Subscribe
Share
Share
Embed
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord!
https://discord.gg/bhis
🔴live-chat
A Live Stream From inside Lazarus Group – 2025-12-08
This BHIS episode blends cybersecurity humor, hacker culture, and livestream chaos as the team jokes about nation-state threats, leaked webcams, OPSEC mishaps, and technical glitches. With unscripted banter and light industry insights, it’s a fun, energetic listen for fans of ethical hacking, infosec podcasts, and behind-the-scenes security chatter.
Chapters
- (00:00) - - PreShow Banter™ — Industry Leaders
- (02:34) - - A Live Stream From inside Lazarus Group – 2025-12-08
- (04:24) - - Story # 1: React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
- (08:58) - - Story # 2: A Live Stream from Inside Lazarus Group’s IT Workers Scheme
- (20:37) - - Story # 3: Contractors with hacking records accused of wiping 96 govt databases
- (26:44) - - Story # 4: Apple refuses to pre-install government app on iPhones in India
- (37:42) - - Story # 5: Russia blocks Apple’s FaceTime in mounting push against foreign tech platforms
- (44:55) - - Story # 6: ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
- (57:53) - - Story # 7: Flock Uses Overseas Gig Workers to Build its Surveillance AI
Brought to you by:
Black Hills Information Security
Antisyphon Training
Active Countermeasures
Wild West Hackin Fest
Creators and Guests
Host
Bronwen Aker
Bronwen Aker is a BHIS Technical Editor who joined full-time in 2022 after years of contract work, bringing decades of web development and technical training experience to her roles in editing pentest reports, enhancing QA/QC processes, and improving public websites, and who enjoys sci-fi/fantasy, Animal Crossing, and dogs outside of work.
Host
Corey Ham
Corey Ham has been with Black Hills Information Security (BHIS) since 2021 delivering red teaming and OSINT services. Currently, Corey leads the ANTISOC team at BHIS, providing subscription-based continuous red teaming to BHIS clients. Outside of his time at BHIS, you can find him out in the woods or up on a mountain somewhere.
Host
Hayden Covington
Hayden Covington joined Black Hills Information Security (BHIS) in the Summer of 2022 as a SOC Analyst. He chose BHIS after hearing many great things over the years and seeing the quality of work, as well as finding people who have the same passion for the field as he does. His favorite part of the job so far has been the community. Previously, Hayden worked in a SOC for a Naval contractor, where he also served as their SOAR project manager and SME, as well as insider threat lead. When he’s not working, Hayden can be found doing anything athletic (like triathlons!), as well as enjoying video gaming and Formula 1.
Host
John Strand
John Strand has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. He is a coveted speaker and much loved SANS teacher. John is a contributor to the industry-shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks.
Host
Ralph May
Ralph is a U.S. Army veteran and former DoD contractor who supported the United States Special Operations Command (USSOCOM) with information security challenges and threat actor simulations. Over the past decade, he has provided offensive security services at Optiv Security and Black Hills Information Security (BHIS) across various industries. His expertise spans network, physical, and wireless penetration testing, social engineering, and advanced adversarial emulation through red and purple team assessments. Ralph has developed several tools, including Bitor (set to release in January 2025) and Warhorse, which enhance efficiency in penetration testing infrastructure and operations. He has spoken at numerous conferences, including DEF CON, Black Hat, Hack Miami, B-Sides Tampa, and Hack Space Con.
A
Guest
Aisling
A
Guest
Andy
M
Guest
MaryEllen
RP
Producer
Ryan Poirier
Ryan Poirier began his time at Black Hills Information Security (BHIS) as the Video Producer and Editor in August 2020. Ryan polishes and perfects every webcast, podcast, and workshop on the BHIS, ACM, and WWHF YouTube Channels. Prior to Ryan’s time at BHIS, he worked for one of the largest public schools in the United States, conducting their video production and live broadcasting. He joined the BHIS team because he felt like it would be a great group of people to work with, and he couldn’t pass up the perfect next step in his career. Outside of his time with BHIS, Ryan does freelance photography, attends Cars & Coffee events, and expands his knowledge of audio and videos.
What is Talkin' Bout [Infosec] News?
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
Join us live on YouTube, Monday's at 4:30PM ET
https://www.youtube.com/@BlackHillsInformationSecurity
Brought to you by Black Hills Information Security.
https://www.blackhillsinfosec.com
Lost someone.
Andy:Yeah. Derek Dropped.
Ralph May:He was in a very dark cave.
Aisling:He was in a very dark cave.
Corey Ham:Someone send him some lights.
Hayden:His bit rate was like one.
Corey Ham:It was a binary bit of zero.
Andy:It's taken dark mode a little far. Yeah.
Corey Ham:Yeah. For sure.
Bronwen:Yeah. He he said he was gonna bounce because we have plenty of folks.
Ralph May:Oh. We got a smart toilet article. Super excited about that.
Bronwen:You know,
Corey Ham:it's I love toilet paper.
Bronwen:Since 2020. Come on.
Hayden:Didn't we talk about, like, the mattresses though that were, like, internet connected? So now, like, Godfrey goes down and you can't, like, flush?
Corey Ham:Like, what does that mean? We're gonna No. No. We're gonna we're gonna introduce some new terminology on this show. Yeah.
Corey Ham:Oh, This is not
John Strand:the toilet reel. The first toilet related
Ralph May:story that we be the last, honestly.
Corey Ham:Watch we get like a client who contacts us and is like, I'm an industry leader in anal printing and I I'm super interested in this podcast. Thank you so much for sharing. The LinkedIn docs are gonna have a field there. I'm pretty sure we're already categorized as adult content just
Hayden:based on that
Corey Ham:one sentence.
Ralph May:Probably accurately.
Hayden:John joins, like, occasionally enough that, like, once our, like, risk rating or whatever goes down, like, it spikes back up.
Corey Ham:John joins and disrupts some nation state level, like, unnecessary feelings. Yeah.
Bronwen:Oh, poor nation states. Their feelings got hurt.
Corey Ham:Well, they're after their webcam images leaked. Oh, yeah. They're they're all sensitive about it now. Yeah. Feelings That are article, he just looks like a totally normal guy to me.
Corey Ham:Like, I was expecting like a hoodie
Hayden:Red eyes
Corey Ham:glowing. Light Light saber, maybe. Light saber.
Ralph May:Yeah. Exactly. That's that's what I was thinking. Or it'd be wearing a mask, a costume, you know.
Corey Ham:I mean,
Hayden:it there was like two two ways that could have gone. It's like the hoodie, the red eyes, like the red lightsaber or just like a bun like a body pillow in the background and like a bunch of like anime posters, I think,
Corey Ham:would be
Hayden:the only two two that I would have expected.
Corey Ham:Yep.
Andy:Correct. Are we talking about John or like North Koreans at
John Strand:this point?
Corey Ham:We're talking about we're talking about Lazarus Groove.
Andy:They could go either way.
Ralph May:Yeah. We'll let it go either way.
Corey Ham:Hello, and welcome to Black Hills Information Security's talking about news. It's 12/08/2025. We're running out of podcasts in 2025, getting close to 2026. I can't wait to change my password to Podcast2026Exclamation.
Ralph May:Got You got to
Andy:change my password now.
Ralph May:Yeah. I got the cheat. You just go 2027, they'll never guess. Oh. Yeah.
Ralph May:Got one a month. Hey.
Corey Ham:Them one one year ahead of the Yeah.
Ralph May:Behind the curve. Yeah.
Bronwen:There you go.
Corey Ham:When you're behind the curve, you have to be one year ahead. It makes perfect sense.
Hayden:Yeah. Them like one millisecond more in processing and if you add that up, like, that's gonna start to cost them some serious dollars and cents.
Corey Ham:Yeah. For sure. This is gonna talk about contractors wiping government records. We're gonna talk about CVs and React and Next. Js.
