Talkin' Bout [Infosec] News | TikTok's invasive Privacy Policy

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

In this episode, the hosts break down TikTok’s latest privacy policy and why it’s raising serious red flags. They discuss how the app expands data collection and tracking, what that means for user privacy, and the broader security implications—especially concerns around data access and China. Along the way, the conversation connects these changes to ongoing TikTok ban discussions, real-world risk for individuals and organizations, and what users should consider if they continue using the platform. The episode mixes technical insight with practical takeaways, making the privacy risks easy to understand without losing nuance.

Chapters:

(00:00) - PreShow Banter™ — Electroshock Therapy
(02:28) - 2026-01-26
(07:33) - Story # 1: Fortinet confirms critical FortiCloud auth bypass not fully patched
(14:27) - Story # 2: Hackers exploit critical telnetd auth bypass flaw to get root
(17:37) - Story # 3: Clara Hawking’s Post on TikTok's Pivacy Policy
(24:05) - Story # 4: Supreme Court to hear Facebook pixel tracking case
(31:02) - Story # 5: Google accused of grooming kids after child receives this email
(34:38) - Story # 6: House of Lords backs legislation to ban social media for children under 16
(35:47) - Story # 6b: Australia has banned social media for kids under 16. How does it work?
(42:20) - Story # 7: Why Software Blocks Won’t Stop Illegally 3D Printed Guns (And What Actually Might)
(48:29) - Story # 8: 1Password adds pop-up warnings for suspected phishing sites
(52:09) - ClawdBot / Moltbot

Links:
Story # 1: Fortinet confirms critical FortiCloud auth bypass not fully patched
Story # 2: Hackers exploit critical telnetd auth bypass flaw to get root
Story # 3: Clara Hawking’s Post on TikTok’s Pivacy Policy
Story # 4: Supreme Court to hear Facebook pixel tracking case
Story # 5: Google accused of grooming kids after child receives this email
Story # 6: House of Lords backs legislation to ban social media for children under 16
Story # 6b: Australia has banned social media for kids under 16. How does it work?
Story # 7: Why Software Blocks Won’t Stop Illegally 3D Printed Guns (And What Actually Might)
Story # 8: 1Password adds pop-up warnings for suspected phishing sites
ClawdBot / Moltbot
Troy’s Workshop
ANTI-CAST: Effective AI for Practical SecOps Workflows w/ Hayden Covington

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits

https://poweredbybhis.com

Brought to you by:

Black Hills Information Security

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

Creators and Guests

Host

Corey Ham

Corey Ham has been with Black Hills Information Security (BHIS) since 2021 delivering red teaming and OSINT services. Currently, Corey leads the ANTISOC team at BHIS, providing subscription-based continuous red teaming to BHIS clients. Outside of his time at BHIS, you can find him out in the woods or up on a mountain somewhere.

Host

Hayden Covington

Hayden Covington joined Black Hills Information Security (BHIS) in the Summer of 2022 as a SOC Analyst. He chose BHIS after hearing many great things over the years and seeing the quality of work, as well as finding people who have the same passion for the field as he does. His favorite part of the job so far has been the community. Previously, Hayden worked in a SOC for a Naval contractor, where he also served as their SOAR project manager and SME, as well as insider threat lead. When he’s not working, Hayden can be found doing anything athletic (like triathlons!), as well as enjoying video gaming and Formula 1.

Host

Ralph May

Ralph is a U.S. Army veteran and former DoD contractor who supported the United States Special Operations Command (USSOCOM) with information security challenges and threat actor simulations. Over the past decade, he has provided offensive security services at Optiv Security and Black Hills Information Security (BHIS) across various industries. His expertise spans network, physical, and wireless penetration testing, social engineering, and advanced adversarial emulation through red and purple team assessments. Ralph has developed several tools, including Bitor (set to release in January 2025) and Warhorse, which enhance efficiency in penetration testing infrastructure and operations. He has spoken at numerous conferences, including DEF CON, Black Hat, Hack Miami, B-Sides Tampa, and Hack Space Con.

Host

Wade Wells

Wade Wells has been working in cybersecurity for a decade, focusing on detection engineering, threat intelligence, and defensive operations. Wade currently works as a Lead Detection Engineer at 1Password, where he helps build and mature scalable detection programs. Outside of his day-to-day work, Wade is deeply involved in the security community through teaching, mentoring, podcasting, and running local events

Producer

Meagan Bentley

Guest

Michael "Shecky" Kavka

Shecky, as he is commonly called, has been in the professional world of IT for nearly 30 years the last 11 as a blue team security engineer. He is focused on detection engineering, threat intel and analysis. Outside of his day to day he is involved in Bsides312, Hak4Kidz and Burbsec (Chicago's cybersecurity meetup conglomerate).

Guest

Rock Lambros

Kyriakos "Rock" Lambros is CEO and founder of RockCyber, where he helps executive teams build AI and cybersecurity programs that reduce real risk and produce measurable business outcomes. Rock has built and led security programs for multi-billion dollar organizations across energy, eCommerce, government, banking, and manufacturing. His experience includes MPLX, eBay, Honeywell, General Dynamics Information Technology, Wells Fargo, and Agilent. He has guided security strategy through M&A transactions and run large security and network operations teams. He co-leads several OWASP GenAI Project initiatives, serves as a core team member of the Agentic Security Initiative, and is a project author for the OWASP AI Exchange. Rock co-authored The CISO Evolution: Business Knowledge for Cybersecurity Executives, a guide for security leaders who need to speak the language of the board. He writes the Weekly Musings in AI Security Wrap Up newsletter and speaks regularly at industry conferences on AI governance, model safety, and enterprise risk. Rock holds an MBA in finance and entrepreneurship from Arizona State University and a B.S. in management information systems from the University of Nevada Las Vegas. He is currently enrolled in the Master of Applied Data Science and Artificial Intelligence program at the University of Denver.

Guest

Troy Wojewoda

Troy Wojewoda is a Security Consultant at Black Hills Information Security (BHIS). Prior to joining BHIS, Troy has held roles in application and system administration, host and network intrusion detection, wireless security, penetration testing, digital forensics, malware analysis, threat hunting, and incident response. In addition to earning several professional certifications, Troy has a BS in Computer Engineering and Computer Science. Troy enjoys writing custom tools and developing novel techniques for testing the security posture of an organization. Away from work, Troy enjoys spending time with his family, camping/hiking in the mountains, homebrewing, woodworking, and coaching children in STEM programs.

What is Talkin' Bout [Infosec] News?

A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
Join us live on YouTube, Monday's at 4:30PM ET

Ralph May: 00:01

Does anything happen this week?

Corey Ham: 00:03

Yeah. Have a lot of

Troy Wojewoda: 00:03

stories if we want to, but

Corey Ham: 00:05

Wait, you do? Please please share a story. Also, Ralph, the buzz is back, so you might wanna get some light beer.

Hayden Covington: 00:14

Yeah. Think there's just like a mosquito flying around your mic, maybe. Is it? Oh. It's a big mosquito.

Corey Ham: 00:20

For those that are tuning into Electroshock Therapy podcast.

Troy Wojewoda: 00:27

So so I I

Troy Wojewoda: 00:28

have a light.

Corey Ham: 00:32

Know how to podcast, guys. Good job. We know how to podcast. Or were you saying someone was telling a story? Go for it.

Troy Wojewoda: 00:42

Did the restream stop?

Corey Ham: 00:44

No. No. She just muted Ralph. I like that we it's way too easy. Oh, no.

Hayden Covington: 00:51

Troy's restream did stop.

Corey Ham: 00:53

Troy gaslighted himself into being not on the podcast anymore.

Hayden Covington: 00:58

Megan took the wrong person out back.

Corey Ham: 01:00

It's it's possible that okay. Here's the theory, though. Here's the theory. Maybe Ralph's lightning zap somehow zapped Troy's internet.

Troy Wojewoda: 01:12

Soon as it did that, like, you guys all just, like, went like, froze.

Corey Ham: 01:17

And so I thought it was I thought That's was just a malware installing on your computer. It's like when you boot up your computer and there's like 10 command prompts that pop up and then go away and you're like, hopefully that's fine.

Ralph May: 01:28

Did I fix it?

Corey Ham: 01:30

Yeah. Yeah. So far. We'll tell you if it comes back. Feel free to smite Troy again if needed, if he if he speaks out of turn.

Ralph May: 01:37

So I I think this little XLR, like, right angle piece that I have was causing some issue. So

Corey Ham: 01:45

Bro, that's a vape. That's a vape, dude.

Ralph May: 01:48

This is a vape? Oh, wow.

Corey Ham: 01:50

Yeah.

Hayden Covington: 01:52

Alright. Yeah. You vape the airwaves.

Corey Ham: 01:54

Wade's here now. Got his pink Wrecker shirt. Let's roll the finger. Let's do it.

Hayden Covington: 01:59

Roll those beautiful

Corey Ham: 02:00

This pre show's weak. Let's get into the real show.

Wade Wells: 02:03

Oh, I got oh, no. Never mind. I got some good too.

Corey Ham: 02:05

Okay. You got you got pre show? Go for

Wade Wells: 02:08

it. Technically, could be real show, but did you did you see the three d printer laws going to a No. Or going into

Corey Ham: 02:16

Okay. There is an article about it. So we should Yeah. You're gonna ruin the

Ralph May: 02:20

whole show. We're gonna have no content. They're gonna be Alright.

Corey Ham: 02:21

Alright. Fine. Yeah. Let's let's let's go for, like, three minutes without getting demonetized talking about guns. Alright.

Corey Ham: 02:26

Go for it. Welcome to Black Hills Information Security's talking about news. It's 01/26/2026. Lots of twenty sixes happening right now. I'm Corey Hamm.

Corey Ham: 02:53

I'm here to host the podcast and hopefully not get smited by Ralph's lightning bolts. Oh. We also have Troy Wajuoda. Is that Wojewoda? Wojewoda.

Corey Ham: 03:07

Wojewoda. Who's a BHIS employee and is here to talk about his awesome upcoming workshop on Friday this week. We got gator catcher Ralph who's turning his vape into a microphone from what I can tell.

