383: FBI Arrests Most Wanted Hacker! (Plus, Switch Game Leaks & Sega Sues!)

Episode 383 October 24, 2024 01:15:47
383: FBI Arrests Most Wanted Hacker! (Plus, Switch Game Leaks & Sega Sues!)
Technado
383: FBI Arrests Most Wanted Hacker! (Plus, Switch Game Leaks & Sega Sues!)

Oct 24 2024 | 01:15:47

/

Show Notes

The Internet Archive breach continues, the FBI caught their most wanted hacker, and LinkedIn may be purging user accounts (?!)...all this and more in this episode of Technado.

View Full Transcript

Episode Transcript

[00:00:04] Speaker A: You're listening to Technado. Welcome back to another episode of Technado. A reminder that you can use that code, Technato 30 for a discount on your it pro membership because Technado was brought to you by ACI learning the folks behind it pro. And that's what we do in our day jobs and we have quite a good time. I also wanted to just very quickly mention, because we were talking a little bit about, like, other podcasts and stuff this morning before we started, just stuff we like to listen to. A good friend of ours, Kathy Chambers, was on. She was on these two Cyber Chicks podcast brought to you by simply cyber. So we're not sponsored by them? No, just. We just like that. [00:00:37] Speaker B: We're just good friends. [00:00:38] Speaker A: Just good friends. So if you go over to, I think it's Gerald Ozer's YouTube channel, you'll be able to watch that as well. And it was a pretty good interview. So would recommend that check them out. [00:00:48] Speaker B: Five stars. Would recommend. [00:00:49] Speaker A: Would recommend. If I could leave them a review. I guess I can like, like the video, right? [00:00:53] Speaker B: That's all. [00:00:54] Speaker A: So I did. [00:00:54] Speaker B: That does help. [00:00:55] Speaker A: It does help. [00:00:56] Speaker B: So anyway, speaking of likes and speaking of subscribing and all that, we also have a like and subscribe button. [00:01:01] Speaker A: We do. [00:01:01] Speaker B: We do surround the bottom of this thing somewhere. [00:01:04] Speaker A: I noticed that we hit while I was gone, which I'm sure you missed me. We hit 160. So that's pretty exciting. Yeah. [00:01:10] Speaker B: Welcome back. How was Vacay? [00:01:12] Speaker A: It was good. It was vacation, but not really. I did get to see some family, but I still work. It's just I work outside of here. [00:01:18] Speaker B: So you gotta take vacation so you can go work. [00:01:22] Speaker A: That wasn't initially the plan. I scheduled a vacation like a long time ago, and then it was like, hey, you have an opportunity to do this thing. And I was like, okay. [00:01:30] Speaker B: You don't turn down opportunity when it presents. [00:01:32] Speaker A: Right? Exactly. So it's like, well, made a little extra money over the weekend, so that's not a bad thing. But yeah, it was good. But I'm glad to be back. I did miss. I missed being here. [00:01:40] Speaker B: Cause I like Ronnie's way prettier than you. [00:01:42] Speaker A: But yeah, I agree. I can't grow the facial hair like you can. You know, you guys were like, you. [00:01:48] Speaker B: Got a good stash coming in, but thank you. [00:01:50] Speaker A: Thank you. Yeah, I do use like an eyebrow pencil on it to kind of darken it. [00:01:54] Speaker B: Tom Celica. [00:01:55] Speaker A: I'm kind of cheating a little bit, but I'm hoping one day, one day I can catch up to you. [00:02:00] Speaker B: You'll get there eventually anyway. [00:02:02] Speaker A: I promise. [00:02:02] Speaker B: The cyber beard overtakes the cyber. [00:02:05] Speaker A: Yeah, that's true. That's true. We were Wild west. [00:02:07] Speaker B: Tell me I'm wrong. [00:02:08] Speaker A: Mostly, like, dudes with beards. Sometimes they've got shaved heads. So it's like, I'm looking for him at Wild west, and it's like, I have to sit for a while because I'm like that. No, that's not him. [00:02:16] Speaker B: That's not him. [00:02:16] Speaker A: No, no. It's like a bad sitcom. [00:02:18] Speaker B: Yeah. [00:02:18] Speaker A: Like a horrible sitcom plot. I just can't find him. [00:02:20] Speaker B: Like, they just cloned me. [00:02:23] Speaker A: There's enough geniuses there. They probably could do that. I promise. We do have some cyber news that we're going to talk about today. It's just I've been gone for a while, so there's a lot to catch up on, but. Yes. [00:02:32] Speaker B: What's your hurry? [00:02:33] Speaker A: What's. I'm sure people are going to be like, skip, skip, skip, skip, skip. [00:02:37] Speaker B: Time. Listen, there's a little speed knob down there somewhere. [00:02:40] Speaker A: There are podcasts where, like, the first three minutes is just ads, so just be glad that we're not at that point. [00:02:45] Speaker B: Yes. I don't know about y'all. I watch everything at at least 1.5, if not two x. [00:02:50] Speaker A: Your brain just moves too fast. [00:02:51] Speaker B: Well, I don't have time. [00:02:53] Speaker A: Yeah, yeah, I get that. [00:02:55] Speaker B: If I can listen at twice the speed, I can. I can, you know, basically take in twice the information in theory. Yeah. Right. [00:03:03] Speaker A: Yeah, you're right. That would work that way. Well, speaking of taking an information, let's get to it. We have got some fun stuff we're gonna get to today, and we'll start with one of our favorite segments. It's breaking news. Breaking news. Oh, wow. That wasn't. Was that a bat? That was nice. A tactical bat. [00:03:19] Speaker B: Yeah. [00:03:19] Speaker A: Okay, well, we got actually two breaking news articles today. This first one, we'll start off with a little bit of gaming news. Just keep it fun. Sega has filed a lawsuit. Not so fun. Against Memento Mori developer. [00:03:30] Speaker B: You called it Sega. [00:03:31] Speaker A: Oh, I'm sorry. Yes. We had a conversation about this. Is it Sega or Sega? And I think it is Sega. It is Sega because that's the little Sega. But I just got so used to pronouncing it the wrong way. Anyway, if you're not familiar with Memento Mori, it is self described as an AFK RPG. So an away from keyboard role playing game. I guess so. Yeah. Right. [00:03:51] Speaker B: That doesn't even make sense. How do you play a game if you're away from the keyboard. Is it a mobile game? [00:03:56] Speaker A: It is. It is. So it's on iOS and Android and stuff. But I went to the game's website to try to find more about it, and it's very, like, the characters or whatever are very pretty. Like, the animation style is pretty. It's like a watercolor type. But the girls continue to fight even when you're not playing. So it is like a, you can log out, do other stuff, and then you come back and it's like they earned such and such for you while you were gone. But it's also described as a gacha or Gacha game. And it basically means, like, you like those gacha. Gacha. Ga. Gatt. No g h a. Yeah, gacha games. But it's like, I guess it's like mystery boxes and stuff that you see in games where you pay a certain amount of money and you get a random item. Maybe it's crap. You don't know. So Sega has argued that some of these mechanics that this game employs, they have under patent that you are violating that. And so we're gonna come after you. But the developer of memento Morihood, as you can probably guess, is relatively small compared to a giant like Sega. [00:04:47] Speaker B: Are they. Is Sega saying that the developers of memento Mori stole their ip on how to do the mechanics in the game? [00:04:56] Speaker A: That confused me because I'm like, can you patent that? [00:04:58] Speaker B: Like, is that I can figure out if I'm a game developer, I feel like I'd be able to figure out how to incorporate other things from other games in my own way. [00:05:07] Speaker A: Yeah. [00:05:08] Speaker B: Without, like, breaking into your system and stealing all your ip and the code behind the. Behind the stuff. Right. [00:05:15] Speaker A: Sega has argued that, let's see, patent. Five patents that they own have been violated. And one of them, this is a different article, but I'm trying to find what the patent actually describes and this is the only place I could find it. It's like something to do with psychological. Yeah, conflicting psychological issues. A patent that includes a mechanic that helps to alleviate conflicting psychological issues that arise when gamers play titles that have low drop rates on items. So I guess meaning like, oh, well, I keep paying in and using this mystery box, but I keep getting crappy items and there's low drop rates for the rare stuff and that can have psychological, which I'm like, the fact that this is even an issue or the patent is insane to me. [00:05:56] Speaker B: That tells me if you play gotcha games or gacha games, whatever the hell they are. You should stop. [00:06:02] Speaker A: Probably. You probably should. So that was interesting to me, but I am curious to see how this plays out, because this isn't the first big lawsuit that we've seen even in the last few months, because Nintendo sued the developer of pal world. And it was a similar situation where it's a smaller developer, Nintendo, suing for a lot of money. And it's like, for Nintendo, maybe that's chump change, or for Sega, but for a smaller developer like this, if they lose this lawsuit, I think they're being sued for ¥1 billion, which is like six and a half million dollars. That would be like, a. Potentially a killing blow for a developer like that. [00:06:34] Speaker B: You know, it's funny. It's. It seems like they're these old school corporate types. They. They have a mentality of, you. You have to protect everything. And don't get me wrong, I think there is. There's still some element to that. You have to protect your ip and things of that nature. But why would you. Why would you want to keep someone from being able to make your game less psychologically effective? Or is that what they're saying? Or are they just saying that, like, we're trying to affect their psychology so that they'll buy more stuff? [00:07:05] Speaker A: And that's the thing. I'm not sure. It just says, alleviate psychological conditions, and that doesn't really. [00:07:11] Speaker B: Yeah. What does that mean? [00:07:12] Speaker A: One of the patents, to me, that. [00:07:13] Speaker B: Means, like, oh, you have a psychological problem. We're helping to alleviate that problem. [00:07:17] Speaker A: Yeah. [00:07:18] Speaker