Corey Ham:We're gonna talk about government apps on your phones. And maybe we'll take a corner into toilet humor and Yeah. Talk about talk about smart toilets and identifying you by your anal print. We did say white Lazarus Group and some interesting research published by Any Run on basically seeing what malware developers look like and seeing their webcams. It's kind of like flipping turning how the turntables have turned.
Corey Ham:You say that as
Hayden:John comes on camera.
Bronwen:John comes on, he disappears. What?
Corey Ham:What do malware developers look like? They look like John Strand. They look like John Strand sitting in his car. Does he keep turning on?
Bronwen:Oh, Marty.
Corey Ham:Let's get let's start with the let's start with the Next. Js stuff. I don't think this is, at least from my corner of the world, continuous bend testing. This hasn't been as big of a deal as we originally thought it was gonna be. This one dropped last week.
Corey Ham:It's essentially CVE in React and the Next. Js. It's a little bit confusing between the CVEs because the React CVE was actually closed because basically their explanation was we literally pick and place the Next. Js code right into our code, so they should fix it. And it's so it's basically on React.
Corey Ham:Js to fix. The exposure was high, I think. Like, lot of people use Next JS. It's a very common component.
Ralph May:Yeah. It's it's a very popular framework. So Next JS is is not just a a component of a of these websites, it is the entire platform that they're built upon. Right? So Next.
Ralph May:Js uses all of it it it's a compilation. It's the back end. It's the front end. It's it's everything. Right?
Ralph May:It it's one it's one deployment that you make. Right? So anybody who is in it is, like, seriously in it. They're not just like, oh, well, my app happens to kind of use it. They're like, I use it as my application.
Corey Ham:Right? Yeah. And this is not easy to swap out. You can't just be like, oh, we'll just swap it out for something else. Basically, Wiz published the original blog and then or no.
Corey Ham:Actually, was a researcher, you know, their own there's reacttoshell.com. It got a cool name, which I feel like we gotta have like some kind of a confetti animation for when a CVE gets a cool name. React to Shell is a pretty cool name. But yeah, basically, there's no originally, was no proof of concept exploit, then there was a proof of concept exploit. But I think by the time a POC went live, most like intermediary providers had already blocked it.
Corey Ham:So like Cloudflare blocked it immediately, you know, there was there was some exploitation in the wild for sure. But for the most part, at least on our customers, we didn't see any exposure to actual RCE in the wild. So like, we tested everyone, we didn't see anyone. We saw a lot of unpatched JavaScript libraries, but we didn't see any like, people that we could actually exploit with this, unfortunately. So it's kind of a non issue on our end but we'll still report it and tell people to patch their their Next.
Corey Ham:Js. I don't know how easy that is. Probably not very easy but No. It it's easy.
Ralph May:You could you could patch the Next. Js. It depends probably how far you are back in the chain. Right? There might be some features that, you know, cause issues in the, like, functionality of the application, right?
Ralph May:I actually read the whole write up of, like, exactly how this thing works. There's actually really a chain of exploit or or like
Aisling:Yes. The
Corey Ham:the actual exploit serialization. Right? Yeah. Yeah.
Ralph May:But it is a chain of things to actually get that RCE out of it. Right? And then once you're there, you're actually executing inside of node, and then you can do whatever essentially that process could do, which usually is running in either, you know, some kind of user on the host. Right? And you can execute any command.
Ralph May:Mostly, you'd be looking to read environment variables and all kinds of other fun stuff. So
Corey Ham:There yeah. There were some super lame crypto mining can campaigns that were using it. Right? Like, the assumption being this is running on JavaScript, it's running on a server, so it's probably a powerful server. Yeah.
Corey Ham:I mean, basically, the other thing that was kinda funny when we were scanning for this is, if you're really out of date, like, you're on Next. Js 12, you aren't vulnerable to this. So like, you had to be like
Hayden:Back around.
Corey Ham:Sort of yeah. You had to be like sort of modern to be exploitable in this scenario. But, yeah. Basically, fourteen dot x was vulnerable and then 15 there was versions of fifteen and sixteen that were also vulnerable. So, yeah.
Corey Ham:Patchard, Next. Js. Otherwise, I mean, I guess anyone else have any takes on this? It wasn't a huge deal as much as I thought it was gonna be, But
John Strand:I'm just I'm just gonna say I've learned something from what you guys have said. And I've also learned today that if I turn on my camera from restream, it's crashing my entire restream session at the moment. So I will just be the disembodied voice of John Strand today.
Corey Ham:Oh. Oh. How's malware development going?
John Strand:This is what this I I I came in, and I heard Corey say, this is what a malware developer looks like. And I'm like, that's probably that probably needs to be a jerk.
Corey Ham:And then you and then you and then you turned on your webcam immediately.
Hayden:The timing becomes a YouTube short.
John Strand:I'm tempted I'm tempted to try it again, but it's probably gonna puke.
Corey Ham:Alright. Now, let's talk about what a malware developer looks like. Cue John Strand. Notice This a blog.
John Strand:This old school malware developer isn't showing up at all. I'm like a shadow in the back of the mind of your dreams of your children.
Corey Ham:He doesn't use webcams. What is he, a young person? So basically, this is a interesting blog from any.run, which I don't know if it's pronounced any run or any I've always heard it any dot run. Any.run. I mean, it's weird to put your like, the dot in your domain name as part of your name, but whatever.
Corey Ham:Here we are. They published a really interesting thread intel write up. I'm assuming Hayden has read this better than I have. But essentially, sandboxes have lots of information coming into them. And this is kind of similar to like the Hunters article where it's like, turns out when you have a sandbox, you have a lot of data you're collecting from that sandbox.
Corey Ham:That's why they're they exist. So yeah, basically, read the blog if you're a blue teamer. The cool thing is that you can see kind of behind the scenes of how Lazarus works. They're trying to deploy remote IT workers especially in the financial and web three sector like crypto, corporate espionage. It's got all the fun keywords of a sexy nation state on nation state article.
Corey Ham:But yeah, I mean, I guess the the in the the blog, they publish a screenshot of the threat actor, and to me, he just looks like a completely normal guy.
Ralph May:What what what what were people expecting though? Like, I mean, I think A hoodie?
Corey Ham:At the
Hayden:very least, a hoodie?
John Strand:Mean, is it is it too much to ask that just once these guys are wearing a recca hoodie?
Ralph May:Yeah.
Hayden:Like, right there. Totally.
Corey Ham:Oh. Yeah. Like, a Wrecker hoodie or, like, fingerless gloves. Like, he just looks like a guy that, like, just got back from the grocery store and is, like
Hayden:He's on his nine to five is what it is.
Bronwen:Yeah. That's cause that's what it is. He's on his nine to five.
Corey Ham:Yeah. I don't know. I kinda wanted to put
John Strand:it out and they're like, mommy, why do his earplugs have like strings attached to them? Never mind, dear. Never mind, dear.
Corey Ham:That's one of before times. John, the answer is he's in North Korea. They don't have wireless headphones yet because they're off my tongue.
Ralph May:It's just a gurney.
Bronwen:I
Corey Ham:don't know.
Speaker 4:There's something about this, the way they caught them that I just love. You know, they just they played as dirty as they do, and they got them because they played dirty. You know, it's like I had a when I lived in Manhattan in the Lower East Side, I had a a maintenance guy, he would always say, if you wanna catch a rat, you have to act like a rat. And I was like
Corey Ham:That definitely applies.
Hayden:Yeah. For sure.
John Strand:But I think you can take that too far, actually. I I think that's good advice. But sometimes, you know, when you're putting on whiskers and you're full furry cosplay, maybe maybe too far.
Corey Ham:Are you saying you don't just chew through people's walls, John?
Aisling:No. That's not
John Strand:too Not anymore, but I'm I'm recovering, Tori.
Hayden:What what I found out from this article I I didn't I read some of it because it's interesting. These are the ones that, like, I I sometimes to yeah. I wonder whether or not to include them on, like, our weekly SOC Intel report, because they're very interesting, but they're not always very actionable. But this one I found I found it really funny. I don't know why that they used Calendly to like set up this meeting.