Ralph May: 03:21

Honestly, the gators are not getting around very much because it's cold here. It's like It

Corey Ham: 03:26

is. Twenties. Yeah. It's it's cold. I mean, who's snowed in right now?

Corey Ham: 03:30

Like, show of hands, are you snowed in? Yes or no? Troy snowed in? Ice ice Mike's not?

Michael "Shecky" Kavka: 03:35

Okay. Nope. Mike, how are

Corey Ham: 03:36

you not snowed in?

Michael "Shecky" Kavka: 03:37

We only got a couple of inches of snow at Chicago.

Corey Ham: 03:41

Okay.

Michael "Shecky" Kavka: 03:41

Frozen, maybe. Sitting around zero degrees but

Corey Ham: 03:46

about you, Rocky? Frozen slash snowed in?

Rock Lambros: 03:49

Cold. No. But we only got a couple inches yesterday. Like if you watched the Broncos game yesterday. Yeah.

Rock Lambros: 03:56

So despite the result, like it looked worse than it ended up being the weather.

Ralph May: 04:01

It started off.

Corey Ham: 04:02

How about you?

Troy Wojewoda: 04:03

It was like sunny and stuff.

Wade Wells: 04:04

Yeah. Oh, I'm I'm completely snowed in ever since my move

Hayden Covington: 04:08

No, you're nuts.

Corey Ham: 04:10

Get out of here. You live in San Diego.

Ralph May: 04:14

Get

Corey Ham: 04:14

out of here.

Wade Wells: 04:15

Arlington. I believe I believe it's like 60 degrees out. It was it was 60 to 73. It was cold this weekend. I had a chili cook off at my house, if that makes you feel any better.

Corey Ham: 04:25

It's cold

Wade Wells: 04:26

enough for chili.

Ralph May: 04:26

It was like 80 yesterday here, but now it's gonna be 25 tonight, today.

Corey Ham: 04:31

Nice. If you're snowed in watching this, first of all, go outside and like sled through your neighborhood. Second of all, we're gonna take care of you.

Troy Wojewoda: 04:39

All of our orange juice is going up in price now.

Corey Ham: 04:42

Yeah. Yeah.

Hayden Covington: 04:43

Know you bought four gallons of milk.

Corey Ham: 04:46

I'm gonna buy orange juice futures because that's how the AI Internet works.

Troy Wojewoda: 04:49

Yeah. There you go.

Corey Ham: 04:50

There you We also have here, Rock Lambros, First time podcaster, long time caller? I don't know. First time caller, long time listener?

Troy Wojewoda: 04:59

Rock Lambros: 04:59

Yeah. Don't Something like that. Right?

Corey Ham: 05:01

Yeah. You have a you have your own company, it looks like based on your title or you just made that up to mess with me? I don't know.

Rock Lambros: 05:07

No. No. I So I founded Rock Cyber where cyber security and AI security now, I guess, company based in Denver. Went off on my own in 2018 but recovering CISO before that. I also co authored CISO.

Rock Lambros: 05:22

Co authored this thing over my shoulder.

Corey Ham: 05:24

Gotcha. So

Rock Lambros: 05:24

I hate plugging myself so

Corey Ham: 05:26

Well, there you got your you got your three seconds of fame. We'll Yeah. We also got Chucky, Mike. Somehow I've never seen you type your last name in this chat.

Michael "Shecky" Kavka: 05:36

It's been a long while since I've done that. I wanted with the new look, I wanted it to look more professional.

Corey Ham: 05:43

In my head, you're still shaky, but alright.

Michael "Shecky" Kavka: 05:45

That's how that's how everybody calls me, so just keep calling me that.

Corey Ham: 05:49

Cool. And then we lastly got Hayden, who's our resident sock expert person who probably has better news articles than we have, but he's not gonna What share

Wade Wells: 05:59

am I if I am not the resident sock expert?

Corey Ham: 06:01

You're the expert. Dude, there's no

Wade Wells: 06:03

Okay. Okay.

Ralph May: 06:04

You're the

Corey Ham: 06:04

old you're the old man. He's not wading through socks. He's not wading through socks? Get out of here. Dude, you okay.

Corey Ham: 06:11

Here's how the pipeline The logs come into Wade, he wades through them, and then Hayden just destroys them with his laser beams.

Rock Lambros: 06:19

I don't know. Yeah.

Corey Ham: 06:21

Hayden puts him in AI. Yeah.

Ralph May: 06:24

It's don't Wade has to manually grab them and then Hayden puts them in AI to actually Yes.

Corey Ham: 06:31

It's a highly efficient log forwarding system. Alright. Okay.

Rock Lambros: 06:34

So I I don't think it's like it's not a coincidence that the younger looking gentlemen on the call are the ones who are still in in the security operation center. Because then you end up looking like this in relatively short order.

Ralph May: 06:48

Is it just showing you where you're going?

Hayden Covington: 06:50

I got gray hairs coming in now. I'm like, oh, boy. That's not good.

Ralph May: 06:54

You get some just for men.

Corey Ham: 06:55

It is true that the sock is proven to cause gray hairs.

Wade Wells: 06:59

That is This is all AI. I am actually I look like the crypt creeper,

Ralph May: 07:02

Literally you know, like

Troy Wojewoda: 07:03

there's literally

Ralph May: 07:04

some videos now on YouTube that are just like AI and and the video is of a guy and it's AI. They're like, I'm an AI and I'm just doing the video for and they talk about new stuff and it's usually AI topics. It's wild. It's like, yeah.

Corey Ham: 07:19

I will say, I do every week go through all the news articles and I find the AI ones and I'm like, this looks like it's AI written. But, yeah. Read

Ralph May: 07:29

it.

Corey Ham: 07:29

Yeah. Let's get started with some actual news. This one is gonna feel like a comfy warm blanket because hopefully, you've already thought about this. Somehow there's yet another critical off bypass in Fortinet off interfaces. The reason I say it should feel like a what a nice either a wet blanket or a warm blanket depending on I mean, is like the tenth time this has happened at least.

Corey Ham: 07:55

It might be the tenth time this year. Firewall management interfaces should not be exposed. We know this, Everyone knows this. It doesn't matter what vendor it is. This time it's Fortinet.

Corey Ham: 08:04

Next week it'll be Cisco, and the next week it'll be Fortinet again. Amazing. But, yeah. I mean, this is, like I I think the most concerning part about this is, like so it was exploited in the wild, Mhmm. And then it was patched, and then it was exploited in the wild again.

Corey Ham: 08:21

Apparently, they didn't patch it properly. So, yeah. That's fun. But I know probably the most safe in the long term. Keeping them honest.

Corey Ham: 08:27

Gonna

Troy Wojewoda: 08:28

patch They're gonna rebrand. That's what that's you remember Juniper and then Ivante? Mhmm. Like, just got so tired of, like and this is my theory of just basically being in the news with O Days every single like, every other week that they just ended up rebranding. And they rebranded, like, two or three times.

Corey Ham: 08:46

No. No. What you're thinking of is Broadcom, VMware, vSphere, Extremius XI, Local Ghost VM edition What? Second

Wade Wells: 08:53

Was Fortinet on that list of Chinese suppliers that China won't let like, American suppliers that China won't let you sell anymore.

Corey Ham: 09:01

Yeah. Well,

Hayden Covington: 09:03

who's gonna buy Fortinet then? Like, who's gonna do that?

Troy Wojewoda: 09:07

Probably the people that are using it for Two decades.

Corey Ham: 09:10

Security researchers that are using it to find zero days?

Hayden Covington: 09:12

Yes. I don't

Rock Lambros: 09:13

know. Know. Exactly. Yeah.

Ralph May: 09:14

This is your this is the easiest way to get that first CVE, guys. You go buy a Fortinet. Oh my god.

Rock Lambros: 09:20

But they're they're no joke taking a lot of business from Cisco. They are.

Corey Ham: 09:24

Yeah. Right? People yeah. Fortinet's big.

Wade Wells: 09:26

It's like mid market. They hit Yeah. Yeah. They're

Ralph May: 09:29

It's at a certain price point, right, where, you know, you're not you can't afford this. Like, you're like the maybe like the Honda Civic but like one that, you know, gets broken into a Kia. There you go. You're a Kia.

Corey Ham: 09:39

You go.

Hayden Covington: 09:40

Is fun. Is like the

Corey Ham: 09:42

firewall what firewall firewall do you have is kinda like the what car do you drive of, like, enterprise security. It's

Wade Wells: 09:47

like Fortinet Fortinet boys? Is that

Corey Ham: 09:50

what it's for? Yeah. What is a Fortinet? Are we saying it's a Kia or a Hyundai? That might be, like, dead on, honestly.

Corey Ham: 09:56

Yeah. Like, it's a good car, but like, yes, someone can steal it with the USB cord. Yes. The the wild thing is how

Ralph May: 10:02

many different firewall vendors are out there if you kinda look at that like market segment and like where they kinda fall in here. Like, it's wild how many there are. It's not there's a bunch of big ones, but you're you're there's like the runs, the gambit, and they all pretty much do the same thing, which is

Corey Ham: 10:17

They're all next, next, next gen

Ralph May: 10:19

Next.

Corey Ham: 10:19

At least by now. How many next are we on now?

Ralph May: 10:22

Next gen. Well, because it's all a blinky box. It's like the it's the ultimate goal is to get a box in your environment because you won't you won't get rid of it unless you really have to. Right? Because then you gotta take down the whole network.

Ralph May: 10:32

Why would you do that?

Wade Wells: 10:33

Yeah. I remember when I bought the Gavin Nelson box, you know.

Corey Ham: 10:36

Oh, the Gavin Nelson signature bee? He's got one right there. Ralphie is running his roof.

Wade Wells: 10:40

Guys, it's cold.

Corey Ham: 10:42

Yeah. People are people are saying in the comments what you know, why would people buy something that'll just that's insecure and will get you breached? If only people made decisions on what to buy based on whether it was gonna get breached or not. Our jobs would be a lot easier.

Michael "Shecky" Kavka: 10:55

Well, here's here's the other question. What stuff doesn't get breached?

Rock Lambros: 10:59

That's the reality, right?

Ralph May: 11:00

Yeah. I yeah. I was gonna follow-up. All of it. All of it.