B: Excuse me. In the fact that, like, maybe this game is, like, causing you stress and that's why you're not dropping items. I don't know. I don't play these weird in purchase games. [00:07:28] Speaker A: That's the thing. This kind of a game is not. It's not really my thing. So I'd be curious to know if it's something that any of y'all out there are interested in. If you've played this game specifically, let us know. Maybe we've got something wrong. [00:07:37] Speaker B: I'm just an old curmudgeon that just likes to play a game that has a cool story with neat characters and fun gameplay. [00:07:44] Speaker A: And this game's been around a couple years, so I guess Sega is just now like, hey, hey, hey, no, no, no. You can't do that. One of the patents that Sega filed, like, a year ago was, it hinted at plans to introduce a prioritization system in games where paying more money would give you better treatment. And a lot of players were upset about that because it's like, well, that's not fair. So if you spend a significant amount of money in the game, well, then maybe we'll, you know, you'll get more rare stuff in your drops where it's supposed to be random. Supposed to be random chance. But what is this? [00:08:12] Speaker B: Are they like, celebrities now? Where. Yes, you're a millionaire, so here's a Cartier bag, you know? [00:08:17] Speaker A: Right. Yeah. So it's that by itself, the patents themselves are a little like, eh, that's a little odd to me. But then you have to come after a smaller developer. Like, this is just like, do you have nothing better to do? [00:08:27] Speaker B: Just stinking. So in cyber security, we've seen a real big shift, and that's kind of where I was going before and kind of got derailed. Big shift in the idea that there's enough on the table for everybody. [00:08:38] Speaker A: Oh, yeah. [00:08:39] Speaker B: And we can all just be friends and promote each other and that the. What did they say? The rising tide lifts all boats. [00:08:46] Speaker A: Yes. [00:08:46] Speaker B: Right. So let's all just take advantage of that. And not that you shouldn't have intellectual property and. And, you know, your cool trade secrets, but why try to trounce on someone? It's hard to say. Like, I'm going to put an intellectual patent or patent on a process. [00:09:06] Speaker A: Right. [00:09:06] Speaker B: Or an idea. Yeah. Can you do that? I mean, I guess you can, but. Yeah, I don't think that's right, though. [00:09:13] Speaker A: These developers could very easily have just, without even realizing it was a Sega thing, just be like, oh, this would be cool. And then it's like, we own that. Huh? What? Interesting. [00:09:21] Speaker B: How do you own that? And I guess, like, owning math. You can't own math. [00:09:27] Speaker A: The idea of, like, being pretty intense about protecting your patents or whatever. You've kind of talked before about how, like, Nintendo's pretty intense about this and that. Maybe it is a. It's a thing in, like, japanese business practices that you just don't have. You don't tolerate that kind of stuff. And Sega's based in Japan as well, so that's true. Guess that could be part of it, but makes sense. It'll be interesting to follow this and see where it ends up, and hopefully they're able to reach a conclusion, settle, shake hands like friends. [00:09:48] Speaker B: Ultimately, I don't care. [00:09:51] Speaker A: Ultimately, yes. [00:09:52] Speaker B: You know what? I hope they don't squash the little guy. [00:09:54] Speaker A: Sure, sure. I like innovation and. [00:09:56] Speaker B: Right. Because that's. That's anti competitive, and I'm definitely against that. [00:09:59] Speaker A: Yeah. Not that I don't like Sega, but come on, let somebody else have a chance? [00:10:02] Speaker B: Yeah. [00:10:02] Speaker A: We have another breaking news article that Daniel had brought up because he actually was affected by this in some capacity. LinkedIn confirmed that there was a bug causing a quote unquote, follower purge, but it's now been resolved. So I didn't really notice because I don't have a ton of followers to begin with, and I don't check it very often, but Daniel's got a decent following on LinkedIn. And you said you noticed that there was a drop by, like a couple hundred. [00:10:24] Speaker B: Yeah, it was like, maybe a little over 200 followers. Probably like 230 followers. [00:10:29] Speaker A: Right. [00:10:30] Speaker B: And so. Yeah, right. Yes, yesterday. I'm just doing, you know, doing my LinkedIn. It's part of my job. It's part of my business. So I'm looking at my LinkedIn, and one of the things I like to check is, how's my follower count doing? Am I increasing my losing followers? Am I still relevant in this space? So I notice, I'm like, hmm, that seems lower. I thought it was. I thought it was here. And I guess, and literally just thought I must have misremembered or I read it wrong, totally put the blame on myself. And then as you kind of sit there and you go, why did I so strongly think in my mind that it was higher than it is now by a bit? [00:11:14] Speaker A: I'm not making that up. [00:11:14] Speaker B: Yeah, that seems like quite a little chunk. And then, of course, my first thought was, well, maybe LinkedIn is doing, like, getting rid of bots, fake accounts, inactive accounts, things like. Right? Inactive accounts. And that's why I'm like, okay, that would make sense. That must be what it is. Wake up this morning, look at this article here from Techcrunch, right? And LinkedIn confirms the follower purge was just a bug that's now resolved. I'm like, hey, that's the thing. And of course, as you read through, and it's exactly the same ideas, everybody thought the exact same thing. Okay, I didn't. I must have not seen something because I didn't think it went down. We weren't reporting people saying that was by the thousands or the tens of thousands. It was like if at most you were seeing a couple of hundred, a few hundred that you were down. So it could easily be like, big. [00:12:09] Speaker A: Enough amount to notice, but small enough that you could justify it by saying, like, oh, it must be a purge. [00:12:13] Speaker B: And then go, oh, yeah, well, they must be purging out all these, all these accounts. So if you're looking at your LinkedIn following, and you were like, hey, my LinkedIn follower count's a little low today. [00:12:24] Speaker A: It's not you. [00:12:25] Speaker B: Yeah, it's. It's not you. It was everyone. Well, a lot of people, anyway, on LinkedIn. And here. Here's the thing, though. LinkedIn is, isn't. It's a very important social platform, right? As far as this is where you go to kind of make a name for yourself in your space in business, it has become that platform where. That's where you go to kind of like, go, hey, if I want to be someone that is making a difference, being a voice in my space, I got to be on LinkedIn, and I got to be interacting and engaging with people through LinkedIn. So when you take a hit on followers that could maybe, in the public perception, go, whoa, you know why their following counselor dropped so much? You know, you're not. And of course it was a couple hundred. What if this was a couple of thousand? What if this bug, and I'm guessing that's exactly what it was, was a bug? Because I woke up this morning and looked at my follower count, and they were back up to normal. So they did fix whatever the problem was. It was just interesting that, like, remember, if you are engaging in social programs, social media, like LinkedIn, you know, if you got a YouTube channel, if you've got, you know, a good Twitter account, x account, or whatever the case is, they. If you're putting all your eggs in one basket, you got to diversify, yo. Yeah, right? Remember that when it comes to building your brand and building a following, being a voice in your space, that if things like this happen, they can really affect you. I remember Ronnie one time got. He got, like, a hard strike or something. [00:14:11] Speaker A: For what? [00:14:12] Speaker B: Yeah, they said that. So Ronnie was doing, like, a Q of the D. You familiar with Q kind of thing? And that was his thing. Every day he got up and he posted a question. It was all because he's all in the networking space, Cisco. And they said it was spam. [00:14:26] Speaker A: You know what? Now that you're mentioning that, I remember him posting those, and I have not seen one from him in a while. [00:14:30] Speaker B: And Ronnie was like, Ronnie was doing really well on LinkedIn. We had Ronnie on last week, and then it gutted him. [00:14:37] Speaker A: Wow. [00:14:38] Speaker B: It gutted him. He went from thousands of views per till maybe a couple of hundred because they d. They devalued his content in the algorithm. These algorithms, man, they're finicky, and they change them. It's very difficult to stay on top of that game if you're using social platforms. And honestly, it's kind of how business is done nowadays. Even if that. If you're not like a social media influencer, you're just a business. Like, maybe you've got a small business and you're trying to promote your business. You go on these social problems, they give you a soapbox to be able to stand on. And when little hiccups like this happen or they change their algorithm, it can really hurt you. [00:15:18] Speaker A: And, I mean, in Ronnie's case, there's a guy that is a real person, first of all, and genuinely trying to help others, trying to bring value to the community. And he's the guy that gets got by this. [00:15:27] Speaker B: And he straight up, like, went through every possible avenue of request to resolve it. Yeah. And they were like, sorry, you're spam. [00:15:34] Speaker A: Whereas you see other accounts that maybe are pretty genuinely straight bots or spam or whatever, and you can report, you know, there have been accounts before on LinkedIn or otherwise, that it's like. I'm like, oh, that's very obviously spam. Or I'll get, like, a message from them that's clearly fake, or it's a bot, and you go to report them and it's like, yeah, this account doesn't violate our guidelines, so we're just gonna let them keep doing what they're doing. And I'm like, but this is clearly. But then you see a guy like that that gets got by it, and he's just trying to do. [00:15:56] Speaker B: Yeah. [00:15:56] Speaker A: Do his best. So that's unfortunate. It's not. They're