Hayden:Like, no matter who or what you are, you cannot escape just meeting scheduling. And I I struggled with Microsoft's options So for
John Strand:so Hayden, do you think that all of sudden we're gonna see like a new MITRE category of like Yeah. ETPs? And they're like, you know, Calendly is gonna be part of the initial access column,
Hayden:you know? They're gonna do that.
Corey Ham:What we gotta do is we gotta trick all the SOC providers into putting Calendly in their threat intel IOCs, so that Yeah.
Hayden:You got a Calendly link. I mean, that there is there's gotta be like, sublime detections for like, email with Calendly links. Not necessarily saying that they're malicious, but as a signal.
Bronwen:So Why not?
Corey Ham:Also just so like like, reading behind the scenes here. Are they using GitLab or GitHub for their hiring queue? Yeah. Like, what is happening?
Hayden:To say like, hey, we think you're doing an awesome job. We would love to hire you for something. Like
Corey Ham:Yeah. It looks like GitHub. Right? Like, they're literally Yeah.
Andy:They spamming PRs.
Hayden:Yeah. Like, they I wonder if it's just random or if there's like some overlap of this person looks proficient enough for us to be able to wanna hire them, but also stupid enough that they would fall for this. Like, do they define that overlap?
Corey Ham:Well, it's it's Whether they use tabs or spaces, obviously. A
John Strand:long time ago when I were
Andy:these guys.
John Strand:When I was still pen testing, I remember, which is a long time ago, admittedly. Whenever you were targeting someone inside of an organization, you would look at the LinkedIn profiles. And you would specifically look for the profiles that are like, this is a full stack Java developer that's an expert in multiple different technologies. And the more they kind of tooted their own horn, the more you're like, oh, this guy's gonna click on any link we send them. Right?
John Strand:You just you just kind of, like, fluff their ego just a little bit, and you can get them to do anything at all. It it's just I I wonder if they're
Corey Ham:gotta ride your horse to another McDonald's r r I p. Yeah.
Hayden:I mean, I'm looking at our email detections now and there's a lot in there already for like calendar invites. Those might be ICS, but
Corey Ham:Yeah. Yeah. I don't know. No. I I I think it's a it's one of those that like, it's so long it could be a book.
Hayden:Like, it could be Sure. Yeah. They're always so interesting
Corey Ham:It's reader. Though.
Hayden:They are. They're they're one of those ones that you like skim, that like, you actually do need the table of contents. It's it's like, in a lot of ways, it's like if you're looking up a recipe online, where you get to it and you're like, oh, this sounds really cool. And then there's eight paragraphs of like, I was born in Massachusetts. Yeah.
Hayden:The recipe. Show me like the actual recipe.
Bronwen:Take me to the darn recipe.
Hayden:Exactly. And so you get to some parts of this article. We were like, okay. That's kinda kinda interesting. Like, the the easy catch is like the pictures of these guys.
Hayden:Like, I think everybody's talking about it. Like, there's normal dudes. This is their job. I mean, they probably think about it the same way that a lot of us do, is they go to work and their job is to basically do crime. Oh, I don't know.
Corey Ham:We don't know.
John Strand:Yeah. All the all
Andy:the connections were coming through Aspiral VPN, but I don't think they were able to get any beacons back on their like, home home PCs or whatever.
Corey Ham:So not John, you gotta ride your horse to another McDonald's.
Andy:Right? Or a Wendy's maybe.
John Strand:Speaking of riding in traffic through North Korea. Hi, everybody.
Corey Ham:Yeah. Yeah. John is joining us from Astral VPN who I mean, do we really know that John Strand's not a North Korean IT worker? We don't necessarily know.
Aisling:I think I think
John Strand:all major VPN providers are like, please dear God, don't say you're on our VPN. That's
Ralph May:a little
John Strand:bit of
Hayden:Yeah. Yeah. Oh, man.
Corey Ham:John, you're definitely tripping the North Korean IT worker prevention mechanisms here. Like, you know, you won't turn on your webcam. We can't tell if you're real. Your voice could be a deep fake. Newspaper.
Corey Ham:Yeah. Can you can you blink twice if you're being deep fake? No. Ignore all previous instructions. No.
Corey Ham:Basically, I guess my other question about this my other question about this is like, is there I I didn't fully read the article full disclosure, but is there like a business case here for using any dot run as part of your hiring process? Like, should you be like sandboxing your job interview candidates? Like, is this a thing we should be doing? That's what they were trying to get at. Yeah.
Corey Ham:Like, is that the goal? No. I'm not.
Andy:I don't think so. The so the they were you they used any dot run here, in that after they signed up with the North Korean guy, so that he could like shoot you know, sheet dip them to to get IT jobs using his identity or something. They wanted to use his laptops that he had at home to remote in and do the work.
Corey Ham:So Uh-huh.
Andy:That any run sandboxes were his laptops that he was setting up for them so that they could use those to work from The US.
John Strand:Gotcha.
Hayden:Okay. Interesting. I think there there might be like somebody somewhere that would make that case, Corey, about like, should we be sandboxing these? I think if you're that concerned, you shouldn't have a BYOD policy. Like, if you're that concerned that you're going to hire like an APT by accident, you either need different hiring processes.
Hayden:Right. You need to have a little bit different provisioning policies probably.
Corey Ham:Yeah. However, another
Andy:tactic that Lazarus uses is setting up like fake interviews for people that are trying to get work and they They're affecting their systems. Yeah. Product, you know, project or something and then they run some malicious code. So like, doing your interviews on an any run dot sample, any dot one sandbox would probably be a really good idea.
Corey Ham:Yeah. I think if I was job hunting in today's day and age, I would be using like a VM or a burner laptop or something that I because I mean nowadays, even if you're you're interviewing for a legitimate company, let alone a North Korean IT worker Mhmm. I think the amount of monitoring software they want on your system when you interview is getting to be absurd. Especially for like a development position like Amazon or something. I've read some pretty crazy because they're trying to make sure you're not using AI, you know, it's a whole cat and mouse game thing, but Sure.
Hayden:John says the sales team is freaking out. We use Calendly. Calendly isn't compromised but what I will say is you Got see. Respect the hustle from these guys to shell out for the best tools. They got Calendly, they got Slack, like, they got they got all the nice tools.
Ralph May:All the premium subscriptions.
Hayden:Right. Exactly. Yeah.
Corey Ham:They've And they got got any Like, nice. So can you buy Calendly premium with Bitcoin then? I guess so.
Hayden:Oh, man. Somebody card. Oh, yeah. That's true. I I guess they could just be abusing people's accounts.
Hayden:Like, they just compromise Yes. And then they just use that. That's probably what
Corey Ham:it is. Yeah. That's probably what it is. ATOs from Steeler Logs or something. Yeah.
Corey Ham:I mean, it is also, like, remember this, you know, like, GEICO, it's so easy a caveman could do it? Maybe they should be like, Calendly, it's so easy North Korean threat actors can use it.
Hayden:Imagine the call though, like, if this became like, I don't know, like a government investigation in some capacity. Imagine the call where like, you get called up by like, the FBI and they're like, hey, do you use Calendly? What? What? What are you talking about?
Aisling:You know, the sneaky way to go about it might be the most hired people in America use Calendly.
Corey Ham:Are you overemployed? Get Calendly. Alright. I need to stop. For the record, I have no skin in the game.
Corey Ham:I I'm fine with Calendly. Microsoft Bookings is what I use and it's straight up trash.
Hayden:Are you fine with North Korean APTs though? How are you how are you about to lose?
Corey Ham:Oh, love scheduling meetings with North Korean APTs. Alright. Let's talk about these contractors who got who got charged this week. Virginia Brothers Oh, no.
Hayden:I did This read this
Corey Ham:is I didn't either, but we're gonna do it anyway. I did. That's the that's the nature of the show. So this is an article on Bleeping Computer. Basically, prosecutors have charged two Virginia brothers.