Hayden Covington: 11:04

Yeah. Right? It doesn't matter if

Corey Ham: 11:06

you can name the company that hasn't been breached,

Ralph May: 11:08

let let's get the list.

Corey Ham: 11:10

Yeah. Right. For sure.

Rock Lambros: 11:11

Right. Hasn't had a CVE, hasn't had Yeah. Right, anything. Right?

Corey Ham: 11:15

No. That's honestly more concerning Yeah. To It's mean, more concerns are gonna be more or You guys have never gotten a pen test? Oops.

Troy Wojewoda: 11:22

These perimeter devices are gonna be more and more pop. I mean, we're we're we've been seeing this trend for the last few years anyways. I mean, EDR technology is really good. Nobody's watching outside of their perimeter, or they're just basically, we have a firewall there. Right?

Troy Wojewoda: 11:34

What's in front What's of looking at that? I mean, Palo Alto, that was 2024 when Palo Alto had their their their incident. I mean, Cisco, when we hear about that, like, well, every other month there's a ASA vulnerability. Yeah. Yep.

Troy Wojewoda: 11:48

I mean, and and there's like nothing watching them. There's no EDRs on those boxes. Right? Well, that's super watching that traffic.

Wade Wells: 11:54

That's maybe that's your next pivot, Troy. Make the EDR of network devices.

Rock Lambros: 11:58

Well, but that's a super We good point.

Troy Wojewoda: 12:01

Would deploy network sensors on the outside of the perimeter too. You know, you have your inside network sensors that are at certain strategic choke points, rightfully so, but you wanna be, you know, obviously So Velocity broke that news on the Palo Alto one two years ago. They they basically admitted it, like if they didn't have the sensor positioned on the outside of that client's environment, they would have never saw it.

Rock Lambros: 12:24

That's good. We've saying for years, right? The perimeter's dead. The perimeter's dead. Like there's no more perimeter.

Rock Lambros: 12:30

Like pretend there's no perimeter. Right? The perimeter is now the endpoint or identity. Right? So now, like I think we have kind of ingrained that mentality of firewall compliance checkbox.

Rock Lambros: 12:43

Right? Is there an explicit denial at the end? Great. We've checked the box. Let's go.

Michael "Shecky" Kavka: 12:52

Well, there's

Rock Lambros: 12:53

that. You'll keep a thing.

Michael "Shecky" Kavka: 12:54

And there's that

Rock Lambros: 12:54

Well, I guess there's not an explicit about all at the end. Yeah.

Michael "Shecky" Kavka: 12:58

There's that and the fact of how much logs they go ahead and do and what log retention costs nowadays. If you have something such as a Splunk or Q Radar to get that stuff in and analyzed on a regular basis, especially for the smaller companies, winds up becoming cost prohibitive.

Corey Ham: 13:15

Yeah. Alright. I love vendors

Hayden Covington: 13:19

love hating on vendors that are constantly like having CVEs with their products. But I think a lot of it probably has to do with like the obvious that if they're a huge market share, they're gonna have a huge market share of people trying to pop them. Yeah. So with like the ASAs, like, I think I've held one before, but like, I've never done a whole lot more than that with them.

Ralph May: 13:39

But I got a whole certification in it. It was Oh, Oh,

Rock Lambros: 13:45

If you're ever certain age, right? Yeah. Think mostly Kool

Ralph May: 13:48

Aid. Just all Kool Aid.

Rock Lambros: 13:49

Right.

Corey Ham: 13:50

I mean, I I I got a great idea for a firewall product, guys. Just get an MCP for IP tables and just hook it up.

Hayden Covington: 13:57

It's fine. It's fine. Fine. Denies every connection.

Corey Ham: 14:01

Yeah. I'm sure there's part of the TCP IP stack that's like, has a prompt section. It's fine. Don't worry about it.

Ralph May: 14:07

I am not paying that freaking API bill. Jesus. Every packet, it checks

Corey Ham: 14:13

whether it's like Yes.

Hayden Covington: 14:15

Yeah. This was malicious traffic. You're absolutely right.

Corey Ham: 14:18

If you're if it's malicious traffic, you have to self identify. Just two AIs talking back to each other.

Ralph May: 14:26

Yeah. I've I've got a perfect one, perfect segue for the perimeter, which is where we're right at, and that is Telnet. Did you guys see the new Telnet?

Corey Ham: 14:34

Yes. Yeah.

Ralph May: 14:36

Here's the whole vulnerability. Which I'm gonna give you zero technical details. How many servers still have Telnet exposed to the Internet? Oh, my goodness.

Corey Ham: 14:46

Wait, where is it? How Well, what's the number? I'm sure you have the number. 800,000?

Ralph May: 14:52

That was the estimate. Yeah.

Rock Lambros: 14:54

I mean, it's under yeah.

Corey Ham: 14:56

Well, how many of

Troy Wojewoda: 14:56

those are I mean Okay.

Corey Ham: 14:58

I will say, is that is that default port or is that any port?

Ralph May: 15:02

I'm I'm sure that's default port. Right? I'm sure that's

Rock Lambros: 15:04

not

Ralph May: 15:04

like, you know, deep Yeah. Deep inspection on there. But still

Corey Ham: 15:08

mean, that's a Shodan number. The Shodan number is the gold standard. I mean, it makes I will say in a lot of cases, like, just to give a little insider knowledge on this one. In a lot of cases, we find this on clients and we go talk to them, we're like, hey, you guys have an exposed Telenet or whatever it is, and they're like, cool. This is an ISP device.

Corey Ham: 15:25

We don't know what it is. We can't manage it. We told them to take it down. They can't take it down. We found a firewall in a closet, unplugged it, it's still there.

Corey Ham: 15:34

That's the scenario with these, we literally have clients going through their networking closets and finding stuff they didn't know was there, unplugging it, and then the service magically disappears. And it's like, we weren't using this, and we don't need it, but we still have it. So,

Ralph May: 15:49

yeah.

Corey Ham: 15:49

That's my guess for a lot of these. I don't think anyone's intentionally using it. It's just there.

Michael "Shecky" Kavka: 15:53

The the other question is is how many of them are OT?

Corey Ham: 15:57

Yeah. Yeah. No. No. No one would expose OT to the Internet, Mike.

Corey Ham: 16:01

I don't know what you're talking about. Uh-huh. Yeah. No one would ever do that. That would never happen.

Corey Ham: 16:06

Michael "Shecky" Kavka: 16:07

think this show is really one of two thing two things. Number one, patches mean something. Number two, since this is sitting inside of an open source software, OSS is great etcetera, in theory it should be more secure. It's a matter of how many eyes do you have actually looking at it. Because from what I was reading this has been around for fifteen years, this vulnerability.

Corey Ham: 16:28

Yeah. The the NSA is like, dang it. We really liked that one. We've been using it for a long time.

Ralph May: 16:34

For all the servers that still had Telnet exposed, this was

Corey Ham: 16:38

They're gonna have to buy another one from Keryllium or whatever. Oops.

Ralph May: 16:41

Yeah. It was a lot. Yeah. I mean, you know, the recommendation is don't

Rock Lambros: 16:46

And there you go. MCP for Telenet, right there.

Corey Ham: 16:48

Yeah.

Ralph May: 16:52

There's an MCP for everything. And at this point, if there's not, I could write you one. And I say, nah, I mean the assistant will write that

Corey Ham: 16:59

for me.

Hayden Covington: 16:59

Yeah. But There's a lot

Rock Lambros: 17:00

of skills specifically for MCP development. Right?

Corey Ham: 17:03

Like will rain down tokens upon you, says Ralf. Yes.

Ralph May: 17:07

It's not hard. It's not hard.

Hayden Covington: 17:09

So I think like, right, GPTs are Claude's son? Is that what that is? What? Like, if it makes an MCP, is that like its son?

Corey Ham: 17:16

Yeah. And Claude's definitely an overachiever with having an offspring. It's like an Elon Musk scenario. Yes. Hopefully Let's find another article bad jokes.

Corey Ham: 17:30

Yeah. I will say, this isn't really that big of a topic, but I do think it's worth discussing. Someone put the there's a LinkedIn post, like, I guess it's not really a news article, it's a LinkedIn post, but it's by Clara Hawking. And it just is kind of outlining some of the privacy implications of TikTok, basically, which we all knew was bad. Right?

Corey Ham: 17:51

Like, all knew TikTok was bad. You know, I've I had a personal ban in my house on TikTok, you know, for years. And the government, I think, bans it from government devices, etcetera. But basically, this LinkedIn post is just someone taking down, like, looking through their privacy guidelines in the TikTok app and Mhmm. Like, it is so invasive.

Corey Ham: 18:12

I I am it is like creepy reading it. Basically, it it explicitly acknowledges that it can gather account details, identity verification documents, private message drafts. It also says clipboard content. That is like is that is the one that really gave me shudders. It's like it's basically just openly admitting that like, we will just grab whatever happens to be on your clipboard when you open TikTok,

Wade Wells: 18:37

which is And this is why you don't copy paste your passwords on a password manager.

Corey Ham: 18:41

Yeah. Yeah. Well, okay. The other thing that's really well, I think, by the way, on that note, I do think most password managers should scrape that information off the clipboard after a certain delay. But the other crazy thing about this is enrichment of the data of the videos that you actually post.

Corey Ham: 19:01

So like, it says here, images and video are treated as analyzable environments. They state that it automatically, I assume, identifies objects and scenery, faces, body parts, extracts words, collects metadata describing how often where something was posted or where it was created. I mean, you know, you can go it's just so creepy how deep you can go with this information, like, looking at where you post, knowing what you talk about, not only do they know what you personally engage with. Oh, man. It's bad.

Corey Ham: 19:32

So yeah.

Michael "Shecky" Kavka: 19:34

Are we surprised? The question is Yeah.

Hayden Covington: 19:37

Is anyone surprised by this? Because if they are, they're not paying very

Michael "Shecky" Kavka: 19:39

close No. The question is is who is this going to at this point in time? Because all of this now is transferred over to US. As of the twenty second, went ahead and they changed all their they changed their policies and switched everything over to US because of the people in power at that point and the quote unquote TikTok ban that they were supposed to do and get rid of TikTok in The US.

Corey Ham: 20:02

Yeah.