never perfect. [00:15:59] Speaker B: It is. It is unfortunate. That said, follow me on LinkedIn, Daniel Lowry and YouTube. Yeah. [00:16:05] Speaker A: And Instagram. [00:16:05] Speaker B: Subscribe. I am also on Instagram now. Yes. [00:16:08] Speaker A: You do have a presence. [00:16:09] Speaker B: I have. I have a small, but yes, but steadily growing press. [00:16:13] Speaker A: Not ex, though. [00:16:14] Speaker B: Not there yet. Not there yet. [00:16:16] Speaker A: Maybe. [00:16:17] Speaker B: It's probably in the future. [00:16:18] Speaker A: Yeah, yeah, we'll talk. [00:16:19] Speaker B: I only got so much time today, man. I give all these stinking platforms. [00:16:21] Speaker A: I know. [00:16:22] Speaker B: Hootsuite and all these other stuff, like, busy, busy guy. I already got a full time job. [00:16:29] Speaker A: Well, hopefully, if you did see, you know, an issue with your LinkedIn followers, this is a good explanation for you, and now you understand why. And it's good that they resolved it. They didn't provide, really, an explanation as to what exactly happened. They just said, we fixed it. [00:16:41] Speaker B: Someone effed up, we fixed it. [00:16:43] Speaker A: Don't worry about it. There is no war in ba sing se. Don't look in our direction. Fine, we'll move on. [00:16:47] Speaker B: Though. [00:16:47] Speaker A: That's our breaking for this week. We've got several other articles, though that we're going to get through. That happened throughout the week while I was gone. First up, we've got beware fake Google Meat pages. Deliver info stealers in ongoing click fix campaign. [00:16:59] Speaker B: Well, that m e a t. Google meat. Google meat. [00:17:04] Speaker A: Well, they do. Didn't mark Zuckerberg call it like meat? Space is like, oh yeah, yeah, yeah. As opposed to meta. So, hey, we're not that far off. [00:17:11] Speaker B: Google is now selling quality pork chops and brief briskets. [00:17:16] Speaker A: It's those little squares of like supplemental. [00:17:19] Speaker B: Whatever, vacuum sealed I. All free range. And all these sellers nowadays, Moink and butcher box. [00:17:28] Speaker A: Oh yeah, yeah, yeah. Google's getting in on the meat. [00:17:31] Speaker B: Yeah, Google's getting in on it. They're horning in on that business. [00:17:33] Speaker A: Well, even beyond that, that was quite a headline. So thread actors are leveraging fake Google Meet m e e t web, which I guess is like Google's version of Zoom, probably teams or whatever. As part of an ongoing malware campaign, they've decided to dub that click fixed to deliver info stealers to Windows and macOS systems. So how exactly. I mean, I know, Daniel, you probably are able to kind of break this down better than I am. How exactly does this work? [00:17:55] Speaker B: So what they're doing is they're using the browser to have you click on. So what it does is you get sent to a page or whatever, and the browser pops up and says you have a problem with x, y or z thing. Click to fix. This is why they call it click fix. You click on the fix it button. What it does is it copies a malicious string to your clipboard, and then they tell you, they give you instructions that says click start, go to run, or command r, whatever it is that they tell you to do to get to the run box, paste this in, and hit go. And what it is is a Powershell command that's been obfuscated through, like, base 64. So you don't see what it is, you don't have any clue, and it then drops malware. So they're doing this to bypass any defensive mechanisms, right. Because if they tell you click the link, download this, and it has malicious stuff in it, there's a non zero chance, and probably an even a decent chance that any security systems they may have installed will queue on and go, oh, yeah, I. Yeah, that's not what we do here. And put the kibosh on it and stop it and cold in its tracks. So they're like, how do we get around these damn defenses getting better every day? I know. We'll just have the user do it. Yeah, so they've become, this is basically an ingenious way to get grandma to click on something that she thinks is good. And honestly, let me, let me show you. You scroll down in here. [00:19:31] Speaker A: They do some typo squatting here. [00:19:33] Speaker B: Yeah. If you look into my computer here, we've got a couple of samples of what this looks like. Here's Google Chrome. Something went wrong while displaying this webpage. There was an error during the latest update or browser version causing this webpage to malfunction. Follow these instructions to resolve the issue clip. Click the copy fix button below. Right click on the Windows icon, select Windows PowerShell admin right there. I don't know if you can see this is pixelated hard, but right click within the open terminal window, wait for the update to complete, and then refresh the page. So we see another one for Facebook. Here's another one for. It just looks like a two fa or, I'm sorry, a captcha. Thank you. Yes. And then here's one for PDF. Simply. Right. So they're hitting with all these different types of fake pages that have this fix it button on there. Oh, you've got an issue. Right. And they gave us a whole list up above of some typo squatted URL's. [00:20:30] Speaker A: I think my favorite is meet Googie. [00:20:33] Speaker B: Oh, there it is right there. Meet dot googie.com join right dot us. I mean. But again, think of who this gets targeted to. Not maybe not. The cybersecurity sure initiated grandma and grandpa out there. It's, it's, you know, moms, it's secretaries, it's, it's just regular people. [00:20:56] Speaker A: They're trying to go about their day. They're not thinking about that stuff, and. [00:20:58] Speaker B: You'Re not paying attention. Even someone that knows a bit about cybersecurity could pop these things pretty easily. I mean, typo squatting gets really creative. [00:21:06] Speaker A: Well, if you don't know off the top of your head what the official URL is, I mean, meet Google us join doesn't look, it's not the most illegitimate URL I've ever seen, right? [00:21:14] Speaker B: No, it's pretty good. [00:21:16] Speaker A: It's pretty convincing if you don't already know what the URL looks like, or if you don't think to double check. So I could see somebody. [00:21:21] Speaker B: Googidrivers.com. [00:21:23] Speaker A: I do think the Googie ones are my favorites. But if you're just looking at it at a glance, look like an l. You don't know. So, you know, just these evil people. [00:21:32] Speaker B: Take malware and then you're totally hosed. So I think this has been being used by initial access brokers. And if you're not familiar with initial access brokers, they are basically entities and even small organizations that get together to go, hey, are you looking to gain access to a certain organization? We got you covered. Pay us some money and we will give you access to those systems which we already have. You basically pay to play. And then bada bing, bada boom, they give you creds, they give you access. Maybe you funnel through their systems for the access to X, Y and Z organizations. And now you can start doing whatever it is you want to do. Yeah, so, so it's like, it's this whole, it's the upside down for business. Yeah, right. It is. Stranger things. The upside down where everything on the other side is the opposite of what we have here. Where you have, oh, I'm going to start a business and HR department and, you know, marketing and sales and blah, blah, blah. They have the exact same stuff. Maybe not HR. Right. [00:22:36] Speaker A: We're going to commit crimes. But don't you harass somebody in the office. [00:22:38] Speaker B: Listen, we heard you were talking politics. [00:22:41] Speaker A: That's not good. [00:22:42] Speaker B: We don't do that here because it makes people feel bad. [00:22:45] Speaker A: You should be focusing on sim swapping. Okay. Yeah. [00:22:47] Speaker B: When's the last time you sim swapped? Today. [00:22:51] Speaker A: Wonder if they, I wonder if you have these big, like cybersecurity gangs or whatever, if they ever, like, fire people and not necessarily. Cause they're not good, but if it's just like, eh, you're just not a. [00:22:59] Speaker B: Good culture fit, you know, in a weird way. Yes, they do. Because they'll have, like, falling out, right? Like somebody will get pissed because. Or one of the other gang members will, you know, there's no honor amongst thieves and they'll rip them off. [00:23:16] Speaker A: Interesting. [00:23:16] Speaker B: And then go start their own thing. [00:23:18] Speaker A: That's pretty funny. Yeah, I mean, like it, you know, I can't really feel bad for him because it's like, right, you're doing crime. [00:23:23] Speaker B: Yeah. Quit breaking the law, asshole. [00:23:27] Speaker A: What is that from? [00:23:28] Speaker B: That's from liar. Liar. Oh, so and so is on the phone. He's been arrested. He needs your legal counsel again. He grabs the phone, he's like, stop breaking the law. [00:23:40] Speaker A: Oh, man. That's, that's a good lesson. [00:23:41] Speaker B: Funny movie by seeing that. Highly recommend. I roll. I was roaring with laughter at that movie. I saw that in the theater when it came out and it. I was. I was laughing so hard. I was. It was making me come out of my seat. [00:23:57] Speaker A: This is one where he has to. He, like, gets cursed, whatever. He has to tell the truth all the time. [00:24:01] Speaker B: Has to tell the truth. It is. It's immensely hysterical. That is, if you're not a Jim Carrey fan, that movie would make you one. [00:24:09] Speaker A: Oh, okay. I'll have to check it out. [00:24:11] Speaker B: So funny. [00:24:12] Speaker A: But yeah, if that's a good lesson. Don't break the law. Quit breaking the law. If you are one of the folks that's using these kind of tactics, it's no bueno. Stop doing that. [00:24:20] Speaker B: Be nice to people when you do that. [00:24:21] Speaker A: And to your point, I mean, yes, of course, the elderly or folks that are maybe a little older, not exactly cybersecurity initiated or whatever, would be the prime target for this. But I was talking to a friend of mine the other week that he's maybe in his early twenties and got one of these, like, spam texts that was like, hey, we found your profile on LinkedIn. We think you'd be a great fit for this job. We just gotta ask you some questions for