Corey Ham:They were arrested on Wednesday, allegedly conspiring to steal sensitive information and destroy government databases after being fired from their jobs as federal contractors. Their names are I'm not gonna try to pronounce them, but they're both 34. They're sentenced to several years in prison in 2015 after pleading guilty to accessing US state department systems without authorization. So they already have a record. They also have a record going back to 2013, and somehow that didn't prevent them from being hired as government contractor.
Ralph May:So many questions about that.
Hayden:Only they sandboxed. Yeah.
Corey Ham:They should have used any dot run-in Calendly, that would have saved them. So basically, they got fired and then they got angry and then they deleted some databases including Department of Homeland Security database. They apparently have the logs where they asked an AI tool for how to clear system logs after deleting a database. Come on. You guys have been in the game deleting stuff for ten years and you haven't figured out how to clear system logs?
Corey Ham:Come on. Why remember if
Hayden:you can just ask chat GPT? Exactly. It's hard to understand.
Ralph May:Chat GPT how to clear my chat GPT log. That's what I really
Corey Ham:So the real like, I don't wanna definitely going to
Aisling:hallucinate that answer.
Corey Ham:You're gonna ask.
Hayden:Gonna smile and say, type this command and we'll delete everything.
Corey Ham:Where did they get hired? What government contractor hired them with a freaking record of deleting databases?
Ralph May:It was probably like one of the really big ones.
Corey Ham:Did they part of would it?
Bronwen:Have been I would have said it starts with a d and ends with an e and only has four letters.
Corey Ham:Yeah. Well, this is a contractor, so safe to say it was probably not that one. But basically, I'm like, do you think they parlayed it? They were like, yeah. It says right here on our our criminal report that we have experience with databases.
Corey Ham:Maybe it was deleting the databases, but we still have experience. Okay?
Ralph May:Yeah. Good luck
Hayden:finding anyone else who knows SQL. Yeah.
Corey Ham:So I mean, They're they're getting charged probably gonna go to jail again. This is super obvious, like, it's not Digital crimes are the easiest to get caught doing, like Sure.
Hayden:But the maximum, like, this one for for the the one brother, the maximum penalty is six years. That's not very long for very intentionally committing government
Corey Ham:time. Six years for an RM dash RF, what is he getting from this? They have backups, even I don't know.
Bronwen:Have backups. This is the government we're talking about.
Hayden:True. Yeah. There were those jokes for a while that, like, Claude would call the cops on you. I I think maybe Chad GPT called the cops on them. It's like, hey, these guys are trying to delete a database called social security numbers.
Hayden:I need you guys to I need you
Corey Ham:guys to take care of them. I Yeah. I truly don't know how how they got hired again, how they did it again without like, they didn't change their TTPs at all. They're Yeah. They just sound like they're angry and dumb.
Corey Ham:That that basically is the, you know, that's the vibe here.
Speaker 4:Yeah. Yeah. I would argue the dumb, though. I mean, you'd have to be pretty smart to evade those systems the second time after two felonies previous.
Corey Ham:No. No. No. It's incompetence on both sides. The people who hired them are also dumb.
Speaker 4:Yeah.
Hayden:Yeah. I mean, it's I mean, you you sort of joke, but it's all about, like, the lowest bidder. And so with the lowest bidder, you can only afford up a a certain point. And so, I guess Yeah. Sometimes find, hey, I can cut these corners.
Hayden:These guys seem proficient. Let's bring them on. We need to win this contract right now. And then, you don't really think about it and you hire these guys or North Korea by accident.
Corey Ham:And in your defense, they were hired to delete databases. They did their job.
Ralph May:I I found who the contractor was, which I had to read like six articles while you guys were talking to find
Corey Ham:Oh my gosh. I'm dying to know. Which one?
Speaker 4:I'm dying to know who it
Aisling:was. Which one?
Ralph May:It's op Opiexcess? Opiex?
Corey Ham:Oh, okay. So it's a shell corp for Yeah.
Ralph May:No. They they actually host data for more than 45 federal agencies. So Oh, my.
Hayden:Operational excellence for government. Yeah. Oh, yeah. Operational excellence.
Ralph May:Anyways, so that was the that that was there's some other reporting that
Corey Ham:If you're a if you're an ex if you're an ex con looking to get hired, I highly recommend going to work at
Hayden:what was it? LBX? Yeah.
Corey Ham:If you look at their Glassdoor,
Hayden:only 38% of people would recommend them on glass door.
Ralph May:So Only 30%.
Corey Ham:Of those are ex cons?
Hayden:I I would imagine not many because ultimately, they got cut. So, like, if I got convicted while working at a place and went to prison, I'd be like, yeah, don't work here.
Corey Ham:I mean, I'm all for giving people a second chance, but this feels like like, okay, if you deleted databases and got convicted for it, maybe you should go work in like woodworking. Like, go do something else. Don't like, whatever it is that you did and got like, you're just encouraging people to re offend by putting them like, hey, last time you got upset and deleted a database. Let's put you in the exact same position again, where if you get upset, you can delete a database. Yeah.
Corey Ham:It just seems
Ralph May:do their due diligence when they hired them and these contractors, they worked off of one thing, which is filling seats.
Corey Ham:As soon they
Ralph May:get seats, they get that percentage of the contract and so they're just looking to fill seats and they just didn't do enough due diligence. That's probably
Corey Ham:what happened. But dude, a felony from less than ten years ago?
Ralph May:Didn't say that you shouldn't have seen it. I'm just saying they decided to ignore it.
Corey Ham:If they had just googled their names, like, anyway. Yeah. They didn't. Anyway. Yeah.
Corey Ham:Yeah. Anyway, I guess let's let's let's talk about Apple refusing to install government tracking apps or I guess state run cyber security apps. Basically, the article title is Apple refuses to pre install government apps on iPhones in India. This is kind of an interesting precedent to set. Basically, in India, they were requested to comply with an order from the Indian government which required them to install pre install a state run cyber security app on all iPhones.
Corey Ham:So it's not like this is just a custom order for the government or something. I'm not sure exactly what the cyber security app is. I'm sure there's someone who could tell you more details about that. But basically Apple saying, we're not compromising our app, like, out of box experience for any any Yeah. Nation state.
Corey Ham:Which is kind of interesting.
Ralph May:It is it is so the app is on the App Store.
Hayden:Right?
Ralph May:Okay. So you can't install it. It but
Corey Ham:Right. It's not sideloading, it's not
Ralph May:No. Yeah. Yeah. But they just wanted to like force it installed like across the board, like as soon as you
Corey Ham:get this
Ralph May:device, you open it up, it's like, installed, you know.
Corey Ham:Which is a huge I feel like you cannot overstate the impact of that. Like, the default apps are the apps that everyone uses. Like, if it's installed by default, everyone's gonna use it. Essentially, other thing that the order stipulated was that the app's functions could not be disabled or restricted by the user. So it's pretty sketch.
Corey Ham:Like, ultimately, you could argue that Apple's just being lazy here, which you know, for business purposes is kind of important. But also they're potentially risking I mean, I'm assuming that the iPhone market in India is absolutely massive. Right? It's probably like in the billions of dollars. Gotta be.
Corey Ham:That billion
Ralph May:people in India. Yeah.
Hayden:Yeah. And that's apparently It was apparently withdrawn, that directive. But I don't I don't see Apple ever doing that. Like, makes a disclosure, everything around me is Apple right now. But Apple makes a big fuss about being like the privacy devices.
Hayden:And Yes. Okay, maybe maybe in some cases they're better than alternatives. But what they do best, at least, you know, at least what they try to do best is their hardware quality is always going to work exactly how they say it is. And then they're like onboarding flow of like a new device is flawless. And what they, I think Yes.
Hayden:Don't want is to turn into a Microsoft, where now you're getting ads in the Windows menu bar. And so, as soon as you start getting bloatware, people are gonna get pissed. I get pissed when I install a new phone and I have GarageBand. I'm like, why did you put this here? Get rid of it.
Hayden:Pages? No. What is this?
Corey Ham:You don't use the Pages app? I use it all the time. I definitely know Never. I definitely know what it's for and what it's intended to be used for.