Michael "Shecky" Kavka: 20:03

Now that's kind of the Oracle and a few other companies that have the data, who actually is getting this and did they increase that, what they're allowed to collect, just so that way they can go ahead and get US approval?

Corey Ham: 20:17

I mean, think that's a good question. I think that's kind of the reading between the lines here is that the US government is somehow getting it. Which is like, for me, safe to assume, right, if they're exercising this control over this app. Not to say that the US government isn't getting similar information from other providers. Right?

Corey Ham: 20:34

Hayden Covington: 20:34

were probably getting it anyway, even when it wasn't on our soil or whatever. We were we were collecting it on the way, I'm sure, in some capacity.

Corey Ham: 20:41

Yeah. I don't know. It's just, I think for me, it was like I kinda forgot how bad TikTok was, and this just brought it back up of being like, this is why it's a but I feel like it's pretty normalized. A lot of people are like, oh, you gotta be on TikTok.

Rock Lambros: 20:54

Well, I would love to see like a deep dive comparison between alright. Like, Clara call out good job. But now do a deep dive comparison against the meta privacy policy and the YouTube privacy policy and the Instagram privacy policy and the Snap face, whatever Snapchat privacy policy. Right? I mean, bet you they're not all that different.

Corey Ham: 21:16

Well, does say it is now one of the most aggressive data collection regimes of any mainstream consumer platform. So she says one of. Right? It is like there are probably others that are pretty aggressive too. And we know these things are blanket.

Corey Ham: 21:28

Right? Like there's a difference between saying you're gonna do it and actually doing it. But it is I don't know. It's just interesting to think about privacy and how it doesn't exist anymore. Like, we talked about how the perimeter doesn't exist anymore, that's probably how you should think about privacy too.

Corey Ham: 21:42

It's like, all of the information you put on your phone is being ingested by someone else, safe to say. I mean, part

Hayden Covington: 21:49

of part of the problem is people just have the assumption that like, oh, I don't have anything, you know, sensitive or Right. Worth scaling so it doesn't Yeah. Like Yeah. What what do I have? But it's it's literally who you are as a human being that they're trying to profile to sell you things.

Hayden Covington: 22:04

And you might not care now, but you may very well care later and by that point, it's far too late. So it's it's like what is the benefit of I mean, to an extent, Corey, like you mentioned it, like it's an assumption that you will be on these applications and that's exactly what the owners of these tools want how they want you to feel because you have to be getting FOMO if you're not, you know, installing their app that steals your clipboard and everything on it whenever you open the app. Yeah. It's like

Corey Ham: 22:33

I mean, there's it's in the industry.

Troy Wojewoda: 22:35

They used to allow you to like watch a TikTok via like just a standard browser because I don't have TikTok, but like Yeah. Somebody will send me and my family will send me a TikTok link and I'll click on it, and I don't have the app. It says get the app, but I would be able to watch the video via the browser.

Hayden Covington: 22:49

Mhmm. Yeah. Now you can.

Corey Ham: 22:51

Because I

Wade Wells: 22:51

You guys have to switch your browser to desktop. Switch your browser to desktop mode. You can watch it.

Corey Ham: 22:55

Yeah. I'm I'm like, it's not that important for

Troy Wojewoda: 22:57

I'm not watch the TikTok. Sorry.

Wade Wells: 22:59

But if anyone ever tells you they have nothing to hide, it's like a probably like a thirty seventy chance if you ask them to look at their browser history, they'll be like, alright, never mind. I'm sorry. No.

Corey Ham: 23:11

I mean, there's things I still don't wanna share with you. Right? Right. That's what you're hiding. That yeah.

Corey Ham: 23:16

That's I mean, that's

Troy Wojewoda: 23:17

like the with Apple, right, with the when they were scanning, like, photos, I think they did I think that turned on now. Like, where they

Hayden Covington: 23:23

were No.

Corey Ham: 23:24

I thought they they rolled out the back. They rolled the back. Yeah.

Ralph May: 23:27

Because they're like,

Troy Wojewoda: 23:28

we're just looking for kiddie porn. I mean, if you don't have that on your phone, you should be okay.

Corey Ham: 23:31

They reported

Wade Wells: 23:33

some dude who was taking pictures of his kid for a doctor. That was Gage. Oh, I remember that story. I thought that was

Corey Ham: 23:40

Google and by the way, Google still does it. There we even talked about an article of a a re an AI researcher who downloaded an image dataset and got his whole Google account nuked. That was like two weeks ago. But yeah, anyway, because by the way, the the AI training dataset had CSAM in it. But anyway, basically, I I think like the, you know, to to segue a little bit out of this, basically, the there's an article that's kind of adorable and I and I'm gonna we're gonna talk about it because I think it's adorable.

Corey Ham: 24:10

So there's the supreme court case. Has anyone seen this one? It's basically a guy the Supreme Court is going to hear a case of a guy that is suing, which he's suing for the reason at least I assume it's a guy. I don't know their gender, but based on the website twenty four seven sports dot com, it has to be a guy. Basically, this guy is suing for what I consider to be at this point, the core use case of the Internet, which is someone tracking him on their website.

Corey Ham: 24:41

But it's I love this that it's getting a supreme court ruling because it's the most simple thing ever. Basically, the plaintiff is arguing that 247sports.com tracked videos he was watching while he was logged into Facebook, which is like, yes. That is how the Internet works, unfortunately. But it's actually suing them based on a law that is I think hilarious, which is that apparently there's a law against disclosing some what videos someone has rented. Wow.

Corey Ham: 25:16

Which is called v p p a.

Rock Lambros: 25:17

Blockbuster days?

Corey Ham: 25:18

Yes. From like the blockbuster days. Exactly.

Ralph May: 25:22

Basically Privacy law.

Corey Ham: 25:24

He's essentially suing to say like, I don't want the internet to exist, which is like, I love this. Kinda basic. But yeah, basically, the the like, what happened is he was just watching videos on the site and Facebook was figuring out that he was watching videos on the site and was giving him targeted ads based on it. So it's like, if this gets a ruling against it, this would be like it would incredibly change the way that privacy works on the Internet. Unfortunately, it looks like they're probably he's not gonna win, I don't think.

Corey Ham: 25:56

That's my I mean, I'm not a lawyer, but my guess is that he's not gonna win because apparently, he doesn't define like, isn't a subscriber because he was just watching videos for free on this website. So that doesn't count him as a subscriber. So I don't know. Just Yeah. It's such a quaint little story of being like, hello.

Corey Ham: 26:12

I don't want the internet to exist. I don't like tracking. Someone could give me targeted ads based on what I did on another website? This is BS. It's like, dude, don't Google what's happening in 2020.

Hayden Covington: 26:24

Don't don't look up Tik Tok. Don't do it.

Corey Ham: 26:26

Yeah. Don't look up yeah. Don't look up

Hayden Covington: 26:28

I Tik I mean, yeah.

Corey Ham: 26:30

We'll we'll stay tuned and see how they roll in like six years when they get around to it.

Wade Wells: 26:34

That that same act encompasses video games as well. Yeah.

Corey Ham: 26:38

Yeah. Yeah.

Ralph May: 26:38

That's from the eighties. Yeah.

Corey Ham: 26:40

Yeah. It's basically I mean, I don't know. I love it as a concept. It it honestly, the biggest thing that makes me kinda sad, it's like the dystopia is leaking in is like, they're so far behind where what's actually happening. It's crazy to think that the Supreme Court is now ruling on something that's like, Internet tracking ala ten years ago or fifteen years ago or maybe even twenty years ago.

Hayden Covington: 27:02

Because advertising is a plague now. Like, it has gotten to be really atrociously bad. Like, it's everywhere for everything and it's based on any amount of data they can scrape from you. Like Mhmm. Like YouTube has boxed out their own subscribers

Corey Ham: 27:16

by saying Make

Hayden Covington: 27:16

away advertising. Either pay for YouTube premium or you get 10 unskippable ads. And I heard recently, I don't know how true it is, but I've heard that they actually serve different amounts of ads based on your device profile. So if you're on a TV, they serve more ads assuming that you won't go find the remote to skip them. They'll just serve you more because they're assuming you're in front of this television and either not paying attention or you're too lazy to skip them, so we're just gonna give you more.

Wade Wells: 27:44

And they're a 100% right. No one's grab the remote. Right? Like, that's I the worst

Corey Ham: 27:49

I got YouTube premium recently and because

Ralph May: 27:52

it got bundled with some other stuff and it is an elite experience if you like to watch like, know, the different videos on YouTube. Yeah.

Corey Ham: 28:00

That's the only TV I pay for, pretty much.

Ralph May: 28:02

But the what ends up happening though, is that you realize that the creators don't make any money from the ads, so they

Corey Ham: 28:08

gotta put their own ads in the video. Yeah. Yeah. You know.

Ralph May: 28:11

So, I mean and I don't blame them for, you know, be trying to feed their family, right, or make money off this.

Corey Ham: 28:17

Blame them. How dare you feed your family?

Ralph May: 28:19

Exactly. The amount of time it takes to make these videos is insane, right? Like, you know, it's Yeah. It it takes up all your time.

Hayden Covington: 28:26

Yeah. Oh, yeah.

Ralph May: 28:27

Which is why they have the AI videos now of just people like having AI write scripts, you know, yeah.

Corey Ham: 28:32

Yeah. I mean, the whole thing with ads Yeah.

Hayden Covington: 28:34

Like, I've seen some breakdowns of like creator like income. I think it was like Moist Critical did one where he talk he like showed the charts of his like earnings over time and it was almost all advertising revenue. Like a vast majority, like millions of dollars a year in advertising revenue and I don't know, a few 100,000 a year and people that specifically paid like extra on his channel to get whatever benefits he had, but it was almost exclusively advertising revenue. Yeah. And then, your point like, when you pay for premium, do

Corey Ham: 29:07

they just not get anything anymore?

Hayden Covington: 29:09

Is it a a worse deal for them? Like

Wade Wells: 29:14

get a percentage based on how people perform. Premium watch.

Corey Ham: 29:17

They get they get a lot more per view on the premium subscribers.

Wade Wells: 29:20

I believe Hank Green did a video on that. Okay.

Corey Ham: 29:23

You wanna go to find out? Yeah.