me immediately. Several red flags. If they found you on LinkedIn, why. [00:24:45] Speaker B: Don'T you reach out on LinkedIn? [00:24:46] Speaker A: Reach out on LinkedIn. If they found you on LinkedIn, they should already know your job history, so why are they asking you about it? And your phone number's not on your LinkedIn, so how did they connect the dots? None of this makes sense immediately to me. That's like, oh, blocked and reported. No, and this is a guy that's. It's Gen Z. He grew up on the Internet. You would think people think, all these young people, they're so savvy. But even somebody that is pretty technically savvy when it comes to, like, you know, he can do everything on his phone, whatever. This kind of stuff, the social engineering, it can get anybody. [00:25:13] Speaker B: Yep. [00:25:13] Speaker A: I mean, that's. Nobody's immune to that. So just a. Just an interesting thing. And if you've been the victim of a social engineering scam or whatever, sucks. You know, it sucks. Learn from it. But don't feel too bad, because lots of people can. Can fall victim to it, so. Well, speaking of scams and victims and everything, we've got a little bit of a fun segment that we're gonna talk about. Revisit some stuff that I think you and Ronnie talked about last week. And so we're gonna make this a deja news. [00:25:38] Speaker B: Deja news. [00:25:43] Speaker A: I thought you were about to do the Beyonce, single ladies, us. [00:25:46] Speaker B: Basically where I was. [00:25:47] Speaker A: Okay. Okay. Well, props. [00:25:48] Speaker B: It's kind of hard with the table. [00:25:49] Speaker A: Yeah, that's true. We'll have you make that up later. So the Internet archive breach at the end. [00:25:54] Speaker B: I'll just. Single ladies across. [00:25:56] Speaker A: That's our outro. We slowly fade out. So the Internet archive breach, you all talked about this, I think, last week, and, oh, boy, it's far from over. So the poor Internet archive, their troubles are not over. There was DDoS attacks that were happening. Defacement. And there was an email that was recently sent, supposedly via its customer service platform. And the message. Let me scroll down, see if I can pull this up. The message that is attached to it is very clearly not from the Internet archive team. So it's basically just saying, like, well, even after being made aware of the breach two weeks ago, they have not done their due diligence. They didn't rotate their API keys, so we still have access. You were trying to ask a question or request the removal of your site from the wayback machine, but now some random guy has your data basically saying, ha ha ha. And the Internet archive needs to get their crap together and whatever. [00:26:43] Speaker B: So I don't know what's going on over there. [00:26:45] Speaker A: Planted a flag there, and they thought that they had maybe resolved some things and closed some doors and whatever, and they forgot to rotate some keys, I guess. [00:26:51] Speaker B: And so, you know, I don't have access to. Maybe I could call these people and they'd give me access to the probably Internet archive. But depending on how many assets you have, an Internet archive is a fairly large system. So it's. It's quite possible that they overlook some things. Yeah. Well, I bet they're doing it now. [00:27:14] Speaker A: Oh, yeah. Well, I would hope. Right. That's always how it goes, isn't it? [00:27:17] Speaker B: Yeah. [00:27:17] Speaker A: The budget for your cyber security is low and all this stuff. Until something happens. [00:27:21] Speaker B: So here's the thing. You know what this tells me is that asset management is piss poor over the Internet archive, right? The fact they didn't know that there were API keys that did not, so that therefore they were not rotated. Honestly, I'm hoping that that is the case. The best case scenario is that these are overlooked, forgotten keys that give these attackers access to their system. And now they know about it, and now they can rotate them. Right. Worst case scenario is they just hit the phone it in button and we're like, oh, it's probably this. [00:27:58] Speaker A: Yeah. [00:27:58] Speaker B: And now we fixed that. [00:28:00] Speaker A: Well, it seems to me like whoever's behind this, they're not exactly. You know, you see some attacks where it's like, they're trying very hard to, like, stay covert and whatever. [00:28:08] Speaker B: Sure. [00:28:09] Speaker A: But when this first happened, there was that pop up that would appear on the site when you logged into it, and it was like. It says, have you ever felt like the Internet archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See you on how I've. Have I been pwned? And then in this case, the message that went out, it was the same thing where it's like, hey, look, we're still here. So they're not really concerned about, like, no staying covert. They want you to know. Yeah, we're here causing problems. [00:28:33] Speaker B: Yeah. Which is interesting because they appear to be hacktivists of some kind. Yeah, palestinian hacktivists or something like that. You would think they would want to continue to have access to deface or do whatever they want to do to bring. I mean, technically, this does bring some, you know. [00:28:51] Speaker A: Yeah. People are looking, I guess. [00:28:52] Speaker B: Right. So it garners attention. [00:28:55] Speaker A: The little message at the end throws me a little. Here's hoping they'll get their shit together now. Like, oh, so are you, like, is this supposed to be like you're teaching them a lesson? Like, hey, you need to fix your infrastructure, and you're not doing this right. [00:29:05] Speaker B: If that's the case. They're almost working like gray hats in some way. [00:29:08] Speaker A: Yeah. [00:29:08] Speaker B: You know? [00:29:08] Speaker A: Yeah. Like, I'm not gonna steal your info, but they did. [00:29:12] Speaker B: Or did. So I don't remember now. Did they steal and exfiltrate 31 million records or whatever it is? [00:29:17] Speaker A: Well. [00:29:18] Speaker B: Or do they just have access to it? [00:29:19] Speaker A: The message that they left initially that said, see you on have I been pwned? Would lead you to. [00:29:25] Speaker B: Leads me to believe that they expelled some data. [00:29:26] Speaker A: That was at least the plan. Unless they were bluffing. Yeah. DDoS attacks, defacement and data breach. Some of its it assets remain compromised, but nothing specific. Oh, okay. Separate threat actor managed to compromise and exfiltrate the organization's user database, which they shared with. Have I been phoned? So, they did exfiltrate some of those records and share them. [00:29:45] Speaker B: Yeah, I couldn't remember. And then there was the DDoS attack. Like, they just got. [00:29:48] Speaker A: They got targeted, which is interesting, because. And I don't want to edge too much into tinfoil hot territory, but you think about the Internet archive, and it's like the wayback machine gives you the opportunity to go back and look at these web pages from months or years ago. And in the age of, like, well, you can just change information at the click of a button. Articles can get edited and like, it just is interesting that a source that gives us access to all. You know how in the. I don't want to get too close to this, but you know how. [00:30:16] Speaker B: Screw it. Go for it. [00:30:17] Speaker A: You know how in 1984 he works for the mystery of truth or whatever, and he's. Changes history. Yeah. So it's just like. I'm not saying that's happening, but if. [00:30:25] Speaker B: It was a comment in our last week's video. [00:30:27] Speaker A: Really? [00:30:27] Speaker B: Yeah. That exact thing. [00:30:29] Speaker A: So I'm not alone in maybe having this idea that. I'm not saying this was happening, but if it were, what was happening, I don't think there'd be much that was different about. [00:30:38] Speaker B: Oceana has never been at war with. [00:30:41] Speaker A: So it's just like this. The fact that an archive like this is under attack is inaccessible. Whatever. It's a little. It's mildly concerning, that's all. I'll say. It's mildly concerning. So I'm sure my mom will pop in the chat. Like, you're right. She's gonna. She'll be behind me on this. I know she will. [00:30:54] Speaker B: Hat on. [00:30:54] Speaker A: I know she will. She'll be like, she's already done the research. [00:30:57] Speaker B: It was funny. I think somebody even commented, I mentioned the tinfoil hat and how they used to be made out of tin and like, wouldn't that be heavy? And it's like it was tin foil, right? Not. Not tin. Tin foil. Very thinly pressed. Yes. It used to be. So aluminum now. [00:31:15] Speaker A: Yeah, aluminum foil. So just not the same. Right? Yeah, you just can't. They just don't make foil like they used to. [00:31:20] Speaker B: They just don't. They don't. Yeah. [00:31:21] Speaker A: Back in my day, we had better foil. That's the way it was when I. [00:31:25] Speaker B: Made a tinfoil hat. Damn it. It stayed on. [00:31:28] Speaker A: They protected us. [00:31:29] Speaker B: It stopped the alien brainwaves. [00:31:33] Speaker A: Well, anyway, before we get, like, we get, like, a strike from YouTube or something, we'll move on from our deja news segment. [00:31:41] Speaker B: Bring it, YouTube. [00:31:42] Speaker A: This one? Yeah. Let's see what you got. I'm just kidding. Please don't hurt me. [00:31:46] Speaker B: You ain't got the stones. YouTube. [00:31:49] Speaker A: Bold. Bold. They're going to take that as a challenge. [00:31:52] Speaker B: That's right. [00:31:53] Speaker A: We've got an article here about an acquisition of a company called Offsec. Little company you might have heard of. I know I have leads. Equity partners has acquired offsec. And I'm curious, Daniel, what you think this might, you know, you see acquisitions and mergers and stuff all the time. It seems like in the world of tech, you do. We're no strangers to that. Right. And so, you know, there's varying outcomes to those kind of things. But one of the things that sometimes comes up is, like, if you've got, like, Microsoft, they acquired, like, Activision and Bethesda and all these companies. And so it's like, well, now Microsoft kind of runs all this stuff and does it quash competition? Does it help? So in this case, the acquisition of this company offsec, what