And the live streaming crypto related videos.
And the scheme calls to action sitting, you know, go to this website to develop your clipt of all that kind of thing is a cypher. He was shitten bricks as they is. absolutely. yeah. Not really.
I was smoke .
like the colorful.
It's not yeah I I would presume that IT is I will say that the happy ending to this story is IT took only twelve the hours for him to get through the youtube support and recover his account. And the reason I say it's happy is, in many cases, streamers who have been stream jacked as mister biz did, they never get their accounts back. Many people have said, like their account is basically as nuked.
And these are people who get of hundreds of thousands of subscribers, and they can never get that back after years and years of work. So it's just gone in an instant, which is so terrible. So twelve, our recovery is pretty great.
And yes, he can. He uploaded this video to let his followers know if you ended up clicking any of that stuff. Need to check out your sofa right away because you probably have a malar.
So how did this all happen? And how did this stream jacking occur? R, because this is the thing that I also found super interesting.
He had received through his email, an N D, A, through documents in for a sponsorship deal. And IT all looks totally legit. IT was a real legitimate document document.
Uh, the organization was all legit. Um IT all passed the initial sniff test. However, IT wasn't he. He was misled by h someone with bad intentions and signing that mda caused him to download a malicious file to his machine that then essentially cloned his browser and its sessions that allowed the attacker to get access to all of his sessions across his browser. Everything he was logged into because what he had .
noted on his.
he's right. What he had noted on his video was that he smartly has email account for every single one of his social media things. So youtube has its own email.
Twitter has its own email. Twitter has its own email. So one of those gets compromise. He didn't lose the whole lot. So he thought, like, I M good.
I not heard that for its clever yeah .
IT is now now that I know that except in this case, they are able to completely bypass that. Apparently he had two factor authentication on .
what that maybe that grabs the session cookies from his browser yeah so sort of able to replicate as he was logged in to all of those accounts. Maybe they were to replicate being logged into the accounts themselves sounds like IT.
So they just narf IT all up and they are able to logging into all his things that he was logged into. Um so given all that, it's quite amazing that he was actually able to recover anything at all. Is that to me that the kisses of the king them are gone.
But I guess he was able to output n some of the attack kers to someone, change some of those passwords before they could get to IT. But in any case, he was able to recover his account. But yeah, this this whole thing just revealed to me.
I didn't know stream jacking was a thing. I had no idea. But yeah, in the end, he was all a cyp to scam.
My goodness. In the meantime, people who have large youtube followings are followings on any social media. Just beware of unexpected nda and and yeah deals coming in to your inbox. The fact that he even went around his two factor authentication tion, I suppose that would give you a little sense of security. But if it's hijacked your brothers sessions, then yeah that well.
And a lot of these crypto currency scams, which i've seen lately, have used the face or the name of elon mask as well, haven't night, I sure have. Is strange how I sort of embraced him and use him.
I need the darky conga and well.
he is well, yeah. I mean, I mean, the thing is, I mean, he's taking on this new position, isn't he can be very, very busy. I don't think he's got time just to hand out cyp to currency.
You laughed me on air when I said that was happening. You said he's not gonna a take that role or you wouldn't saying something along those lines.
And the thing is, how long will he last? How long live in?
There are super good .
friends that.
So what's your topic first this week?
okay. What we've been talking a lot about scams. My stories about scams as well OK. But like if you you get a phone call and you don't recognize the number, what do you do?
I do not answer, do not answer. I don't even to answer phone calls from people I do know.
Yeah, no, I do the same. I do the same. You clue.
yeah, yeah.
Straight to voice is really, if you don't recognize that, even if I could be a journalist, don't .
recognize or days, just think the l you calling me, I look at, I look at the area code as well. Well, that might be an indicated.
I like school. I, I, I guess I can ask you guys how many scan me or nuisance calls you get because if you have no idea.
because you don't take no, I get a lot. That's part of the reason I get so many everyday, daily, daily, probably about five or six.
And that's after subscribing .
to um one of the services that supposed to help filter them out. So I would probably get even more than that. But yeah and you think .
like these crazy days, if you know advanced tech, the powers the bee would have figured out a way to address the spam call epidemic. Because IT seems IT is an epidemic and it's getting bigger and bigger all the time. I'll springle a few numbers.
You get idea of how big of a thing IT is. But in the us, true color states, americans have received two point nine billion calls every month. That's their average twenty nine billion, and move a third of calls from non contacts in the U.
S. Or unwanted or spam calls, nuance calls. The ftc show that consumers reporting losing more than ten billion to fraud and twenty twenty three, the highest ever recorded. And calls are a big part of that.