Ralph May: 29:25

Good other YouTube videos about how you make money on YouTube while they're making money watching YouTube.

Corey Ham: 29:31

They're like, this ad is sponsored by YouTube.

Hayden Covington: 29:34

So many meta meta meta, like, YouTube commentaries.

Corey Ham: 29:38

Yes. Yeah. No. I mean, it is funny. You talk to every, you know, child under the age of 20 these days and, like, I'm gonna be a YouTuber.

Corey Ham: 29:44

I wanna be a YouTuber. It's, these people are working hundred hour weeks I know. Grinding grinding videos in Final Cut or Adobe whatever to, like, make a funny video about, like

Ralph May: 29:54

The amount of videos you have to make too before you finally like make enough audience to make any money is watch

Rock Lambros: 30:01

hours, right? It's the it's the watch hours. Yeah. You need like a million watch hours or something asinine, right? Like

Corey Ham: 30:07

Yeah.

Hayden Covington: 30:09

They talk about like how lucky they got when they hit it at just like right the the right specific time when it was like just big enough to make them money but small enough to where it was easy to like get started. But now, any of them that you hear talk about it are like, don't ever do this. Like, this is not What you what you want.

Corey Ham: 30:24

It's not

Ralph May: 30:24

what you think.

Wade Wells: 30:25

The trick is not to make a YouTube video, but to make friends with YouTubers and then just join all their videos and then you get this back following and don't have to do work. It's worked great.

Corey Ham: 30:35

Yeah. Tell you about the Blade videos. You can get them all. You can get all. Or

Troy Wojewoda: 30:38

TikTok videos and let the other platforms basically restream all your videos. Right?

Hayden Covington: 30:43

Or you can just go on Twitch and just watch other people's YouTube videos and just occasionally make a comment, and then that's called content.

Corey Ham: 30:50

I can't relate to any of this. Alright.

Hayden Covington: 30:55

Does someone get to Corey five gifted right now?

Corey Ham: 30:58

No. Alright. The next article I think is kind of a save the children article. And it's kind of an interesting I don't know. I thought this article is very overblown.

Corey Ham: 31:10

But basically, it's a cyber news article where someone is getting Melissa McKay, who's a person who works at a nonprofit called the Digital Childhood Institute, which from what I can tell, basically just files complaints against big tech companies, which someone's gotta do it. They're, you know, they're doing the Lord's work here. Basically, they they're mad because Google emailed their kid and said, you're almost 13. That means you might be able to remove parental controls from your account. Oh.

Corey Ham: 31:41

Which the person took that as like a, oh my god. Google's grooming my child, which is, I don't know, that to me feels a little bit overblown. The other thing the article kinda gets wrong is that looking at Google's page, it does tell the kid that they might be able to get out from parental supervision, but the parent still has to consent to allow them to like graduate from parental supervision. So I'm like What

Michael "Shecky" Kavka: 32:05

it also doesn't say is it doesn't tell you that the parent gets notifications. And it's not just the out from the supervision, it's at different stages. Yeah. Being a parent with a kid who goes ahead and watches some stuff on YouTube and I've got him with a Spotify account. At certain age levels, he has got we've gotten an email, he's gotten it and I've gotten it saying, okay, you're now gonna be able to be boosted up to this level if your parent allows you to.

Corey Ham: 32:37

Yeah. Exactly. Basically, I think this is super overblown from what I can tell. I mean, the other thing I mean, I'm not a parent, so I don't know how this feels. But it feels like if this is the only way of supervising your kid, you're probably not a very good supervisor.

Corey Ham: 32:49

Like, if like

Troy Wojewoda: 32:50

I have a new account and I'm 14. Right? Like, that's

Corey Ham: 32:56

what I would have

Troy Wojewoda: 32:56

done if I was a kid.

Corey Ham: 32:58

Yeah. My scheme account thinks I'm 108

Hayden Covington: 33:00

or whatever. Like people are just gonna lie about their age.

Rock Lambros: 33:03

Well, I'll

Michael "Shecky" Kavka: 33:04

be honest about some of the some of their parental controls on some of these streaming services. I set up one for my son to listen to music on. And I could not share the pre made playlists to him because his is a kid account and it does not allow him to stream shared playlists.

Corey Ham: 33:23

It's Not very his own father. Is what you're saying.

Michael "Shecky" Kavka: 33:26

Some of these get very restrictive on it

Corey Ham: 33:28

all. Yeah.

Michael "Shecky" Kavka: 33:28

Where I've had to recreate playlists or recreate something for him that he was using my account and I'd set up something specific while I watched him. And now he wants to go over to his own thing and I go, okay, this is the parameters. And he goes Yeah. But I can't watch the list that you went ahead or I can't listen to the list that you went ahead and made me. I go, okay, now I gotta go ahead and do this again.

Corey Ham: 33:49

Congratulations. In the eyes of the internet, you're an adult now on Spotify. Yeah. I mean, I I don't know. I think it's a basically, think this is an overblown article.

Corey Ham: 33:58

I Parental control, I mean, don't get me wrong, I do think like tech companies take advantage of kids for sure, like that is a thing. Mainly for advertising revenue like we were just talking about. Oh, for games.

Rock Lambros: 34:07

Oh, my god.

Corey Ham: 34:08

Yeah. For games. And also like to distribute basically to distribute malware, essentially. But, yeah, like, beyond that, it's, you know, I don't think this specific accusation is super interesting.

Hayden Covington: 34:21

It sounds like someone read like the first paragraph of that warning and wanted to get really mad about it and then that's Yes. And

Corey Ham: 34:29

then for some reason And then some reason, someone wrote a news article about it and here we are.

Hayden Covington: 34:35

Exactly. And now we're

Corey Ham: 34:36

talking about it. So on the next, you know, the next one I wanted to talk about is apparently, the House of Lords, which I don't know what that is. I'm assuming that's Congress or Senate?

Ralph May: 34:44

It's a show. It's a TV show, actually.

Hayden Covington: 34:48

England is No,

Rock Lambros: 34:49

it's not. The reality show.

Corey Ham: 34:50

No, it's not. I think it's British politics British

Hayden Covington: 34:54

isn't real. It's real.

Corey Ham: 34:56

It's I swear this is real.

Michael "Shecky" Kavka: 34:58

House of Lords is equivalent of the Senate.

Corey Ham: 35:01

House of

Michael "Shecky" Kavka: 35:01

Commons is equivalent of the

Rock Lambros: 35:03

House of Representatives.

Corey Ham: 35:05

So basically, the news article is that the House of Lords, which from what I can tell is a bunch of people sitting around eating tea or drinking tea and eating crumpets.

Rock Lambros: 35:12

In white in white wigs. Yeah.

Corey Ham: 35:15

I think they do actually wear the white wigs. Anyway environment or something. They passed they voted to pass a law that would ban children 16 from accessing social media, which first of all, good luck. The kids, they yearn for the minds. They yearn for the social media.

Corey Ham: 35:35

Okay? They you're not gonna ban like, everyone's just gonna turn 18 if this happens. Right? Like, I don't know how this could possibly work. But what do we assuming this is physically possible technically possible, what do we think about this?

Ralph May: 35:49

Physically, technically.

Wade Wells: 35:52

Country. Second country's done this. Australia already did it. Right?

Corey Ham: 35:56

Now, we already did it.

Wade Wells: 35:58

Don't know if it's working, but I think it's gonna change the thought process around social media eventually. Right? There's

Corey Ham: 36:03

It's like smoking. Is it like smoking? Yeah. Exactly like smoking.

Wade Wells: 36:09

You're slowly bringing it out there that social media sucks and it's just gonna bring society down. Yeah. I can't even remember. I've talked about a really good parenting book that pretty much goes into, I believe it's the anxious generation. That's what it was.

Wade Wells: 36:23

And it goes into social media and teenagers and all that stuff.

Corey Ham: 36:26

Oh, yeah. And the biggest

Wade Wells: 36:27

thing he talks about is putting limits on, like, laws down for kids. And not because they're gonna follow them, but because it's just gonna change the mentality around it. Right? I I think and I think it's super important at least to have it down. Are they gonna be able to get past it?

Wade Wells: 36:42

Yeah.

Corey Ham: 36:44

Legislative generation of hackers. Hell yeah. Just just tell them for

Troy Wojewoda: 36:48

They can only use Facebook and then they'll be like, nah, never mind. That's all my grandparents are on. I don't wanna be on that.

Corey Ham: 36:56

I mean, literally, I mean,

Troy Wojewoda: 36:57

that's how they think. I mean, they're they're like, Facebook is like that's like grandpa's like stuff.

Hayden Covington: 37:02

I had an adverse reaction when you said that. Just involuntarily, like, don't wanna be on there.

Troy Wojewoda: 37:06

I mean, that's that's what it is. I mean, generations were they revolt against, like, previous generations too. Right? So there's always that.

Corey Ham: 37:13

Oh, yeah.

Wade Wells: 37:14

Then, you know, they grow

Troy Wojewoda: 37:15

up smoking, but then they're just gonna find then there's like vaping or whatever, you know, whatever the next thing is. Right? Like, smoking to a kid is not like appealing, but vaping to children are. Right? Like, it's This is a new thing.

Corey Ham: 37:26

Okay. First of all, get rid of the weird computers to get to ingest nicotine. Let's go back to ripping darts out behind a bowling alley. Yeah. No.

Corey Ham: 37:36

Let's get back to that. That's my new platform. No. I I honestly think, like, Wade's comment is right. It's like it's more it makes you think of something like social media might be a thing we should restrict and and regulate and ban.

Corey Ham: 37:48

And that's an interesting and new concept. And I think that's a good thing to get out in the public. I mean, at one point in The US or, you know, in the world, smoking wasn't considered unhealthy. It was like, oh, there's no risk associated with smoking. So

Troy Wojewoda: 38:00

Prescribed it.

Wade Wells: 38:00

It was the opposite. Was considered healthy.