do you think that's going to mean for the cyber security space? [00:32:29] Speaker B: So it's probably going to mean, and if I'm just basing this off of limited information, my experience this is, well, they've already kind of started the initiation process. This is the next step. That's unfortunate in that, and I'm not saying that that, like, it's been a long time since I looked at their, their training. [00:32:52] Speaker A: Sure. [00:32:53] Speaker B: Like quite, quite a while. So I don't know where it stands in that. I just hear a lot of chatter around people saying the juice isn't worth the squeeze anymore when it comes to offsec. I'm sure they still make really good training. But again, I don't know. I will say this. They've become one of the more pricey players in this space where there is other training out there that's similar, much less price point labs, videos, the whole nine yards that try to hi. I make training for her, like, teach you pen testing, teach you offensive security skills, and it's nowhere near their price. Now, I don't offer a certification. Our company doesn't offer certification. So they got certification behind that. But then it becomes like, well, so, see, offset made their, made their brand basically on creating the first certification that's focused on hands on skills. To get their certification, you had to do the stuff in some realistic capacity. It wasn't an ABCD test and all that other jazz that you see in other certifications. So that's where they shined. That's where they were like, whoa, we finally have arrived. And now it's not, I'm just bad at taking tests. It's, hey, here's an environment hack. If you can hack, you'll pass. If you can't, you won't. It was very CTF as far as, like, it was kind of like puzzles and there were rabbit holes and that, and then that you can criticize them for that. And our whole try harder idea. That's cool. You can agree with that philosophy or not. I think there's some validity to it. But I feel like this, where they're taking investor money, it's going to start being, if it hasn't already, all about profits. It's going to be bottom line. And I hope it's not the case. I hope because their certification has been kind of like the gatekeeper to Hrtaine. Right. If you've got OSCP, then that. That one has kind of taken the lead. They are the gold bar. The gold or the brass ring, whatever it is for. If you've got OSCP, it's a really good possibility. You can find work, at least get interviews. Right. It has been the case. Anyways, anecdotally, I haven't done like a research study. [00:35:26] Speaker A: Sure. [00:35:27] Speaker B: Right. But from what I've seen on how, what happens when you start taking private equity? Right. When you start taking investors, you now have a board. They didn't get into the business of working with you because they like offensive security. They did it because they see profits in the future. That's what they are in business to do is make money. The people that invest their money into the private equity firms do it to make a profit. So they're going to start. You're going to start seeing a more profits push in their content and their training, like, get it out faster, be first to market, be this, that, the other. And with that, a lot of times quality suffers. Like I said, this seems like it might be the next step in the insurfication process, which I hope it's not. I hope it's not. I hope that. That they take this money and they make a badass product that people love and continue to rely on. That if you have that certification, has super value. So I've got my own opinions about certifications in general, but, yeah, that's my hot take on this. [00:36:33] Speaker A: I also love that anytime a big organization acquires a smaller one. Right. Buys it out, whatever, they always describe it as, like, we are so proud to partner with. And I'm like, is that. That is an interesting way to phrase that. Is that really what we would call it? A partnership is equal. Right. [00:36:49] Speaker B: Right. [00:36:49] Speaker A: And if you're being bought by another company, acquired or whatever, probably that bigger company has the final say in everything that you do. And so they have the free will to then, well, we're gonna cut this department or we're gonna change the way. [00:37:02] Speaker B: Because you changed the dynamic. You've now said, like when you were on your own, you got to say, this is what we think is gonna be awesome. It's gonna make and cool. It'll make us money, but it's gonna be awesome. It's gonna be good for the community. It's gonna be x, y, or Z. Right. Cool. Now, when you take on those business partners, they go, prove it to me. And you're cool to do it as long as it makes money, right? If it doesn't make money now, we're coming in because you said we were going to make money. We didn't make money, at least not as much, because you have to project, like, these are our projected profits for the quarters and the year, the fiscal year. You got to worry about EBITDA and all this stuff that comes into play. Yeah. Not that they're not worried about it now, but it's just nothing. It's. It's a focus. They want to make money. That's why they got in a business. That's cool. But they also were probably passionate about cybersecurity, whereas your private equity firmness is like, I don't care. [00:37:59] Speaker A: Yeah. [00:37:59] Speaker B: I just want to make money. This looks like a great way to make money. So cool. I'm on board. Let's make money. And they could easily have sold them a bill of goods on, like, oh, yeah. We are super passionate about cybersecurity. It's super awesome. And just the wave of the future. You guys are killing it, right? We want to come in and just give you the stuff that, you know, money. We're gonna give you money so that you can just grow this business. It's gonna be amazing. We're gonna be the tip of the spear. They're gonna. They're gonna throw out all this stuff, and in the back of their minds, like, mess up one time, see what happens. [00:38:30] Speaker A: Yeah. [00:38:30] Speaker B: Make one misstep and see what happens. We come in and go, well, now that you've proven that you don't know what you're doing, we're taking over. We're taking over. [00:38:38] Speaker A: So, hopefully, it ends up being mutually beneficial. Of course, we don't want them to fail, fail. But something tells me leads equity will make money off of this either way. And offsec hopefully doesn't end up being. [00:38:48] Speaker B: Parted out and sold. [00:38:50] Speaker A: Hopefully it doesn't end up becoming a casualty in that. We wish them all the best, I think. Do we think we have time for one more before our break? [00:38:56] Speaker B: What are we at? We're on five. We've done five. This is our fifth. [00:38:58] Speaker A: That was four. So this next one will be five. [00:39:00] Speaker B: Oh, okay. [00:39:01] Speaker A: Really? [00:39:01] Speaker B: 12345. I'm on five leads. Equity says it's number five. [00:39:05] Speaker A: Oh, really? Maybe I don't know how to counterme. You know what? You know what? You're right. Because we added another breaking show. Right? All right, so you want to take a break real quick? [00:39:11] Speaker B: Let's take a break. [00:39:12] Speaker A: Let's take a break right at 40. [00:39:14] Speaker B: Anyway. Let's usually take a break. [00:39:16] Speaker A: Yeah. I'll chug my celsius. And we'll be right back with more cyber news here on Technado. Hey, I'm Sophie Goodwin, edutainer at ACI learning and subject matter expert for our new course, cybersecurity fundamentals. If you're new to cybersecurity, this is the course for you. Anyone from high school students to professional switching careers. These episodes are designed for you as an introduction to essential security terms and concepts. So we'll walk through security principles, governance, risk and compliance, access controls, threats and attacks, incident response, network security, and we'll look at some best practices for security operations. Security doesn't have to be scary. Check out cybersecurity fundamentals in the ACI learning course library. [00:40:02] Speaker B: There's a new CCNA in town. And here at ACI learning, we've got you covered with a brand new CCNA version. This course covers the theory that you need to succeed as well as the. [00:40:18] Speaker A: Practical, hands on application of technologies you're going to learn. [00:40:23] Speaker B: Network fundamentals, network access technologies IP connectivity, IP services. Don't waste any more time. Get signed up for the new CCNA. [00:40:36] Speaker A: Here at ACI learning. Welcome back. Thanks so much for sticking with us through that break. We had a chance to stretch our legs. I chugged the rest of my celsius, as you can see. Cause it's gone. [00:40:51] Speaker B: I have a little bit of them. [00:40:53] Speaker A: He's got a little bit left to carry him through. [00:40:54] Speaker B: The rest of the big purple monster left. [00:40:56] Speaker A: We do have. We do have still, I think about five stories that we want to jump through. But if you're enjoying the episode so far, we'd love it. If you left a like comment, let us know what you're enjoying, what you want to see in the future and subscribe so you never miss an episode in the future. [00:41:06] Speaker B: And I always say, if you. If you don't like what you see, hit that like, button and subscribe so that you can hate on us. [00:41:11] Speaker A: And. [00:41:11] Speaker B: Yeah, because we hate it when we. [00:41:13] Speaker A: Tell us exactly how much you don't like us, leave a bunch of comments. [00:41:16] Speaker B: That like, will let us know your anger and vitriol. So. [00:41:19] Speaker A: And next week's episode. Next week's will air on Halloween, and I will be dressing in a form of a costume. So I'm curious what your guesses are. Guess what I'm gonna dress up as. I will say it is cybersecurity related. [00:41:29] Speaker B: Okay. [00:41:30] Speaker A: It's a. Yeah, cyber security related. [00:41:32] Speaker B: You're a giant lock. Mm hmm. [00:41:33] Speaker A: Last, a couple years ago, I went as the dark web, and I just wore, like, a black sweatshirt and put cobwebs all over me and a headlamp on or whatever. So anyway, it's not that, but curious as to what your guesses are. So we'll go ahead. And speaking of Halloween, scary stuff. AI. Yay. My