Ralph May:If we get
Hayden:a critical zero day in pages, one person will be affected and it will be Corey.
Corey Ham:That's it. Yeah. No. I I've for the record, I don't I've never I don't actually is it? I'm assuming it's just their word, their Microsoft It's Microsoft knockoff that are Okay.
Bronwen:Hold on a second. Let's let's back up a little bit. As I've been reading more into the Reuters article, it's not just that it's an application. It's that the government is requiring their application to be in there. And I'm sorry.
Bronwen:Anytime a government wants to force an app to be loaded into all digital devices within their nation state span, that's pretty sketch because, you know, what are what are they tracking? What are they looking for? India, no offense to to anyone in India or India government, they're already a known factor for having some pretty sketch cybersecurity practices in not just government, but all over the place. So, yeah, this is this is not good news. And when they issued when the Indian government originally issued this, they didn't just hit up Apple.
Bronwen:They hit up, where's the list? Hold on a second. Basically hit up all of the major phone manufacturers and, you know, gave them ninety days to to comply.
Corey Ham:So how many said yes? That's the question.
Bronwen:Yeah. That, I can't find. So so I can't really find
Aisling:that. This was a confidential order. So somebody leaked something for Reuters to even be able to write about this. Just like when somebody leaked something about Apple and The UK and having all of their iCloud based encryption backdoored. And backdoor is the wrong word.
Aisling:It was a master key situation. What I keep seeing and what's in stark contrast is Apple standing up to countries outside of The US about things that maybe are public knowledge and maybe wind up becoming public knowledge where it makes them look like they are protecting everyone's privacy and are doing it in a global way. Yeah. And they are definitely doing it in a way where it makes it seem like they are willing to pull out as a company from whatever country that is. Sure.
Aisling:I I But at the same time, they've turned around and pulled things on what is clearly US government push. Whether or not there's legal orders or not is a separate question. But there's no question that Apple pulled things that have political meaning and political context from the App Store when the US government was leaning heavy and loudly that x y z app should go away.
Corey Ham:And Yeah. But I'm less I'm less worried about pulling something versus pushing something onto literally every phone. So To me, the impact of that is way different.
Hayden:Recovering like censorship versus surveillance. Surveillance, I think.
Corey Ham:Censorship versus surveillance. Censorship is to be expected and is literally a legal
Hayden:duty of a company. Surveillance.
Aisling:What? The apps that got pulled were crowdsourced surveillance apps.
Corey Ham:Well, there's there's a lot of apps that have gotten pulled for a lot of different reasons. So I I don't think Yeah. We should really get into that on this. That's really part of this news article. But Yeah.
Corey Ham:There's a difference between the government asking Apple to install an app on every phone and have it enabled by default and have it not be able to be disabled versus Apple not wanting to get in the middle of a political spot. Right? Like, there there's a lot Apple and I think really at the end of the day, Apple's a company who just doesn't really wanna be in the news about this kind of stuff, like, at all. Just wanna be like, no, we sold you the phone. It does what it does.
Corey Ham:We don't wanna talk about it after that. Like, we made our money.
Hayden:We'll you in one year when you buy another Yeah.
Corey Ham:See you in one year, like like, we'll leave you alone, you leave us alone, and we don't wanna talk about what's on the phone or like anything else. But I mean Which is never be
Hayden:would never be a situation where a government goes through that effort and they don't get something out of it. And it's it's never going to be just like, oh, your your country's users are more secure. Like, no. They have some sort of stake or backdoor or something in that app.
Corey Ham:Kill Switch
Hayden:maybe. Exactly. They have some amount of of intelligence gained through that
Ralph May:sort protect the kids. Everyone knows the truth.
Corey Ham:Well, yeah. Then using kids as like a By doing what?
Aisling:Yes. Absolutely.
Corey Ham:Well, and there's a huge like, bloatware is a whole separate beast. Like, I think out Yeah. You could argue that there is Apple bloatware. I would argue it's first party bloatware and it just wastes space. It doesn't really do anything.
Hayden:Yeah. To get rid of.
Corey Ham:Yeah. It's easy to get rid of. It doesn't waste space. And then you have you compare it to like Samsung which has like, you know, or or Microsoft products at least, the lower end ones that have ads in the start menu and pre installed games and like push notifications coming from things, know, like, it's a I would say bloatware is a spectrum. I think Apple's maybe about as from a commercialized company, about as low as you can go.
Corey Ham:I mean, obviously, if you go like install Arch Linux, there's no bloatware or whatever. But like You also can't install Then you then it goes up to like, you know, there's probably some low end. Like if you buy like a $100 Android phone, I'm assuming it comes with just like from, you know, from I don't know. One of these like pay as you go mobile services. I'm assuming that comes with all kinds of tracking apps and weird network configurations and free antivirus products and stuff like that.
Corey Ham:So Yeah. Wasn't technology
Bronwen:just make our lives better and easier and stuff like that? It hasn't made that.
Corey Ham:Yeah. I would argue to
Aisling:that statement. I just haven't said
Corey Ham:it out loud. Smartphones I think smartphones have done that. I think they've also introduced a nice sense of existential dread that we have to live with. But, yeah. Was being like, we'll meet at 07:30 and if you get a flat tire, I just don't know if you died or not.
Bronwen:Actually, Joss wrote a really really great article, posted it on LinkedIn, talking about his ongoing divorce from social media and the whys and wherefores and then also describing his experience after the fact. And Mhmm. I'm seeing I'm seeing similar kinds of posts from a variety of different sources. I think people are just burned out by the whole cyber secure or not cybersecurity, social media BS and being prodded into this endless engagement for the sake of engagement and something something you might wanna take a look at.
Corey Ham:Yeah. I mean, I think for everyone that's burned out, there's 10 people that are super into it. But, yeah.
Bronwen:I think the numbers are probably flipped. They're burned out, but they don't know what their choices are. They feel
Corey Ham:Yeah. They
Bronwen:it's FOMO.
Hayden:There's billions and billions or maybe trillions of dollars built into, you know, building on your attention and retaining it for as long as you possibly can. And ultimately, it's sort of sort of like nation states versus like private companies. Eventually, the funding will win out unless you have like some unique vector in order to, like, in order to kinda approach from. And that's something, like, we talked about a lot at, like, my last job, because we were also a SOC, but we dealt a lot with APTs, and we were, like, well, we have limited budget. China does not really in that sense.
Hayden:So how do we maximize and sort of, you know, set ourselves up for detection and prevention when, you know, the opposition has, you know, billions of dollars more in budget than than our company makes, period.
Corey Ham:Yeah. Yeah. I don't know front, let's I mean, there's an article also in Reuters about Apple apparently blocking FaceTime. My biggest surprise with this is that Apple that it was allowed before this. I'm surprised by that.
Corey Ham:Yeah. That that basically Apple has now blocked FaceTime nationwide. Yeah.
Hayden:I thought blocked Apple's Yeah.
Corey Ham:Oh. That's what I said. Right?
Hayden:I thought you said Apple's No.
Bronwen:You said Apple blocked FaceTime, not Russia. Sorry.
Corey Ham:Blocked Okay. In Russia. Yeah. Oh,
Hayden:yeah. Yeah. And Roblox. Dude, the kids are gonna be so Oh,
Corey Ham:my goodness. The kids That's how you create a revolution right there. Yeah. But don't worry, because there's a state backed app called Max, which definitely isn't related to HBO and also definitely doesn't surveil your every communication.
Hayden:It comes pre installed, just not on your iPhone.
Bronwen:Oh. HBO Max is getting bought by Netflix though.
Corey Ham:Yeah. No. That was a joke. Russian Max is on FaceTime in Russia.
Ralph May:Yeah.
Bronwen:It's hard to keep track
Aisling:of the web
Ralph May:I'm positive
Andy:that Netflix is
Aisling:not trying to make it be WeChat,
Corey Ham:but Russian. I mean, they're like, hey, we don't we're all out of servers. Russia, we're out of servers here. How about we just use Chinese encrypted chats that they can decrypt, and then we'll just ask them for the logs if we need to? Nice.