And some U. S. States, you probably get those robot calls don't need from politicians or political groups.
So yeah, imagine they don't care about some states, but in key battle gram states, they would have done that. There must be really irritated. yep.
And the U. K. Is not much Better. Like the U. K. Reported, IT has the highest fraud call rate in europe. Twenty seven percent of calls being fraudulent or classified as nuisance.
but the recorded loss .
is seem to be much less, even if you take into account population, Rachel. So U. K. Finance figures for last year recorded losses of hundred thirty six million, but another report said seventy percent of people who have faced the scm situation have .
never reported IT.
Yeah, so seventy percent.
I really want to report her.
Yes, same here. Yeah, I be honest.
And especially if you spotted IT and didn't nothing happen, let's say, you know, IT was obviously a sm and you hung up yeah, you probably wouldn't. All right, because it's a pay me ask call or you imagine it's going to be a long process complicated. I don't have time. We're going to go make dinner.
I think in some cases, you can forward the number, can't need to address this and things. But yeah, I probit probable to be I feel bad about IT, but I probably wouldn't.
And worldwide, it's not much rosier USA today. H just reported that the last twelve months, we've hit a new high, a global loss to scam calls of one trillion dollars. So in short, stem calls are annoying.
They waste time if they can dupe you into parting with your harder and cash. Banks don't like IT. Telecom companies don't like IT.
Nobody likes IT, except for the scammers should win. So so what can you do? What can you do about all this? Well, this year, the U. K. Seems to have made a concerted effort into educating the public about ams and how to avoid them.
Gram, you may have seen the national campaign, which is similar to the one you mentioned earlier in india, stop think fraud, which launched earlier this year. You may have seen that around london or in buses, public transport, that sort of thing. And the home office is working with take holders across a variety of industries.
You've got banks like barley and telecom companies like B, T and o two in the royal and tiktok. So loads of people are involved in this and they even held their first fraud summer in london um this year and then there was the bigger rest. Last August, the national crime agency reported that they shot down the platform russian comes, which was used by hundreds of criminals to defraud victims across the world through a scam calls.
They estimate a one hundred and seventy thousand people across the U. K. Were believed to be victims. Cheese and financial losses in the tens of millions.
yeah, sadly.
And this platform allowed criminals to bed behind the identity by appearing to come from preselected numbers, most commonly financial institutions or telecom companies or law enforced and agencies. Very similar to what you are saying. Really great.
Ah this is where IT IT really can be convincing as IT looks like IT is a phone call coming from your telephone a prior, for instance, or coming from your bank or a text message which you may appear to come from them as well so yeah, that's that's a real nuisance.
And I mean, according to the advert shared across a social media for russian comes the service included unlimited minutes, hold music, encrypted phone calls, instant handset wipe in twenty four seven support.
What's this instant handset hit wipe? Because people are worried about getting infected by dirty telephone of the golf, a friend.
I imagine, I imagine me wiping the number or whatever pretending to be from that. I imagine, okay, there's a lot of efforts going on. There's lot of a smattering of work going on that i've certainly ticed what i'm mounted about london, but there's a new effort in the U K.
That is launched this week from telecoms company o two meet daily P A, I grani and head of auto scammer relations. So she's been designed to answer phones and keep the Fosters on the line, the idea being to waste their time and keep them away from you, because if they're on the home of them, they may not be on the phone with you. So o to talk that Daisy is so lifelike that SHE is successfully kept numerous Fosters on calls for forty minutes at a time. So that could be three numerous. I don't know what IT where is numerous.
It's yes, a numerous means a number. I think I think that is the strict definition of numerous.
I imagine more than would be more than one.
Yes.
i'd like to think so. So let's see what we think.
Hello gamers, i'm your worst nightmare. I'm an A I created by o two to waste phone scammers time. So w is then adult three w and then dot. I think your profession .
is bother ing people, right?
I'm just trying to have a little chat. Lot, gosh, how time flies. Because while .
they're busy talking to me, they can't be scaling you. And let's face IT, dear, i've got all the time in the world, so what do you guys think? Ra, yeah, if I didn't know.
I should be suspicious about IT. I I might might form I that for my .
days of doing tech support of elderly relatives, that sounds very convinced. I think I can imagine myself being on.
I mean, he is winding mop, something fires as well, right? Just having circular conversation. And I do like IT because IT is a bit funny.