favorite thing. There's a new AI tool to discover zero days at a large scale with a click of a button. So this is actually, this is the kind of thing that I see, and I'm like, there we go. That's how we should be using AI. [00:41:58] Speaker B: Now we're doing it. [00:41:59] Speaker A: Now we're talking. [00:42:00] Speaker B: Hold on. Is it gonna take our jobs if it can find all the zero days, right? [00:42:04] Speaker A: Hopefully not. Hopefully, it just alleviates the job of, you know, people that hunt for vulnerabilities. [00:42:10] Speaker B: Birdie eye to the ground. You gotta stop it from taking over. [00:42:13] Speaker A: Yeah. Get your resume ready. So it's called. [00:42:16] Speaker B: Yeah, I took it. [00:42:18] Speaker A: So it's called vulnhunter. It is a static code analyzer that uses LLMs, and it discovered a dozen zero day vulnerabilities, over a dozen in popular open source AI projects on GitHub. So it seems like it's got a promising future, maybe. [00:42:31] Speaker B: Yeah, definitely. I mean, it was actually bsides this past weekend and was listening to Jason Haddix actually got a good chance to talk with Jason quite extensively. We went to lunch and had a good hangout, and his talk was all about basically doing what this tool does. He has built his own AI tools for finding and exploiting zero days for bug bounty or whatever. And so it's like, wow, this is really where this is going. Apparently, this is going to be the new thing, and now we all can have a chance to try it out ourselves with something like Vulnhunter to get out there. What it tells me is, let's talk about the tool first. Let's get into that. [00:43:13] Speaker A: Sure. [00:43:13] Speaker B: The tool has the ability to be pointed toward a GitHub, if I'm not mistaken. If I'm remembering correctly, that's how this works. You point it toward a GitHub, it basically works its way through the flow as an end user from start to finish and then looks for those possible. It's just a bunch of if thens, if this, then that, if this, then that else, if that and so on and so forth, working its way through it, obviously using modern AI capabilities to make that happen at a rapid pace. And it was able to find a dozen different vulnerabilities, new vulnerabilities that were previously undiscovered in very popular githubs with over 10,000 stars in a matter of hours. [00:44:01] Speaker A: Promising. [00:44:02] Speaker B: Right. So that's really cool, right? This is a tool, this, and I told Jason when we were talking, this is obviously how we're going to be doing this job, if not now, very shortly, and from then on. So if you're not up on AI tools and how to utilize it in this space, start taking a look at stuff like vulner and creating and training AI to do what it is you need it to do to be able to discover and exploit vulnerabilities for the purposes of securing them so that you can report those to those companies, maybe do bug bounty, maybe do whatever. Right. If you work as a pen tester, red teamer, this is now a phenomenal tool to exponentially make you more efficient and effective at your job. All right, so there's the tool. Cool. [00:44:53] Speaker A: Promising, then. [00:44:55] Speaker B: Now let's look future. [00:44:58] Speaker A: Oh, okay. [00:44:59] Speaker B: AI can do this. How long before we don't need to train it. It's trained. [00:45:05] Speaker A: Like, it just knows. [00:45:06] Speaker B: It just knows how to do it. And I as a, you know, maybe I'm the cybersecurity admin for XYZ company, and I go, cool. Which one of these cool AI red team tools do I buy? And I just buy it and go, oh, yeah, I need to do a pen test. How long before an AI pen test becomes. I can now check that box. I had a pen test, and that's legit. It spit out a report. Here's the report. Here's the vulnerabilities that were discovered. It does all the things that people used to do and all the people that are involved are just kind of people that run the business, their point of contact. Oh, we need to get eyes on this. And pen testers just kind of become the Uber expert to take it to the next level. Or if you want a really intense. You know what I mean? Like, is that the future? I don't know. It's possible. I feel like it's a non zero possibility. [00:45:58] Speaker A: I think you're right, that it's. That it's a non zero possibility for sure. I would hope that there would at least be. You'd have enough people that would be like, all right, well, look, yeah, AI is great, and it can simplify things, but if I'm like, running a company and we're getting a pen test done or whatever, maybe it's just because I'm not a big fan of this stuff in the first place, but I'm probably going to be like, look, that's great if we want these tools to be used, but I want at least a couple people on this double and triple checking everything. Because what if the AI misses something? What if it. [00:46:24] Speaker B: Yeah, but the pen testers can miss something. And you still. You have eno. Right. Errors and omissions. You. You have insurance to cover you. Yeah, for when your pensive, your physical. Your human pen testers miss something. [00:46:38] Speaker A: Sure, sure. [00:46:39] Speaker B: So why would that not apply to an AI? [00:46:41] Speaker A: I guess I just mean, like, it seems like it'd be more useful, in my opinion, as almost just like a, like when you go and get a second opinion from a doctor, like, you know, maybe have a person go in and do a pen test, and then this comes in and does a little cleanup afterwards and finds things maybe that the human eye didn't find, or vice versa, have this do the initial. [00:46:59] Speaker B: Right. [00:47:00] Speaker A: Because right now it looks like it's limited to, like, what, half a dozen vulnerabilities, but eventually it'll be bigger than that. [00:47:04] Speaker B: That's what I'm saying. In ten years from now, what does this look like? [00:47:07] Speaker A: But I think there's always an also a non zero chance that it'll miss something. Right. It may never be 100%. [00:47:13] Speaker B: And let's say that that is absolutely accurate, which it probably is, at least to some extent. How has that worked out for the entertainment industry? Right. They are. They're pretty up in arms on it, creating content. [00:47:26] Speaker A: Right. [00:47:27] Speaker B: It being able to, like, very well reproduce voices, human life attributes, things of that nature. How is this space not going to suffer for it as well? [00:47:38] Speaker A: That's true. [00:47:39] Speaker B: And businesses do not care whether or not you have a job. They just care whether the job they want gets done to the extent that they are compliant. [00:47:47] Speaker A: I also wonder, let's just say you've got a company that's using a tool. [00:47:50] Speaker B: Some of them do. I mean, sure, generally speaking. [00:47:54] Speaker A: Well, let's say you've got a company that's using maybe not this specific tool, but something like it. Maybe they've created their own. That's very similar. How do we know that? Who's to say somebody doesn't get access to the tool and compromise it and train it to do stuff that it shouldn't be doing or whatever. And so now it's been turned evil or what? Like not evil, but you know what I mean? [00:48:10] Speaker B: In the same way that you would do, you would vet any product before you bought it is you would look at reputation, you would look at capabilities, what do people like? Reviews, net promoter scores, that kind of stuff, and go, oh, this seems a trustpilot, right? This seems to be a good product. Everybody seems to like it. And it's not going to be like where they turn a switch off one day and it's like, oh, you no longer get human pen testers, you get AI pen testers. They're going to start offering it as like a side product. Oh, do you not want a full pen test? We'll give you an AI pen test and that will help you prepare for your real pen test, right? [00:48:46] Speaker A: Yeah. [00:48:47] Speaker B: And then eventually that's going to train those. A has to be very good. And as the real pen testers are feeding at their reports and it's training off of that information, and the more we give it the information, the more it learns, eventually it will hit a singularity of being able to do a basic pen test without a person behind the wheel. [00:49:07] Speaker A: And I could see even small to mid sized businesses taking advantage of something like this because maybe they can't afford or doesn't make sense for them to. [00:49:12] Speaker B: Go to a big pen cheaper. [00:49:13] Speaker A: It'll be like, oh, this is, and I wonder, and this is getting way theoretical, but I wonder if as products like this start to become more prevalent in an effort to train these models or these tools, if it'll be something like, hey, we'll offer you a pen test courtesy of this tool at like a super discounted price because, yes, you're getting it at a discount, but they're getting something out of it, too. They're getting to train their AI model or whatever on your stuff and on your company and your vulnerabilities and whatever. So kind of the same way that like, oh, I get to use Google photos for free, but probably it's training its facial recognition algorithm with my pictures, so it's free, but not really, you know, so I just wonder if that'll end up being something. It is a little, it's like if AI is gonna be used for something, I'm glad it's for the good. But you're right. In respect of like, people that, you know, physical people that do this job, I could see them being like, well, hang on a second. [00:49:58] Speaker B: Yeah. [00:49:59] Speaker A: Let's just not. Let's just slow our roll here. You're not. You can't replace pen testers with a tool. [00:50:03] Speaker B: And don't get me wrong. I don't think this is gonna happen tomorrow, next year or five years. I think it's probably within maybe. Maybe five years, we start to see the beginnings of those products, and maybe. And I'm trying to be conservative, you know, just. [00:50:15] Speaker A: Sure. [00:50:16] Speaker B: But I would say definitely in ten years, we're gonna see those products on the shelf. That's my prediction. That's prediction. [00:50:23] Speaker A: It's scary to think about, but it'll be here before we know it. So we'll check back in. In ten years, we'll see where these tools are at. [00:50:28] Speaker B: I think this is a cool