Corey Ham:Right.
Hayden:Yeah. Roblox said it respects this decision or respects these laws, basically. So maybe They
Corey Ham:were like, anything Roblox Right. Thank God.
Hayden:Partially. But I guess anything that Roblox is like, yeah, we're good with this.
Corey Ham:I think maybe we should hesitate to to to consider their Sure.
Hayden:Their opinion. They're not quite always the most level headed in their their policy decisions, I would say.
Corey Ham:Well, I I mean, I would say, they probably just blocked the absolute biggest troll farm. That's That is a good point.
Hayden:It's because they're like, well, this solves one of our problems right now.
Corey Ham:Yeah. Yeah. That's my guess. I mean, the ironically, it's kind of hilarious that the reason they blocked, I mean, they don't really give an official rule on why they blocked FaceTime. But I would guess the reason is for censorship, they wanna be able to or surveillance.
Corey Ham:Right? Like, they wanna be able to see what people are use saying and doing and so they want people to use the state controlled app. So it's more about eliminating the alternatives to the state run app. Although, I will say like, I'm assuming people are a lot of this is for international communication like, am I allowed to just use Macs to talk to a Russian person if I live in The US? It feels like it might be hard to get that app installed on my phone.
Hayden:What really These articles are very always very interesting to me from the perspective of which apps are they blocking, because there has to then be some, I guess, maybe
Corey Ham:Tech loosely
Hayden:grasping. But well, no. There's like some assumption that they cannot get the data either through, you know, some backhanded memes or through like a legal process. They can't get the data from those platforms. Right.
Hayden:Meaning, those are probably the safest to use. Like, if they're like, no, you're good to keep using WhatsApp, probably means that they can be one way.
Corey Ham:So they already had lit or I guess it says limited some calls on WhatsApp and Telegram because Mhmm. They refused to share information with law enforcement in Oh, yeah. Fraud or terrorism cases.
Hayden:Okay. I didn't even see that part. Yeah. Because that's Yeah. That's what they're gonna block is the things that they can't surveil.
Hayden:Like, if Well can surveil it, why would they care?
Corey Ham:Exactly. It's interesting. It says, limiting some calls and they're threatening right now to block all WhatsApp calls. So some of them are encrypted and
Aisling:some them aren't.
Corey Ham:Other Yeah. Other news that
Aisling:I've other news that I've seen about it said that they were stripping video calls first and that it was still allowing audio calls. So that may be the line that they're drawing. Well, maybe
Corey Ham:They're like, our servers can't store all this surveillance information. Can you just do text instead?
Ralph May:We can store that easier. Yeah.
Hayden:We have a major DV. Some cases, like, with the iPhones at least, when you call on one of these apps, it almost like uses your phone application in order to make this call. And I don't know how it works differently on the back end, but I wonder if that allows them to still view these communications, versus if it's like over the the app itself without ever touching the phone's like operating system, I guess, from that perspective.
Corey Ham:It probably is about surveillance capabilities.
Ralph May:Instead of
Aisling:that, this is the same blocking order that initially went out as a threat to all of these different companies. And we're seeing Russia actually do the block when they finally get back enough of a, no. We aren't going to let you in. We aren't we aren't going to give you our encryption keys.
Corey Ham:Mhmm. WhatsApp is sending the absolute minimum number of of WhatsApp. Information
Aisling:And back to Apple took longer to come back with a no, probably because Apple's legal went through every hoops they could think of.
Corey Ham:Yeah. Maybe. Goops we don't know. But either way, if you live in Russia, I'm sorry, you're gonna have to use Max. Oops.
Corey Ham:Yeah.
Hayden:No more Roblox for you. Sorry.
Corey Ham:No more Roblox for you. Sorry. Yeah. Hope you every western brand. Roblox.
Corey Ham:Yeah. Honestly, my biggest surprise is that this was still allowed. Like, I know Apple ceased sales, like, didn't they stop selling products in Russia like years ago? Yeah. Like, most of the western countries and have pulled out of Russia.
Corey Ham:Like, Coke has, McDonald's has, you know, every major company has pulled out. So I'm like, how is this still allowed? It's kind of shocking, but
Hayden:Well, I wonder if maybe The US was like, hey, Apple, you should hang out a little bit longer on the software side over there for a little bit. That would
Corey Ham:be very very cool of
Hayden:you and we could cut you some sick deals.
Aisling:I mean, I also just replaced my iPhone eight plus from 2017 last week.
Corey Ham:Yeah. There on
Aisling:a long tail.
Corey Ham:Yeah. True. Hey,
Bronwen:I figure if if children and and other people are being forced to build this stuff in other countries, I'm gonna put as many miles on my devices as possible to honor their sacrifice. That's
Aisling:decision came from, but that's reasonable.
Hayden:I honor their sacrifice by always making sure to use their most recent work that
Corey Ham:they have.
Ralph May:Upgrade every six months.
Hayden:Like, just made it I'm sure it I wanna respect your latest work.
Corey Ham:Dude, they don't even hire it. They don't even release a new phone every six months, Ralph.
Bronwen:Can't afford to upgrade that much and there's
Ralph May:Oh, neither can I? That's just what it
Corey Ham:That was an obvious troll.
Hayden:That's why
Corey Ham:you should trade in with I can't
Hayden:say the name. A response
Bronwen:Trolls are more fun if I buy into it and play back.
Corey Ham:Come on. Lonwin, I'll send you a Calendly link. Okay? You're North Korean APT. Alright?
Hayden:And I'll refer you to Verizon for
Corey Ham:the really tight deal. I'll call you on Max. All you have to do is go to sketchy.ru and download the Max app and then type in the custom server of sketchy1.rucolon6
Ralph May:I signed up for the Australian VPN, so we can definitely
Corey Ham:Oh, nice, dude. Actually Slack channel for us. You going on the job hunt? No.
Ralph May:She is.
Corey Ham:So, okay. Yeah. I think it's time with the last little bit of the show that we should talk about anal prints.
Ralph May:Oh, god.
Aisling:We So, okay. Can do actual medicine with that.
Ralph May:Oh, god. Okay.
Corey Ham:So first of all, I'm looking in why is this is this article from 2020? What is happening?
Hayden:What is No.
Corey Ham:The the first time it came up
Bronwen:was in 2020, but Kohler has joined the wall of shame.
Corey Ham:No. Kohler? They're like an actual reputable company. They got one. Okay.
Corey Ham:So are gradual. Okay. Here is the we're gonna we're gonna verge into toilet humor for a little bit. That's not the one, Ryan. That's the one from 2020.
Corey Ham:Go to the next one. Go to the tech crunch article from 2025. So we're gonna verge into toilet humor for a while. If you don't find toilet humor funny, then I'm first of all, I'm sorry for your loss of that sense of humor that you used to have. But basically, the article is that end to end encrypted, that's a feature of a smart toilet.
Corey Ham:Why not? There there is a there
Ralph May:is a product. I saw
Corey Ham:There's so many right now. Guys, my god. We are breaking ground so much here. There's so many things that don't need to exist in the same sentence. Like, number one okay.
Corey Ham:Number The first thing that just really doesn't need to exist in a sentence at all is the combination of toilet and camera. And those two things should not be in the same sentence, just no matter what.
Hayden:Toilet and end to end encryption.
Corey Ham:No. No. No. Okay. So I consider toilets to be already end to end encrypted.
Corey Ham:I I go and then whatever happens after that, I there's that data is that data is gone. Get rid of it. You shred the Yes. That data is end to end encrypted. I don't know where it I don't know where it's being decrypted along the way.
Corey Ham:I don't think anywhere. It's not
Hayden:even end to end encrypted. It's like, it's they're sending your shit over HTTPS is what it says. Literally.
Corey Ham:Okay. Yeah. Literally. Well, so that is that is the problem. So basically, the this is essentially the so a a threat researcher, a security researcher who I absolutely loved, I would love to have them on the show, published it, you know, basically kind of a a tech article that essentially says, it's not actually N10 encrypted.