IT educates and it's compelling. It's compelling. They have a great ad of which i'll put in the show notes if you want to see IT in action. And we all like seeing someone get wound up when they've been doing something shady, or doing something shady like attempting to scam a grani.
right? What the great thing is that this is using up as scammers. Time isn't IT, which they could have been spending, attacking someone else and scan in someone else out of their money. So you could have been a real granny they were talking to rather than days.
Yeah, exactly. And apparently they did a survey and seventy percent of folks said they wish they could get their own back. Can scammers that have dupe them or a loved one? But maybe they didn't necessarily have the time to go do the scamping thing and or didn't have the technical expertise.
So rather than trying to scale a scammer, which I do not recommend, leave that to the the people that know what they're doing. What you can do is if you think you've got a scamp, do report the scamp. So in the U.
K, you do this to action fraud. The number seven, seven, two, six as what you text. And I very much support this. And o to say, and I love this, they say we're reporting dodgy calls and messages.
Telecoms companies are able to investigate and block the mobile numbers used by fraud ers, and they can also use scm text to help refine these blocking services to make IT easier to identify and stop new trends faster in future. They both that they blocked eighty nine million text last year alone, things in part two, action fraud, d seven, seven, two, six. And people like us reporting in very good.
well done. easy.
I know. yeah. Let what do we let easy have the last word here.
It's showing me a picture of my cat. Fluffy is showing you a picture of your cat. Don't call on me. Did you stupid? Got IT there.
Do zero day exploits and supply chain attacks keep you up at night? Worry no more you can harden your security with thread locks.
Imagine taking a proactive, denied by default approach to siber security, blocking every action process and user, unless specifically authorized by your team, threat locker helps you do this, and providing full audit of every action for risk management and compliance on boarding and Operation is fully supported by their U. S. Based support team.
Stop the exploitation of trusted applications within your organization to keep you running efficiently and securely worldwide. Companies like jet blue trust threat locker to secure their data and keep their business Operations flying high. To learn more about how threats locker can medicate unknown threats, ensure complaints for your organization, visit matching secure dot com slashed threat locker that smashing security dot com slash threat locker and thank you, the threat locker .
for sponsoring the show. Whether austerity nor scaling your company's security program, demonstrating top note security practice and establishing trust is more important than ever. Venter automates complaints for sock to, I saw twenty seven O O one and more, saving you time and money while helping you build customer trust.
Plus, you can stream line security reviews by automating questionnaire and demonstrating your security posture with a customer facing trust center, all powered by venture ai. Over seven thousand global companies like at asian flow health and cora use venter to manage risk and prove security in real time. Get one thousand dollars of venture when you go to venter dot com slash shine that sta don't come slash machine.
But one thousand dollars of. Quick question. Do your end users always, and I mean always, without exception, work on company owned devices and I T approved apps? I didn't think so.
So my next question is, how do you keep your company's data safe when it's sitting on all of those and devices? Well, one password has an answered to this question, and it's called extended access management. One password extended access management helps you secure every signing that every APP on every device.
Because IT solves the problems, traditional im and m dm can't touch. Go and check that out for yourself at one password dot com slashed smashing. That's one password dot com slash smashing. And thanks to the folks of one password.
the support in the shed.
and welcome back and you join such a favourite part of the show, the part of show that we like to call, pick of the week.
pick the way, pick the week.
Because of the week is the part of the show that everyone used to send the like be a funny story, a book that they'd A T, V, show, a movie, a record to podcast website or a nap, whatever they like. IT doesn't have to be security related necessarily, but do not be. Well, my pick the week this week is not security related.
My pick the week this week is social media related. I know you're a huge fan of social media. You can't.
Are you talking about blue sky like every other person on the planet?
So my pick, the k this week is blue sky.
There IT is. So I kind of escaped your notice.
gentle listener, that there's a new it's not to that new. It's been for a few years. I have an account on IT for a while as well, but I have been very active until the last couple of weeks because i've decided to close my twitter.
Me too yes.
minds gone. I I deleted .
IT yeah um maria.
I know you're a messed on. I'm messed on as well. I've never really embraced master on entirely. I've not completely got into IT.
I mean joint blue sky, though it's like some said to me, is IT like the new version of twitter. And I said them no is like the old version of twitter before twitter became fitter when your musk took over. So twitter one point zero, not twitter two point zero at the moment, it's lovely.
There's no ads. The algorithm where you can define your own algorithm, you can just have a chrome logical feed of everybody here you are following, rather than elon mask popping up for the time being promoted even when you're not following him. And it's uti charming.
There are easy ways to block people and IT seems to be quite civilized. So I i'm really enjoying blue sky and that's what i'm posting them mostly hanging out now and I thinks great. I knows been a lot hype about IT I saw today day of recording. They're just passed twenty million users, which is extraordinary.