tool, by the way. [00:50:30] Speaker A: Oh, yeah, absolutely. [00:50:31] Speaker B: Totally. Check it out. [00:50:32] Speaker A: Absolutely. Well, yeah, I mean, Robocop was pretty cool, too, and so was the terminator, but, you know, you just never know. [00:50:37] Speaker B: But I'll take the robocop over the Terminator. Cause he'll kill you. [00:50:40] Speaker A: I would agree. [00:50:41] Speaker B: Robocop tries to, you know, he's got the three prime directives. [00:50:44] Speaker A: I would agree. [00:50:44] Speaker B: And they are enslaved to the human race. [00:50:47] Speaker A: Fair enough. Fair enough. Well, moving on, we've got a couple more articles we want to get into. And this will be our next segment of the day, which is an old favorite, behind bars. [00:50:57] Speaker B: Bad boys. Break the law, and you'll go to jail. [00:51:08] Speaker A: It's literally so true. [00:51:09] Speaker B: Sounds like Mike Rowe, doesn't it? [00:51:11] Speaker A: Like, it does sound a little like. [00:51:12] Speaker B: Mike Rowe, but I think it was Zach, wasn't it? Isn't that Zack? [00:51:15] Speaker A: Probably. [00:51:15] Speaker B: I think it was. [00:51:16] Speaker A: Probably. [00:51:17] Speaker B: I used to work with. [00:51:18] Speaker A: Well, hacking or black hat hacking is a dirty job, in my opinion. And in this case, yet another guy is behind bars. So the FBI's most wanted hacker was arrested in. I believe that's pronounced Malpensa. I could be wrong, but that's in Milan. He's an australian man. Italian Australian. Excuse me. Which is an interesting combination. You don't see that very often. Italian Australians? [00:51:39] Speaker B: Yes. That is a. [00:51:40] Speaker A: Maybe that's the FBI's first italian australian arrest. But he was one of the FBI's most wanted hackers. Unethical, I would assume. Significant victims. [00:51:50] Speaker B: They're arresting all the ethical hackers. [00:51:52] Speaker A: I feel like it's not enough to just say hacker, because that's like, okay, well, in some ways, you're a hacker, but you're not, like, out here, you know, trying to hurt people. So his identity remains undisclosed. I wonder why. But he is alleged to be a key figure in a sophisticated computer fraud scheme that amassed an astounding $31 million. So what? [00:52:12] Speaker B: Made some money? [00:52:13] Speaker A: Yeah. No kidding. No kidding. And it was the US District Court of North Carolina that issued the arrest warrant. But he was arrested in Milan. And he's italian? Australian, so interesting combination of nationalities here. [00:52:23] Speaker B: Very much so. But now he's going to languish in jail. Well, I guess there's still a court proceeding to be had. [00:52:29] Speaker A: Sure. [00:52:29] Speaker B: He's just been arrested at this point. Where did they get him at? [00:52:33] Speaker A: In Milan? At an airport. The Malpensa airport. [00:52:35] Speaker B: There you go. The FYI, bad hackers out there that may have been watching this don't go to Milan. There's an extradition treaty with them, and. [00:52:43] Speaker A: They identified him on a flight from Singapore. So this is really an international. [00:52:46] Speaker B: Yeah, they've really been watching him. [00:52:48] Speaker A: He is a traveling man. [00:52:49] Speaker B: They wanted him and they wanted him bad. They got him. [00:52:53] Speaker A: Scam allegedly targeted vulnerable Internet users, particularly the elderly. Seems like that a lot. We talked about that a little earlier. [00:52:58] Speaker B: Scumbags. [00:53:00] Speaker A: Seems like that is a lot of times the case. So I'm curious, though, if he is. If the, you know, he's convicted and. Okay. It says a maximum sentence of 30 years imprisonment when the crime involves at least ten victims over 55. That is interesting. I didn't know that. [00:53:15] Speaker B: Yeah, right? There's a term for that. [00:53:18] Speaker A: There's a elder abuse. I don't know. [00:53:20] Speaker B: Yeah. I mean, maybe it is elder abuse. [00:53:21] Speaker A: Honestly, I don't know. [00:53:24] Speaker B: Yes, that might be it. I think it is elder abuse. [00:53:27] Speaker A: And of course, when I click on, like, the article or whatever, it's in italian or something. I can't. Okay. I don't even know what I'm agreeing to, so I'm not gonna go down that road. [00:53:36] Speaker B: It's like spaghetti gazpacho. [00:53:38] Speaker A: You know, it's probably just cookies, but I don't. [00:53:40] Speaker B: The only italian stuff I know is food words. [00:53:42] Speaker A: Spaghetti gazpacho. [00:53:43] Speaker B: Yeah. [00:53:43] Speaker A: Yeah. Well, you're close enough. Yeah. And this was after. In July, there was another FBI wanted cybercriminal that was apprehended. So the FBI's on a roll lately. Good for them. [00:53:51] Speaker B: Veal scaloppini. [00:53:54] Speaker A: You said. That was such a convincing accent that for a second I was like, huh? Wow, that's pretty good. He's being held in a prison near. I'm assuming that's another italian city and he's awaiting extradition. So if you can't, do you cannot do the time. Don't do the crime. [00:54:08] Speaker B: There you go. [00:54:09] Speaker A: That's probably super offensive. So sorry about that. [00:54:12] Speaker B: Well, celebrating italian. Lovely accent. [00:54:15] Speaker A: I'm italian. [00:54:16] Speaker B: Are you? That's right. You were. [00:54:17] Speaker A: My dad said. [00:54:18] Speaker B: That's right. [00:54:18] Speaker A: I know I don't look it because I am white as the driven snow. But, yes, somewhere in my bloodline, there is some. We've got a family spaghetti sauce recipe. It's like a saucepan. [00:54:27] Speaker B: That's cool. [00:54:28] Speaker A: So I am, in that way. [00:54:29] Speaker B: You know how to make it? [00:54:30] Speaker A: I'm learning. And there's like a. It's kind of a joke. [00:54:33] Speaker B: You know that once you get it down, I. Oh, absolutely. [00:54:37] Speaker A: It's like. It's got, like, four different kinds of meat in it. Like, it's super good. It's spicy. Yeah, super good. But it's a secret recipe, family recipe. And there's like a running. It's kind of a joke, but not really that. [00:54:45] Speaker B: Like, that good. We're gonna stop doing this whole cyber thing. [00:54:49] Speaker A: We'll just do that business. [00:54:50] Speaker B: You darn right. [00:54:51] Speaker A: It's. The whole thing was like, you have to learn how to make this sauce before you're allowed to get married. That's not really the case anymore, but that's kind of a joke. [00:54:58] Speaker B: That's a tradition. You should continue on. It's kind of cool. [00:55:01] Speaker A: I had a boyfriend over in high school. Like, he came over for a family something or other, and that was the first thing my grandpa said to him. He making the spaghetti sauce, and he's like, you know, she has to learn how to make the sauce before she can get married. We've been dating, like, two months. [00:55:09] Speaker B: Yeah. [00:55:09] Speaker A: You're in high school, and I'm like, grandpa, grandpa. [00:55:12] Speaker B: It's not 1927, where I get married right out of high school. [00:55:17] Speaker A: Don't embarrass thing. But it is pretty cool. So, yeah, fun fact about me, you know, please don't use that to social engineering me. Anyway, moving on. We talked about how that was a behind bar segment and this next article, there is actually a photo or an AI generated photo or something of this guy behind bars. But this is about a honey pot that Daniel was reading up on. And, Daniel, maybe you can explain to the people out there what exactly this is. [00:55:39] Speaker B: This was a super interesting article that I ran across as one does as you're traipsing through the interwebs. And I said, what is this? So this group, spatial sec, they. I'll put it in their words. Right. It says right here on October 8 15:44 p.m. uTC a member of spatial sex was shitposting specifically by tweeting a review of the CBTO or certified black team operator certification and associated course black team ops one, a parody of zero points red team ops, right? And here's the post that they put really excited about lockbits new certification. CBTO black team Ops is an online self study course that teaches core concepts of being an adversary, including configuration of cracked cobalt strike, money laundering, and ransomware as a service payload deployment. Right? So this is just a joke. It's for fun. [00:56:38] Speaker A: I love that they use the word shitposting in this official blog post. That's so fun to do. [00:56:42] Speaker B: By the way, this I don't know if they're like a legit company or whatever, they seem to be trying to sell services and whatnot, but they are fully like yes, they do not care to drop curse words or whatever, but continuing on with their post, it says it teaches modern adversarial techniques such as sim swapping and harassing individuals to give up their corporate creds. It delves further into defense evasion, covering concepts such as waiting for the sock manager to go on vacation and trolling law enforcement with memes. Compared to other courses such as OSCP, the CBTO is quite affordable, 1300 USD versus 3.2 xmr. It also includes the latest cobalt strike and brute rattle leak and downside. Sometimes the guacamole instances for the labs are annoying and a couple of the exercises require access to stealer logs, but they are not included with the course, so you have to buy it yourself. This is obviously just a troll having fun. Just having a hee haw about the certification industry seems pretty obviously like a joke, right? Here's where it got fun, right? We're all oh man, that is a slapper. [00:57:53] Speaker A: So silly. [00:57:54] Speaker B: Just a tickling, right? Some people thought this was legit and they reached out. Love to get ahold of this. How do I do that? Now normal folks such as ourselves would go hey bro, it was a joke, what are you doing? Not spatial sec. [00:58:15] Speaker A: They went, they saw an opportunity. [00:58:16] Speaker B: They did. They knew it when they saw it. And they said, let's buy a domain and spin up a registration page right now. So that's what they did. And they thought, you know what would be fun is if, and this is the reason why they spun up this page is we'll see who's registering and then continue to troll them and have a good time basically creating a honey