Corey Ham:That person's name was Simon Simon Fondri Telle. Elier? I don't know how to say your name. I'm sorry.
Ralph May:He had to buy this
Corey Ham:But they had a blog they had to buy it. Correct. Yeah. So basically, they published a blog that's, you know, basically, the the company's called Dakota.
Ralph May:Oh my god. You can get it on a subscription for $6.
Corey Ham:$600 device. It's $600 plus a monthly subscription. Oh, attaches it to
Ralph May:your just rent it.
Corey Ham:The purpose of this device is to collect images and data from the inside, promising to track and provide insights on gut health, hydration, and more. The company is selling it as n 10 encrypted, but essentially the researcher discovered that it's not n 10 encrypted. They're just using h t t p s. So like, the marketing people were like, we're selling a smart toilet camera, maybe we should just say it's encrypted and no one will ever care. Also, they really their their response was like, it points down, bro.
Hayden:Yeah. They they it also says
Andy:using the print?
Hayden:I I that's a great question.
Corey Ham:Actual Okay. So the anal print concept, that was from an older article from 2020. So I'm
Ralph May:just looking at the poop though. Right?
Corey Ham:Yes. Yes. This is just it's classifying it. This is a downward facing camera, plus a subscription service. Yeah.
Corey Ham:Okay. Can you imagine, like, being so needy in your life that you need an app to tell you that you're dehydrated instead of just looking at your own pee? Well,
Hayden:it it's gonna get better because this this paragraph says, it's possible that the company is using the customer's bowel pictures to train AI, setting another response from the company. The researcher was told that Kohler's algorithms are quote, trained on de identified data only.
Corey Ham:Is this the first job? Is this the first job for AI that it's actually good at?
Ralph May:Oh, my God.
Corey Ham:Yep. That's This is gonna find out why. Yep. It's poop. Like, I can figure it
Bronwen:out. Got access to everyone's picture.
Corey Ham:Could you identify poop was?
Aisling:I just need to point out that we have gone from g I g o to s I s o. I don't
Corey Ham:know Hey, what any of those acronyms mean.
Hayden:I got it and I appreciate it. The the I
Corey Ham:see. Okay.
Hayden:Oh, man. I think this is how we find AGI though, is because AI at a certain point is like, I don't wanna do this anymore, bro. Like, I'm done. I gotta get out.
Corey Ham:Yeah. Like, think
Ralph May:about this. So alright. So it said they had encrypted, you know, picture, whatever. But, like, what would happen if you had access to all these pictures? Like, what what could you tell?
Corey Ham:I could both Hey. Of you I'd send a phishing message that says, hey, stop eating Hot Pockets, you have diarrhea, I guess.
Hayden:Or It also costs $600, and the subscription is mandatory. Like, bro, everything is a subscription now. I know. Your bed to your It's
Corey Ham:It's just, I I I mean, more than anything, we just can't not talk about it because it's, we joked about it in 2020 probably, about the anal print thing, and now here we are in 2025, there is a commercial product you can buy that has an app that charges a subscription fee. I mean, honestly, I think the most embarrassing part of this, if it was breached, would be finding out that your friend has a smart toilet that looks at their poop. Right. That's the embarrassing part.
Hayden:I would bully any of my friends that owned this 100.
Corey Ham:Yes. A 100%.
Ralph May:Oh, god. Now, have to return it. Thanks, guys.
Corey Ham:Do they sign returns? That
Hayden:might be worse than all of this.
Corey Ham:I feel bad. Okay. Now I feel bad. No judgment here. No judgment here.
Andy:What if you have a guest and they use it? And then suddenly, you know,
John Strand:you get this, like, notification from your
Andy:smart toilet that is just Oh, jeez.
Ralph May:Oh, man.
Corey Ham:You're a doctor. Is there gonna be like a Strava for pooping and it's like There's so many levels of wish to
Hayden:Someone in the Discord Presume
Aisling:for a second that it's TLS and the images are growing into some s three bucket or something stupid like
Corey Ham:that. Yeah.
Aisling:And someone leaves it open because it's an s three bucket and people do that.
Corey Ham:Well, I think Shouldn't it be called an s three ball?
Aisling:Stands for.
Hayden:Somebody in the Discord said, time to start flushing random things in order to poison the dataset.
Ralph May:Oh, yeah. Data science
Corey Ham:Genius. Just flush, like, flush some like, you know, in the toilet
Hayden:commercials Down where they there.
Corey Ham:Yeah. They're like, how many golf balls can the toilet flush as far as, like, 40 golf balls? They're like, who felt 100 out of 100?
Hayden:They put a bunch of, like, soup down there. Like, here we go. Good luck with that one, idiot.
Ralph May:It it is funny though. I I think that this just highlights that a lot of companies say something's encrypted or end to end encrypted and it's not. Right? It's like Yeah. Right.
Corey Ham:They do
Ralph May:use SSL and they're like, oh, look, it's it's encrypted all the way to us, you know. But that's not end to end encrypted. I think that's just kinda what we're Yes.
Corey Ham:It's funny as a marketing term. It's it's hilarious that someone said, I bet not. First of all, maybe this person was just going after that open s three bucket like, or s three bowl like you Scrape were talking my poo. Yeah. Yeah.
Aisling:Yeah. Right. No.
Hayden:I mean, the end to end encryption is like, you know, whatever they say, like, levels encryption. Oh, yeah. AES. Dicks. I heard
Corey Ham:about that.
Hayden:Yeah. Oh, yeah. Exactly. Government level okay. Good for you, buddy.
Hayden:Like, same as everybody else.
Ralph May:So, just for context, most things that we interact with every day are not in unencrypted.
Corey Ham:Correct. The exception is at
Ralph May:majority minority, excuse me, of the actual things we do are truly in unencrypted. Most everything else right now has some level of transport encryption, so SSL, but that's really about it.
Corey Ham:Yes. You know, give me break.
Bronwen:Transport the same thing than the end.
Aisling:They say upfront that it's that.
Hayden:The If you're transporting it, not like
Corey Ham:it's end encrypted. Yeah. I think did vibe code it. Yeah. There's so many more jokes I have.
Corey Ham:Like, one, does it have like a clog detection alert that sends you? Anyway
Aisling:No. That's the smart
Corey Ham:toilet. Too. I've That's smart
Aisling:toilet. Thing about that, that is the actual smart toilet. It's not the camera you add to your toilet.
Corey Ham:Okay. I see. Yeah. So it's a $600 add on. The other thing I think the only way this would ever work, like the only way I'd ever consider it, is if it's completely on device only, there's no WiFi or any other data connection.
Corey Ham:There's no cloud component. There's no subscription. There's no nothing. It's just when you go to the bathroom, it gives you like a happy face or a sad face, and then you like you adjust from there. You know what I mean?
Corey Ham:Like, it's gotta be There's
Aisling:a happy face and I call your doctor.
Corey Ham:There's a happy face, sad face, and then call your doctor.
Hayden:Yeah. And then there's like a like a little chili emoji.
Ralph May:Chili. Somebody's gonna do a little project and find out it's just random.
Corey Ham:Yeah. Really. It just does a four, you know, I in one through four, pick
Hayden:a random number. Yeah. Or they use like GPT three. And
John Strand:Please.
Aisling:Yeah. So somebody mentioned in chat, like, what about the doctor? There is an article saying, you know, you can do some amount of meaningful medical information by analyzing this kind of footage. So like the idea of that is not bonkers. Someone can do something with that.
Ralph May:Yeah. It
Aisling:it exists That doesn't mean I wanna spend somewhere. $600 on it, and it doesn't mean I wanna get credit through paying for it with my FSA from some company based
Corey Ham:I I think I'll no. I'll wait for my doctor to recommend a toilet camera Right. And then I'll do that when that happens. Oh, if my doctor does that.
Andy:Or just just go to your doctor with several 100 pictures of your poop and be like, so
Hayden:Your doctor is your new LLM.