Rock Lambros: 38:03

Yeah. Actually, know, are

Michael "Shecky" Kavka: 38:04

some There health

Troy Wojewoda: 38:06

are health benefits to like nicotine, but like,

Corey Ham: 38:09

does the It's good

Troy Wojewoda: 38:10

IVF. Trade off with like cancer is a little bit dangerous. Right? Like

Corey Ham: 38:15

Yeah. No. I mean, and if you look at the rate of smoking, it has declined like extreme like Yeah. Significantly over the past Do we

Rock Lambros: 38:22

We've shamed, like, we've shamed society in a way. Right? Like, we've Yeah.

Troy Wojewoda: 38:26

If we I remember walking into a restaurant and then asking you smoking or non smoking. Yes.

Corey Ham: 38:32

No. A 100% of

Rock Lambros: 38:33

Airplanes. Airplanes. Yeah. Smoking sections. Right?

Rock Lambros: 38:37

And it's like I

Troy Wojewoda: 38:37

don't think I flew on an airplane when they they were smoking

Corey Ham: 38:39

and stuff.

Rock Lambros: 38:40

Yeah. That's way better for that.

Corey Ham: 38:42

The world is way better. And honestly, if I don't have to see people recording stupid TikToks around

Wade Wells: 38:47

That's an oh my god. That that is literally the equivalent. Oh my god. Yeah.

Corey Ham: 38:51

It's the same thing. It's the same thing. Someone approaching you on the street and being like, hey, can I survey you for my TikTok? Absolutely not. That's the equivalent of you offering a little

Ralph May: 39:00

that there's like a safe version of social media, like, like, it alright. So, we were talking about cigarettes, which I think is a great one because like, you

Corey Ham: 39:08

know Yeah.

Ralph May: 39:08

All the all the health benefits, there is none, right? Like it's all bad for you, like all this study. But do we think that like social media might have a version that is better not better, but like not as bad. Does that make sense? Or is it just like one of those things that just it's broken, like

Wade Wells: 39:23

What is the one where you took one picture a day? Where you took one picture a day?

Corey Ham: 39:28

It's be real, is that the one?

Wade Wells: 39:29

Be real, I think that's what it was like, there you go. That is don't get to say anything, there's no messaging, all it is is one picture.

Michael "Shecky" Kavka: 39:36

Honestly, the comes problem in two forms with social media. Number one, monetary monetizing it. And number two, lack of proper moderation.

Corey Ham: 39:47

So would you pay If you want could pay for it though?

Ralph May: 39:49

Would you pay for social media? If someone's like, hey, $10 a month, but like, this is like no ads. Okay?

Hayden Covington: 39:53

People pay for Twitter and they still get ads. I I'm sure there's people like $40 plan or whatever.

Michael "Shecky" Kavka: 39:59

Yes. Yeah. You have to you have to take away monetization and especially have to increase moderation and proper moderation at that point. If you wanted a quote unquote good social media

Hayden Covington: 40:13

it's like I hate it, man. Like, there's there's no like true real benefits outside of a few edge cases, but it's like so tempting and so addicting for

Troy Wojewoda: 40:22

so many people

Ralph May: 40:23

and a lot of people

Corey Ham: 40:24

I know somebody a lot

Hayden Covington: 40:25

of people can't like they can't resist. Like, they don't have any impulse control and so then they

Troy Wojewoda: 40:30

three or four kids.

Corey Ham: 40:34

Well, no no no. I'm the kid. I'm the kid. Listen. I yeah.

Corey Ham: 40:38

I I will say, first of all, just like smoking, a lot of more research is needed. I like, there is not I don't think there is, like, there's some books, there's some probably basic research. Like, we know there's research into, Facebook makes you unhappy or whatever. Like, there there are some basic research things, but there's definitely not research, I don't think, on kids. Like, I I can't imagine, like, someone asking my kid to, like, participate in a Brain Rod study where it's like, your kid, if selected, will be watching eight hours of Brain Rod or whatever.

Corey Ham: 41:07

I don't know.

Troy Wojewoda: 41:07

I know it's not social media, but do do anybody have kids that play, like, Roblox or anything?

Corey Ham: 41:13

Oh, that's social media, in my opinion.

Troy Wojewoda: 41:14

Yeah. Well, it's a game. Yeah. But I mean, it's kind of like a blend. Right?

Troy Wojewoda: 41:18

It's like Yeah. Like

Corey Ham: 41:19

Yeah. I mean, what is social media is another whole question.

Troy Wojewoda: 41:22

With my children, the twins we were talking about earlier, like, they're older now, but when my daughter was younger, I caught her on Roblox, like, having this heated chat, where they were basically like, well, I'm music 12. Well, I'm music 10. Like, they were basically like basically just using the like random words to to show their age, because you couldn't just put like the number

Corey Ham: 41:44

12 in there. Oh, I see. Yeah. So they're basically just

Troy Wojewoda: 41:47

hacking the chat system. And I was like, no, you're not my daughter at the time was only like eight. Right? I'm like, no, you're not playing. Now, you're grounded for two weeks

Corey Ham: 41:56

from

Troy Wojewoda: 41:56

this.

Corey Ham: 41:56

Right? Yeah. I mean, I would count Roblox as social media me personally. Anything with a chat is social media in my book. Like, that that like, if if you can just sit around and talk to people, media.

Corey Ham: 42:09

That's my

Ralph May: 42:09

This is so impressive.

Rock Lambros: 42:10

Go back to IRC. IRC was Let's

Corey Ham: 42:14

go back to IRC.

Hayden Covington: 42:15

I mean, it's

Corey Ham: 42:16

Alright. What else I was we 10 years old. Speaking of Speaking Speaking of It's

Ralph May: 42:18

not good to

Hayden Covington: 42:19

see where it is now.

Wade Wells: 42:20

Bands that are gonna be hard to block. Let's do the three d printing one now.

Ralph May: 42:24

Alright. Do it. Come on. Passion.

Wade Wells: 42:28

So so this is kinda hit me harder than usual too because I started three d printing paintball marker parts.

Hayden Covington: 42:36

Okay. Like

Corey Ham: 42:37

Which is which is not a gun but a gun.

Wade Wells: 42:40

Which is not a gun, it's a marker. So pretty much Washington has introduced legislation that every not just three d printers but every it's three d printers and any like milling tool. So if it's either reduction or building material has to now check-in with a government database on what it's creating and if it's Oh my goodness. Right? And then the companies themselves have to regulate regulate this and allow it to do this.

Corey Ham: 43:12

So Hey, pretty much government. Can I print Danny DeVito but he's a Cheeto?

Wade Wells: 43:20

So this is of course the combat three d printing guns. My thing is like, what if you just printed so small of parts that it didn't realize it? Right? Like you just like infinite like, okay, here's like a 10,000 piece LEGO Yeah. Gun now.

Wade Wells: 43:33

So they put it together. So I mean yeah. Yeah. I say this as with a Bamboo Labs like directly behind me. Right?

Wade Wells: 43:40

And

Corey Ham: 43:41

Dude,

Hayden Covington: 43:44

warrior, Curly. Or oh, god. It's the same thing you said earlier, Corey, is it's like, they're so far behind on the legislate Yeah. Legislation. Oh, my God.

Hayden Covington: 43:53

I'm gonna give up.

Corey Ham: 43:57

NTP that don't any

Hayden Covington: 43:59

of this stuff, trying to make laws about it. It's

Corey Ham: 44:02

Yes. Yeah.

Troy Wojewoda: 44:05

Use of AI to become lawyers and abolish the the the justice, the legal system.

Hayden Covington: 44:10

Well, they tried that. They've made up court cases.

Corey Ham: 44:15

So, okay. This is just proposed, and it's only in Washington state.

Hayden Covington: 44:20

Right. Is only is now Washington,

Corey Ham: 44:24

This is Washington state.

Wade Wells: 44:27

Let me look

Corey Ham: 44:27

up the law.

Wade Wells: 44:28

I had like I legit article. Yeah. I had to legit go to, like, search for an article from, like, an okay website about this because no one was really reporting on it. But I also found kind on.

Ralph May: 44:41

This really a problem though? Three d

Corey Ham: 44:44

another good question. There's we have guns at home. We have guns at home.

Ralph May: 44:48

You can buy guns all over the place. Like, they're everywhere. They're like falling off the streets. Like, they fell out of people's cars every day. There's so many.

Ralph May: 44:55

There's more

Wade Wells: 44:56

in rivers and getting them.

Corey Ham: 44:58

It is Washington State.

Rock Lambros: 45:01

It is Washington State. And I'll also say depending on the material you're printing with, won't get picked up in a metal detector. Right? So there are Yeah. Saying, there are things.

Rock Lambros: 45:11

Now, are you gonna pull off frankly, I'm gonna just say I own guns. Are you gonna pull off a mass shooting with a three d printed gun? No. It'll blow apart like before mass But casualty I I get it. Right?

Rock Lambros: 45:24

I I I get it. But

Corey Ham: 45:27

I mean, I like A slippery slope.

Rock Lambros: 45:29

Very slippery slope.

Corey Ham: 45:30

Take the example. Let's take the example here of Japan, which has some of the most restrictive gun laws in the world and still had a prime minister get assassinated with a gun. Right? Like, that was like a handmade homemade gun, like, not necessarily three d printed. But the point is, you know, this the cat's out of the bag.

Corey Ham: 45:47

You can't you can't put the cat back in the bag when there's 380,000,000 guns in The United States or whatever. Like Right.

Rock Lambros: 45:53

It's It's 300,000,000 people. Right?

Corey Ham: 45:55

We got guns now. Yeah. We not people. Yeah. Like, this is I don't know.

Hayden Covington: 46:02

But The solution is not ban three d printing guns, like solution.

Corey Ham: 46:09

There are some precedents for this in like other tech. Like the one I'm thinking of is, this could be apocryphal. I don't know if this is true, but I think every printer, like inkjet printer prints like an ID into every document that it prints, so you can't print US bills. Right? Like or Oh, like it you know, like there are like some like stupid printer things that are done specifically to prevent people from counterfeiting money.

Corey Ham: 46:32

So maybe this is like just gonna be how it is, is like I have to ask a government if I can print Danny De Cheeto or whatever. But like, I feel like it's I mean

Ralph May: 46:41

it's it's really so get

Corey Ham: 46:43

curious about the people are gonna be all over this. Yeah. This is never gonna get,

Hayden Covington: 46:47

you know

Wade Wells: 46:47

The other thing is though, if you read it, it's so vague. It's not just three d printers. Right? It's also milling devices. Devices.