Have people been leaving? X have their bin? Yeah roves, yes. The .
guarding newspaper left x as they like, call IT. The clifton suspension bridge in.
i've been waiting for one.
I believe that shatner and is the solution. And very much of the members of the tric learn the um have made the jump of blue sky as well. So people are leaving. And marco, yes. Mark hael milk, yes, he is there.
Mark can will left. Yes.
he's there. He's a superstar. So lots people who live in blue sky, if you're nice, why did he come join us if you not .
stay on eggs?
You know what, maria, I will put a linked your blue sky in the show notes as well as my own coral. Are you join in blue sky or you're not really into social media as much as maybe .
I just have real friends know?
Well, all right, was just going to say we need to get sticky pickles on blue sky event. Maybe not. I don't know.
What do you can do that OK.
I'm still massed IT onto though I just want to say I like them. Yes.
there is very different. Yeah yeah I like masted on to it's just a moment blue skies a little bit more engaging for me. Yes, maria, what's your pick the week this week?
So um it's been a little while and I ve been on the show and i've been watching a lot of TV. The two of you know I am pretty sure that I recently moved houses. So I haven't been able to get out in the world and do things, is my only entertainment is basically given just TV went i'm my exhausted from a long day of unpacking or throwing boxes out right.
Um i'm to i'm going to get my nerd on, i'm going to get my full total anima dork nerd on and i'm going to give you my recommendations. It's an enemy on netflix called dana and and i'm absolutely obsessed with IT. I was really i'll read the pitch in a bet to prove whether ghosts or aliens exist.
Two high schoolers faced terrifying paraNormal forets gained superpowers and maybe even fall in love. Basically there's a nerd who's really into UFO s and then there's like the weird outcast girl who's really into spiritual like paraNormal arrest stuff. And they both think the other one is wrong.
They're like there's no way you of us could exist. There's no way go surreal and they both find out that the other one is right. It's super funny.
I really haven't enjoying the hell lot of IT and it's on netflix. A lot of people can watch IT. They put networks, I think gave this show a ton of money for their art direction.
So it's unusually good being for an enemy. The opening themes long is like insanely good. Um so yes, IT is an animation. So I know many people that is a non starter, but if you are willing to watch an enemy, this one's really, really fun. And I greatly enjoy IT dad.
and then how do you spell? Then dam to dam dam a dance .
like then and a dad and dad.
O K, O K.
yeah, cool.
It's a lot of fun. All right, check out. So what pick the week?
So I pick the week is a book called button by a sakos zuo I IT was published in japan in twenty eighteen. This year is made available english. And it's a novel.
It's a fiction book. And the central character is manocha. And she's like this cavitation fan fille and full and lover of butter. And she's in detention and awaiting trial for having killed. Three men have .
returned.
and they seem to have died from things like heart attacks and like maybe natural causes. But he was always involved of eating .
too much butter.
And then we've got this .
journalist name, rica, and he wants this woman story, right? He wants to do the true reveal, you know, the peace about this footy killer. But the problem is the beauty killer doesn't talk to the press until the journalist rights are the request for a beef stew, right? That's how IT all kicks off.
And it's a thrilling search for what happens to actually these men. But also, there's a lot about food. So if you like food and reading about food, this is a great fun book to read. MIT touches par on japanese society is well in demanding beauty standards the japanese women are expected to maintain, and fat phobia and all kinds of things pass plus butter is based on a real life case of the context. U killer, which was a can woman and talented home cook called gig ma and SHE was convicted of poisoning.
Three were male lovers.
So it's a fat book of five hundred pages. It's great at the holidays are coming around the corner. Get IT for your food friends you like to read. So butter by as echoes uka my pick the week.
excEllent. Well, that just about wraps up the show for this week. Maria, thank you for join. I'm sure lot of our listeners love to find out what you're up to and follow you online. What's the best way to do that?
You can find me on t money space daily every day where every find your great podcast ast, and I also am on hacking human .
and you can find smash security on blue sky as well, unlike twitter, which wouldn't give us A J and don't forget to ensure you never miss another upside follows smashing security favorite podcast steps such as apple podcast, spotify and pocket casts add huge.
huge thank you to our episode sponsor one password venta and threat locker and of course we're wonderful picture on community IT thinks to them all that this show free episode shown notes, sponsorship info, guys list and the entire back cat ogun more than three hundred and ninety three episodes check smashing .
security 点 com until next time cherian bay bay。
bay.
The tiny place place.