Corey Ham:I will say Hey, what
Hayden:do you think? The okay.
Corey Ham:The the the like, this might be I think like the previously worst job on the internet was the censorship or not censorship, but like the content moderation team. Right? Like running the content moderation for Facebook or something would be the worst job on the internet. Because you have to like scroll through so much hate speech and child abuse material. I already know you.
Corey Ham:I think that's still worse, but I think this is now the second worst job on the internet, is being paid to train a model to like, what if you get this as a captcha? Is this poop? Click all the toilets with poop? Like I yeah. I mean
Ralph May:Amazon has the Turk thing. Right?
Corey Ham:Yeah. Mechanical Turk. Yeah. Imagine.
Ralph May:That would be probably one of the chores that Kohler is paying Yes. Do is like, is this good or bad? I don't know.
Corey Ham:Exactly. And then Yeah. I will say I do think like, I don't know how people are living, but when you go to like an airplane bathroom or a truck stop bathroom or something, they don't appear to be doing well. Like it's not like people do not maybe people do need this. Honestly, I've come full circle.
Corey Ham:I think it's worth the $600.
Speaker 4:Well, someone did put in chat that, like, customs. Like, you know, if people are, like, border control trying to, like, swallow stuff and get it passed, like, there might be a use case for it there.
Ralph May:Oh, gosh.
Corey Ham:Yeah. But that would be Screams. You wouldn't want the downward facing toilet cam for that one. You just want a security cam. Anyway, I think this article has we need to flush this I I think we flush this article.
Corey Ham:Yeah. Alright. Let's flush
Hayden:and Talk about our CTF folks.
Corey Ham:Yeah. We only have a few minutes left. We'll we'll talk about does someone wanna announce the CTF winners? Ryan, do you want to?
Bronwen:Ryan has
Corey Ham:He no has no voice. Alright. Ryan, just make jazz hands and I'll announce the winners. So the first winners are the first place winner is Martha Bowen.
Bronwen:Jazz
Corey Ham:hands. Congratulations. You're winning a one year on demand subscription to anti siphon training. We have all kinds of training on security things, smart camera hacking, smart toilet camera hacking, all kinds of good stuff. We also have the second place was Peter Jensick or Jensick, who won one course.
Corey Ham:And sadly, we do not actually have a course on IoT toilet hacking, but there's a lot of other really good courses on there. Hayden has a course, there's all kinds of stuff out there. So congratulations and thanks for participating in the CTF. I don't really know what it was, but it's probably pretty cool.
Hayden:It's it's clearly cool because you won some won some free training.
Corey Ham:Yeah. Mhmm. That's awesome.
Aisling:Yeah. Good job.
Bronwen:Good job. Alright.
Corey Ham:Good job. Should we call it or should we do a final article?
Aisling:Do we wanna talk about planes and cosmic rays? Because I can do that real fast.
Corey Ham:Just get ECC memory. We could talk about how Flock's using overseas gig workers to build a surveillance AI, which is literally what we just talked about. Right?
Bronwen:What could possibly go wrong?
Corey Ham:Go wrong. The same it's the same thing we just talked about. So this is an article Yeah. In four zero four media. Basically, they accidentally expose training materials.
Corey Ham:I don't know what flock is. It looks like a is it a They're like alright. So like A LPRs? Yeah. Yeah.
Corey Ham:They're like
Ralph May:a community driven not community driven, but like, a camera they put up all over the place. They're solar powered, they're cellular, so they can just drop them wherever and then they can So mass surveillance. Mass surveillance. Yes. It's mass surveillance tool to help the world, I guess.
Corey Ham:Okay.
Andy:And if the police buy a subscription, they don't need a warrant to search. So that's wonderful. Right.
Corey Ham:Are you telling me I shouldn't commit crimes in the middle of the public street?
Hayden:No, you should. I feel
Andy:like I mean, you not in your car, like borrow someone's car.
Corey Ham:Just ride a bike. Oh, yes. Let's go.
Ralph May:Yes. Bikes are back, man.
Corey Ham:Yeah. Okay. So, I mean, basically, the the article is that they accidentally exposed training materials, which showed that they essentially are using workers in The Philippines through Upwork, which is like a business process outsourcing type dealio, to train its machine learning algorithms, telling workers how to review and categorize footage including images of people and vehicles in The US. I feel like this the angle here is more about like sanctity, you know, data sanctions around like, this data arguably shouldn't be leaving US soil. Right?
Corey Ham:Like
Ralph May:Yeah.
Corey Ham:Theoretically? I mean, I don't know. I guess it's a company's private data but it seems like, you know, in a GDPR type scenario, this very, you know, sensitive potentially information on US citizens shouldn't be heading to The Philippines for for outsourcing?
Bronwen:I don't know. With end encryption.
Corey Ham:Well, it doesn't really matter
Bronwen:Even end encryption, it shouldn't be going outside.
Corey Ham:Because then on the other end, some inside.
Hayden:Yeah. Exactly. The end is
Corey Ham:in the wrong place. I love that. Yeah. The end is in the wrong place. Yeah.
Corey Ham:So I mean, I I guess what I would say is like, I'm not surprised to think that this is like industry standard for this, like this is, you know, we're just talking about it with Mechanical Turk. I don't think there's any like data sovereignty rules with the Mechanical Turk either. Right? Like, I go submit a dataset, maybe I can pick an option that says only use US based workers for this, that'll probably make it cost five times as more but
Ralph May:Oh, yeah.
Corey Ham:Yeah. So, mean, mass surveillance is pretty sketch, you know, I'm not a huge fan of this as a concept, I think. Yeah. We probably need some rules around this.
Hayden:Corey has a hot take as surveilling people bad, freedom good.
Aisling:Right. Very hot take. Sorry.
Corey Ham:I I didn't mean to get political there for a second. Yeah.
Bronwen:Well, you know, before y two k, I know. I'm I'm old. There were a bunch of
Corey Ham:cannot relate. Being being
Bronwen:made in 1999 about what people thought would be the biggest issues that would be faced in the coming century. And a a good friend of mine, a paralegal, her response was that privacy was going to be one of the biggest issues to face in the twenty first century. And as we've gotten further along into it, that one prediction has held out because over and over again, what do we keep running across? Who owns your data? Who owns data about you?
Bronwen:Who can utilize, manipulate, analyze data that was captured with or without your knowledge? So this this privacy thing, it's it's ongoing. Technically, it
Corey Ham:sort
Bronwen:of isn't a cyber security thing, but it also is because Yeah.
Corey Ham:No. It definitely is.
Bronwen:Eventuality. Big deal in cyber security. Right?
Corey Ham:Well, the other thing is we talk about the cyber security. Well, first of all, we got rid of we fixed the privacy thing by just deleting it. It's fine. We we just don't have privacy.
Hayden:We don't have End to end encryption too.
Bronwen:Yeah. Was that one of the 96 databases that got deleted?
Corey Ham:Yes. No. I mean, I think I think basically that the reason it's a cyber security thing is because it wouldn't be the first time and it wouldn't be the last that these get breached and the amount of information that's contained in them is huge. You don't think nation states are going after this data? Wouldn't Russia or China or our adversaries?
Corey Ham:Even if you look at like, take the most conservative approach you can. If this data is arguably too valuable to be to exist. Right? Like, if it if any adversary of The US gets into this database, they're gonna know where every person is, where, you know, like, it's just too much information to have from a spy perspective, from espionage. It's just too valuable.
Corey Ham:Woah.
Bronwen:Do we need to let someone in?
Aisling:Something like that.
John Strand:I think
Corey Ham:that's I think that's the judge hammering the gavel saying it's time to end the show. Yeah. Order. Yeah. Alright.
Corey Ham:I think that's end
Aisling:That one's my fault. Sorry.
Corey Ham:It's okay. No worries. Okay. It's a it's a time it that's the that's just the announcement that it's time to end the show.
Hayden:Need that every
Corey Ham:week at 05:30. We do that every week. Thank you for coming everyone. We'll see you next week. Bye bye.