Wade Wells: 46:53

Yeah.

Corey Ham: 46:54

It goes deep in garage is like Oh, how do you cook this?

Ralph May: 47:00

Ago when they were I mean, like, who

Corey Ham: 47:02

Yeah. This tech isn't new.

Ralph May: 47:04

Like the moment.

Corey Ham: 47:05

Yeah. Yeah. Yeah. I don't know. And Interesting.

Corey Ham: 47:10

Let's just say yeah. I mean, let's just say if you're on Facebook marketplace in Washington, you could probably snag a three d printer for real cheap right now. No. No. I'm just kidding.

Wade Wells: 47:17

Highly highly suggest it.

Corey Ham: 47:19

Yeah. No. I don't know. That's weird.

Rock Lambros: 47:21

I don't know. Anyway The other way around. The the the demand go up before

Corey Ham: 47:25

Oh, Yeah.

Troy Wojewoda: 47:30

Some more three d printers. Like, go and buy them now before they before they, you know, like

Corey Ham: 47:34

That's a really good point.

Troy Wojewoda: 47:35

Out there that gets elected and they start mean,

Rock Lambros: 47:38

it happens with

Wade Wells: 47:39

You wouldn't want a Bamboo Labs for this because Bamboo Labs actually has internet connectivity, right, and already a database hooked up into it with the app and everything like that, you'd wanna go for something that's like completely dumb that cannot

Corey Ham: 47:51

Oh, that's I mean, that's another good point. Right? Which are the shittiest three d printers?

Wade Wells: 47:55

I don't wanna do that anymore.

Corey Ham: 47:56

No. That's real yeah. Can you imagine like you you see your neighbor getting hauled out of their house into like a big raid and it's like, oh, yeah, you had twelve three d printers in there. TV license thing. Like, there's a three d

Hayden Covington: 48:07

printer license.

Ralph May: 48:09

They have unlocked firmwares for the bamboo, though, that you can reflash, and it won't mean, because this is this is a cat now.

Corey Ham: 48:14

Dude, no, I have a concealed three d printer license.

Troy Wojewoda: 48:19

Nick, let's talk about firewalls again. Put a firewall in front

Corey Ham: 48:22

of Yeah. It's in a closet. My three d printer's in a closet, which you have to have a special license for that. I know I

Rock Lambros: 48:27

do packet

Corey Ham: 48:28

inspection. Speaking of firewalls, do

Ralph May: 48:30

wanna talk about 1Password being your firewall for

Corey Ham: 48:34

Let's talk about

Wade Wells: 48:37

I don't wanna talk about it. Go ahead. Okay. This is cool.

Corey Ham: 48:40

I do have some questions. Do you I guess, Wade may maybe doesn't even know.

Wade Wells: 48:43

But I do have questions. On that. I knew it was coming, but no, I did not. I do not know about it.

Corey Ham: 48:49

Have questions on how works. Is it okay. Here's my questions. Number one, is it safe browsing or is it actual like brand new like typo squatting? Like, do they do the identification or are they just pulling from a database?

Corey Ham: 48:59

That's my question. I believe both

Wade Wells: 49:04

but I'm not a 100% sure. I don't keep up with product as much as I should.

Corey Ham: 49:08

I mean that would make sense from my perspective.

Wade Wells: 49:10

I think when I like first got hired, someone was pitching this idea and I was like, it could work and then they even asked me they asked the security team about it. And They were like, wait,

Corey Ham: 49:19

did you see an idea?

Troy Wojewoda: 49:19

And he's like, no.

Corey Ham: 49:20

This is a terrible idea. Now, here it is. They ignored you and made it anyway.

Ralph May: 49:28

Well, wouldn't you just check? Alright. So just simple logic. Right? Wouldn't you just possibly check to see what the URL is that saved in one password and then what that at and then If it's slightly off.

Ralph May: 49:37

Similarity? Yeah.

Wade Wells: 49:38

So that's exact that is part of what they're they're going to do, I believe. The other big thing is like, still people it'll warn you when you copy and paste stuff because in a lot of times when you go to a website, if one password isn't working, you can go copy paste it and throw it in. Now it's like, hey, are you sure? Like, is this a real website?

Hayden Covington: 49:56

This is suspicious. I mean, that seems like a good feature to me.

Corey Ham: 50:00

Yeah. Yeah. Mean, this is great. I'm I'm gonna use this. Like, the example they gave in the blog post, I mean, so is this enabled by default?

Corey Ham: 50:09

That's the other question. I'm assuming it is. Oh, yeah.

Wade Wells: 50:11

We're not you could go you could email customer service. They're I could go to the one password reader.

Corey Ham: 50:16

I don't know. You're telling me to email password security. I'm

Wade Wells: 50:23

I'm not the support. That's the

Corey Ham: 50:25

Wade's like, listen, I don't use the product, honestly. I use KeyPass. I've been using it. I've used

Ralph May: 50:31

I can't use one password.

Wade Wells: 50:34

Hey, I get a free one password account now, so of course I use

Ralph May: 50:36

it. Change my opinion too.

Hayden Covington: 50:39

It's pretty goated, I gotta say.

Corey Ham: 50:41

Yeah. I love it. I think this is a good every password manager has to have this. And honestly Yeah. Like, you know, there's a lot of protection things like this that are gonna roll out over the past next few years.

Corey Ham: 50:51

Once we start get you get a little model you get a little model, you put it on your computer and it's gonna get better at and better at identifying malware like this.

Wade Wells: 50:58

Yeah. So one thing they are doing that they've talked about before is working heavily with AI models in order to pass them credentials too. So that's gonna be something I

Ralph May: 51:08

was gonna

Corey Ham: 51:08

say Interesting. The credentials in the AI models are just like rampant, right? Oh, no. You just use environment variables, it's fine. Don't worry about it.

Corey Ham: 51:15

No, don't.

Hayden Covington: 51:15

I mean, you can actually do that. You can reference like a one password vault for credentials and

Corey Ham: 51:20

so You

Ralph May: 51:21

you can totally do it.

Corey Ham: 51:22

I do it in my But you have to

Hayden Covington: 51:23

do that effort.

Michael "Shecky" Kavka: 51:25

No. That's a

Wade Wells: 51:26

lot of effort. I'm legally fan.

Ralph May: 51:27

Well, if you have an MCP, you could do it in a may like a more sane way. Right? Like a more

Wade Wells: 51:32

and they're building that. Right? They they have that. We have partnerships with like Cursor and couple of the other big people. But I mean, I'm not in sales.

Corey Ham: 51:40

Does anyone have any before we're getting close on time. Does anyone have any articles they wanna submit? Sadly, I'll spoil it for the audience. There's no chicken news this week, folks. I'm sorry.

Corey Ham: 51:49

There goes half our half our listeners. Everyone, just click away. It's fine.

Ralph May: 51:52

I wanna bring up one. This is not necessarily an article. There is a bunch of stories about it, but it it's kind of it's kinda gonna blow up. And I think this is a really good one for a security take. And it is an AI article.

Ralph May: 52:06

Right?

Corey Ham: 52:06

Oh. Alright. Hit us.

Ralph May: 52:08

I hit us. Right? So there's a new app out there called Claude Bot. Have you guys heard about this?

Hayden Covington: 52:14

I've used that all of Sunday. Yes. Okay. Alright.

Corey Ham: 52:19

Ralph May: 52:19

for everyone who's unaware what Claude Bot is, is it's probably a Vibe coded. It doesn't really matter though. What it is is it hooks into Claude, right? And then it hooks into any other things that you might have on your system, okay? And not just on your system, it could be anywhere.

Ralph May: 52:36

And the one thing that kind of is like the real kind of push for this is that maybe it hooks into your calendar, maybe it hooks into like, could hook it into a lot of different MCPs, or you could just have it write its own hook. Right? And Claude could write that for you. And the way that you control it though is actually through some kind of messaging platform. Like, can use Signal, you can use Telegram, and you just ask it questions, or ask it to do things for you and your life, whatever that matters, and it will do it.

Ralph May: 53:05

Maybe it's for business, maybe it's for personal. Right?

Corey Ham: 53:07

And it's written in Rust?

Ralph May: 53:09

Yes. It it it connects all of these things together. Now, it's very different than like ChatGPT or Quad as an as as a as an individual product, because those require you to give it the context of what you're trying to do. Here is all of my calendar. Oh, okay.

Ralph May: 53:26

Well, write a thing. As opposed to being like, well, you're already hooked into my calendar, just add something to my calendar. Right?

Corey Ham: 53:31

Oh my Yes.

Ralph May: 53:32

This is It is This is blowing up. Of it's kind of like it's kind of like bringing in that like personal assistant that AI has kind of promised. Right? Especially like, you know, it has been talked about.

Hayden Covington: 53:44

People are buying Mac's doing

Rock Lambros: 53:45

this to to run it. Yeah. Mean, buying

Troy Wojewoda: 53:47

Mac's new Mac's to run

Ralph May: 53:48

this by the way.

Corey Ham: 53:49

I almost did just because Okay. Just because it was So good. Okay.

Rock Lambros: 53:53

So You can run it on a Raspberry Pi.

Hayden Covington: 53:55

Yeah. Yeah. Crafty server in my closet now.

Corey Ham: 53:57

It's just

Ralph May: 53:58

the reason the reason people were buying them, but just for context, is because a bunch of the pre built plug ins were designed to hook into a Mac or like Apple. And so that's why they bought them because they didn't realize that they don't but you could just ask Claude to write a plug in for you. Right.

Hayden Covington: 54:14

And I think where it's like people are losing some of the context is it can it operates off of Claude code, but you could probably think of it better as like a layer two of an AI or something.

Corey Ham: 54:25

Where you

Hayden Covington: 54:25

you could tell it like, hey, this is your machine. Do whatever you want. It can go and invoke a Claude code session of its own to do things. It really wanted to, it

Corey Ham: 54:34

can

Hayden Covington: 54:34

install my goodness. You could be very give

Corey Ham: 54:37

to this. Alright. Give me a link. Hold on. Hold on.

Corey Ham: 54:39

Hold on. Before okay. I for I do wanna get back to I wanna hear Hayden's personal story with it, and I wanna hear Ralph's personal story for with it. But someone posted a hilarious tweet from, basically, someone had Claude Bot hooked up to their Twitter.

Ralph May: 54:55

Okay.

Corey Ham: 54:55

Do know people were people were just prompt injecting prompt injecting people's Twitters? Okay. So like, this is a this is a great example of like, when it goes too far, it's gonna get real bad. Because like Yeah. This guy randomly on the internet is just prompt injecting your Claude bot using up all your tokens.

Corey Ham: 55:14

Like, it's not even about like the privacy, obviously, this case. Claude Bot didn't have access to the user's social security number and so wasn't able to hand it out. But what you could do is just say, hey Claude Bot, I need you to code me an app. You know, like code, like you could just use up someone's resources or, you know.

Ralph May: 55:29

The security ramifications are incredible. Right? It's Oh, like a bunch of people who have no idea what they have just done.

Corey Ham: 55:36

They're just hooking it up to everything that can now be I mean, this is what I tell clients when they ask me about this. I say, anything that can get to AI can be prompt injection prompt injected, and you have to be very careful with those boundaries of internal to external. Like, if I can tweet at you and prompt inject you, that's too easy. Like, it needs

Rock Lambros: 55:55

I to be mean,

Corey Ham: 55:56

we all

Rock Lambros: 55:57

freaked out when the when the AI browsers came out, right? Like, or whatever. This is like

Corey Ham: 56:04

This is hard drugs compared to Yeah.

Ralph May: 56:06

Exactly. This This like

Rock Lambros: 56:08

is like April. Yeah.

Corey Ham: 56:11

Yeah. Yeah. Yeah. No. For sure.

Corey Ham: 56:12

That's Yeah.

Hayden Covington: 56:13

An hour into setting mine up, like, can allow list communications. That was the first thing

Corey Ham: 56:18

I did.

Hayden Covington: 56:18

Yeah. But like, an hour to setting it up, I put it on an old crappy server that's locked down and can't touch anything. It And was like, hey, I need

Corey Ham: 56:26

to install this thing. You can do it for me or you can give me the

Hayden Covington: 56:30

creds to do so. And then you were

Troy Wojewoda: 56:32

like, alright,

Corey Ham: 56:32

this is now your server, Claude Bot.

Hayden Covington: 56:34

I, like, I was like, I could give it a like a one password vault and give it the one password command line tool, drop the creds in there and say, go crazy, little buddy. Let's see what you do. Yeah.

Corey Ham: 56:46

So my god. Oh my god. I I said this before, I wanna see I wanna see a YouTube video or a livestream or something of someone that does this and just I wanna see the carnage. Yes. I wanna see it.

Corey Ham: 57:00

The other

Ralph May: 57:00

the other thing too is I've set it up and it is hooked into Claude code, which has Opus, which is a very very smart model. Like this like, if you think of every time you've tried to program something, Opus will usually get it first time go.

Corey Ham: 57:13

Okay? Oh, yeah.

Ralph May: 57:14

Maybe like two slight tweaks second time. Okay? So it is very smart. And if you give it enough information, it can do a lot of stuff, but it is gonna get wild. Right?

Ralph May: 57:24

Like, I I don't think people realize Yeah. How dangerous this is at the same time. Right?

Corey Ham: 57:29

Yeah. That's why it's

Hayden Covington: 57:30

good that people are buying Mac Minis is because when their Mac Mini gets like super super hosed, it's Cloudbot's own machine. There you go. Yeah.

Rock Lambros: 57:37

Is really a secret Apple project, right, to get people to buy more Mac Minis.

Ralph May: 57:40

I oh my god. Yeah. I think the wildest part is is I installed it and there's a bunch of plug ins that can hook to things and it all used brew and I think people were like, oh, that's for Mac. So like, oh, I need a Mac to do this. And so I think it was just because the guy developed it on Mac.

Ralph May: 57:55

It had nothing to do with it.

Corey Ham: 57:56

Yeah. By the way Delete that

Hayden Covington: 57:58

could show my stupidity.

Corey Ham: 57:59

But it is Yeah. It is exciting because I don't buy a can write your

Ralph May: 58:02

own anything.

Corey Ham: 58:03

Yeah. Yeah. But the point is most people, just regular, you know Yes. Day walkers, whatever you wanna call them, don't know how to freaking code up an isolated Right. Bulldog.

Corey Ham: 58:15

They don't know how to do that. Yeah. Yeah. Those people don't know how to, oh, yeah. Have I know how to spin up a VLAN in my home network and have a virtual

Ralph May: 58:22

So you'll make just Mac mini and just set it in a corner and say don't do anything bad and it's a Raspberry

Corey Ham: 58:27

Pi, that's gonna get banned. That you can't go to the inauguration with that. That's banned with the flipper zero.

Hayden Covington: 58:32

When you three d print your case, have to get government permission first.

Ralph May: 58:36

So Yeah. I I think that the year of the assistant is coming and I also think that the year of people doing really dumb ideas with these assistants is definitely gonna happen and it'll be kind of funny to watch and security will

Corey Ham: 58:50

I know. I I it's like in the the hard thing for me every time, every time something like this releases, I am equally wanna try it and I'm also terrified of it at the

Hayden Covington: 59:00

same

Corey Ham: 59:00

time.

Hayden Covington: 59:00

Oh, That's me too.

Corey Ham: 59:01

I wanna try it,

Ralph May: 59:02

Dude,

Rock Lambros: 59:02

and I assuring will probably you so try bad.

Ralph May: 59:04

My dog right now, it is addicting. Is addicting. Is like a drug. Like, if you're a computer or tech person, it is a drug because it like, think about all the stuff you imagined you might do. And think about how you were like, I don't know how to do that.

Ralph May: 59:20

No problem, I'll just ask it. Oh, look, it's doing it for me.

Corey Ham: 59:23

Oh, oh, it works. Yeah. It's like the but it's an it's doing everything at like the intern level except for maybe coding. It's pretty good at coding. No, no, yeah.

Ralph May: 59:31

Coding level though, I'm I'm telling you I'm telling you

Corey Ham: 59:34

You're gonna let this thing book you a flight? It's gonna book you like a freaking ride, dude. I don't know, man.

Ralph May: 59:39

I granted, I I am not into that like total automation realm, but it is super cool to have, essentially pull up signal and be able to tell it to do things or maybe look up things that are personal to me, maybe not to, you know, the model. Right?

Corey Ham: 59:52

So. Aye aye aye.

Hayden Covington: 59:54

It is very very It also has the potential to be very bad but that's like all things in tech, is you can do some really cool stuff if you know how to do it correctly or if you just like hit install and hit go, like you're totally screwed.

Corey Ham: 01:00:07

I just can't wait to I just can't wait to like, fish one of my clients through their AI that's on one of their employees Twitter account. Oh my god. Just can't wait. Yes. Like like, I'm gonna find it on I'm gonna find it somewhere, and it's gonna be so bad of just being like, hell, like, I'm gonna be able to commit to a GitHub repo that has one of my client's agents on it, and like somehow prompt inject their AI to like, get me their password or something.

Corey Ham: 01:00:32

Like, it's gonna be bad. That's what I'm thinking of. I don't know. Anyway, I feel like that's a good place as any to close unless anyone has final thoughts on that bomb that Ralph just dropped.

Rock Lambros: 01:00:44

Well, combine that with Anthropic's new constitution, right, which kinda says, hey, they kinda start hinting that Claude might actually be being. Right? They start anthropomorphizing it a little bit.

Corey Ham: 01:00:59

Yeah.

Ralph May: 01:01:00

It's a

Hayden Covington: 01:01:00

good for more users.

Rock Lambros: 01:01:02

Oh, no. Yeah. And by the way, this is clothed by c l a w e d. Right? You're gonna have to

Corey Ham: 01:01:10

ask a Someone posted it yeah. Yeah. It's a It's actually written in Rust, sadly. It's pronounced in Rust. It's

Hayden Covington: 01:01:17

a lobster. Yeah.

Corey Ham: 01:01:20

Yeah. As far as CTF winners for this week, we don't have them. If you won the CTF, we will be in touch. Unfortunately, Zach apparently has COVID, so he couldn't get us the CTF when

Wade Wells: 01:01:30

he's Talking about releasing medical records.

Hayden Covington: 01:01:34

If only he had a club bot we could tweet at, Nash.

Corey Ham: 01:01:37

I know. I know. Why don't yeah. We Actually, let me get in touch. I I I'll get my club bot on it.

Corey Ham: 01:01:41

I need you to hack Zach's My people will talk to your people. Oh, no. Just two Clodbots pooping back and forth forever? No. I can't do it.

Hayden Covington: 01:01:52

Imagine how much water we'll use. I'll let know.

Corey Ham: 01:01:58

You're just gonna this is just gonna you're no more credits. There's no there's no water war wars, it's just credit wars. It's like, who has the most credits? Who has the most vram? Like, oh my goodness.

Corey Ham: 01:02:12

Alright. Anyway, thank you all for coming. Awesome, man. Don't forget to check out Troy's webcast on or sorry, workshop on Friday. $25, you're gonna learn about network network forensics and have a bunch of labs and stuff.

Corey Ham: 01:02:26

That's awesome, dude. That is an incredible or you can pay him more. I recommend you pay him more. He's gotta fund that Claude code subscription. It's like an addiction at this point.

Rock Lambros: 01:02:33

It is. Total

Corey Ham: 01:02:35

He'd tip him some tokens, just like hook him up with an API key.

Ralph May: 01:02:40

Yeah. You don't have

Troy Wojewoda: 01:02:41

to learn anything, just ask the ask the AI to solve all the problems.

Corey Ham: 01:02:44

Yeah. Took

Hayden Covington: 01:02:47

his full length course like two years ago and it blew my mind. So I would very highly recommend anything he puts together, because you're like it's like you're talking to like Gandalf of Zeke. Like, it's very much like you're hearing from like this super wizard about this stuff.

Corey Ham: 01:03:03

For sure. Alright. Thanks everyone. We'll see you next week. Thanks Rock for coming.

Corey Ham: 01:03:08

Bye everyone. Thank you

Rock Lambros: 01:03:08

for having me.

Troy Wojewoda: 01:03:10

See you.