pot off of this. And they were able to learn a lot of really cool information about that. I'll let you read. You should totally read the article because it's hysterical. I don't want to take the funny away from it. So you go read that. And all the stuff that they did, they even spun up a merch store, which I'm not 100%, whether or not it's a troll in and of itself, or if you can actually buy the merch, I kind of hope you can. Yeah, because I want. Right. And they show screenshots of them talking with some of the people that were trying to register for this and then complaining about, I'm not getting the registration email. They're like, yes, we know, right. But down here at the bottom, they have a conclusion. And here's some of the data that they saw of, like, where this was coming from. We imported all the data into Google sheets to map the geographic distribution of the registrations. And oddly enough. Right. If we continue down, we see right here that 309 registrations came from the US, 53 from France, 46 from Great Britain, 39 from the Netherlands, 38 from Denmark. Right. De. [00:59:47] Speaker A: De. I think Denmark. Yeah. [00:59:49] Speaker B: What. What country codes are we not seeing so far? [00:59:55] Speaker A: Well, we've got the US looks like. What does that maybe that you would expect to see? [00:59:59] Speaker B: Who do you think would be the big players wanting to get their hands on a good course for being Russia, China. Russia, China. Where are they? Yeah, I don't see them. I do not see. [01:00:10] Speaker A: And they noticed from stupid american. [01:00:12] Speaker B: Yeah. Right. They. They obviously got a good program going wherever the heck they're at. Right. But the fact that there was a lot of individuals in France and Great Britain and the Netherlands and Denmark that were interested in teach me how to be a cyber bad guy. [01:00:26] Speaker A: Mm hmm. [01:00:27] Speaker B: Right. They thought this was legit and said, yeah, I'm in. Let's go for it. And in America as well. I'm not surprised. Honestly. [01:00:36] Speaker A: Not the smartest move to reach out and be like, I want to commit crimes. Teach me how. Like, showing intent. That that's what you want to do. [01:00:42] Speaker B: Yes. [01:00:43] Speaker A: So didn't they, like, public publicized, like. [01:00:45] Speaker B: Oh, yeah, yeah, yeah. Like, they straight up said, here's somebody that contact us. Here's their Gmail account, here's their IP address. Now, they were, like, from Yemen and things of that nature. Sure, it's whatever. But that was interesting data that they retrieved that they were able to, like, analyze as well to go, hey, here's what we learned. People were really interested. We got a lot of. We got a lot of chatter around sim swapping. So you should probably start really shoring up your fences around sim swapping attacks. [01:01:17] Speaker A: That that seems to be. [01:01:18] Speaker B: Because that seems to be a trend in the people that were registering for this. They really want to know how to do sim swapping. Right. So this was really interesting information that they were able to gather on having. Having a laugh, taking the piss out of something, and it turned into, like, what seems to be really useful information. And you got to troll some people that want to be bad guys. [01:01:41] Speaker A: Huh. So I did find the merch store. I sent you a link. [01:01:44] Speaker B: Oh, yeah. [01:01:44] Speaker A: So if you. If you'd like to pick something. [01:01:46] Speaker B: Yeah. But if I. If I hit purchase and I send them money, do they just keep the money and I don't get anything right, do they? [01:01:50] Speaker A: I mean, it looks like it looks legit. It looks legit. They've got. I mean, I can't say that it's, like the best merch in the world, but it's kind of funny. [01:01:56] Speaker B: Anybody knows anyone in spatial sec? [01:01:59] Speaker A: I mean, various colors have them reach. [01:02:01] Speaker B: Out to me on LinkedIn or something. [01:02:05] Speaker A: I mean, they've got a n faq I looked at, because if this is. [01:02:08] Speaker B: Real, I want a shirt. [01:02:09] Speaker A: Yeah, well, I'll look into that later and see if they have any, like, little disclaimers on their website. Like, this is not real. We'll keep your money. We'll consider it a donation. But that's part of the troll. But that is an interesting story. And, I mean, I guess good on them for taking the opportunity to try. [01:02:23] Speaker B: To, like, you know, hey, yeah, that was great. But my thought on this was look at how many people were interested in being bad guys, right? That they would. They would happily fork over some money, quite a bit of money, to get the skills to be able to pilfer people's pockets. That's a hard sentence to say of and have, you know, line their own with filthy Lucrez. I was kind of shocked at that, that this would be a thing. And the difference, like, a lot of the skills that they were promoting, obviously, some of them were criminal, but a lot of them did kind of cross over into what you would see in a CTRO CRT certified red team operator CRTO system, because that's what we're meant to do. Should we now kind of start to. Should we look more like our adversaries? [01:03:21] Speaker A: Yeah. Mirror them a little. [01:03:22] Speaker B: Teams and pen tests. I don't know. [01:03:25] Speaker A: Interesting. I do like that towards the end, they put a little David Attenborough. [01:03:29] Speaker B: It was very. [01:03:30] Speaker A: As we venture deeper into the digital undergrowth. We come across a particularly fascinating specimen known to the local fauna as Oppenheimer, whose online behavior provides us with a textbook example of the skidden in its natural habitat. [01:03:43] Speaker B: You can't help but to read it in the. David Attenborough. [01:03:45] Speaker A: You have to. You have to. [01:03:46] Speaker B: Rogue. [01:03:47] Speaker A: I can't, and I'm. [01:03:48] Speaker B: I did the exact same thing, by the way. [01:03:50] Speaker A: I don't have a dude's voice, so mine's not even good, but that is. And then it continues. It's like two or three paragraphs. I think that's. [01:03:55] Speaker B: Oh, yeah, they totally go, wow. It's. Infinite wisdom posits a theory. If one's operational security, or OPseC, as it is known in these circles, is sufficiently robust, the potential reward of cybercrime outweighs the risks. At this point, it. Dear viewers that we observe a spectacular example of the Dunning Kruger effect in action. You cannot help us to do that voice. [01:04:18] Speaker A: They are funny. [01:04:19] Speaker B: This is super funny. [01:04:20] Speaker A: Yeah, I have to learn more about these guys. This is pretty funny. Maybe I'll go pick up some part time work there. Well, we've got a couple more articles that we want to get through before we head out for the day, but that is, I think that's definitely my favorite so far that we've covered today. This next one, I'm probably gonna get angry, so just prepare yourself. Meta's testing facial recognition for spotting celeb bait ads, scams, and easier account recovery. So initially when they started talking about this, and anytime I see facial recognition now, since I started reading that book on clear view, I'm immediately like. I start hissing, you know, get it away. No, but they are. They were testing it as an anti scam measure to combat celebrity scam ads. But it looks like going forward, they may try to implement this as like, a. Oh, if you have to recover your account, like, oh, yeah, I heard about that. Yeah. So it's like, okay, convenient. Sure. Sounds like it'd be a great thing. But this is another, okay, you're giving your biometric information over to this company, meta, that they just got in trouble in a lawsuit for storing passwords in plain text. [01:05:18] Speaker B: How much do you trust meta? [01:05:20] Speaker A: Right, right. [01:05:22] Speaker B: I mean, man, I just want to live in a day and time where I just pay you money and you give me a service, and you don't get to keep all my data and use it. It's mine only in. If you want to spin up some way where I can share that data with you so you can make money. And obviously, I would get some sort of discount on that. That's fine. But for us to just kind of like. They got us with. It's free, right? That is how they hooked us. And now we're, like, so entrenched into these systems. I mean, I'm sorry, man. Do I use them? Yes, I do. But I do it with eyes wide open. And that's what we want for you out there as well. [01:06:06] Speaker A: And of course, they put out their little disclaimer. We immediately delete any facial recognition data generated from these ads that we're scanning. We just use it for that one time comparison. We don't use it for anything else. Yeah, I've heard that song and dance before. [01:06:17] Speaker B: Yeah. [01:06:18] Speaker A: No, no, no. [01:06:18] Speaker B: Then come to find out, yeah, they've got. [01:06:21] Speaker A: They're, like, clear view and they've got a database of 50 billion photos of people. [01:06:24] Speaker B: And then they get a fine and they go, that's cost to do with business, right? [01:06:27] Speaker A: That's small potatoes for us. Yeah. [01:06:29] Speaker B: We're billions and billions of dollar company. [01:06:32] Speaker A: I'll take a 1%. [01:06:33] Speaker B: Yeah. $24 million. Whatever. [01:06:35] Speaker A: Yeah. [01:06:36] Speaker B: So I got that on me, I think. [01:06:39] Speaker A: Actually. Let me just check. [01:06:40] Speaker B: Yeah. [01:06:40] Speaker A: You okay with small bills? [01:06:41] Speaker B: Yeah. [01:06:42] Speaker A: So I don't love the. I mean, I think it's. It's just inevitable that this kind of stuff is gonna happen and become more prominent on social media. I mean, already, you know, you can use facial recognition with your phone. Like, this is already a widespread turnbull technology. Good for you. We were just talking the other day about how at the airport they're starting to employ it. Pre check. [01:06:59] Speaker B: Exactly. Back to the phone thing real quick, though, is I don't want to be in a position where someone can go and turn my phone on. [01:07:06] Speaker A: Right. [01:07:07] Speaker B: And open it up. Every. I'm logged into too many sensitive things that I'm happy to type in. A passcode. Pin code. [01:07:15] Speaker A: Yeah. [01:07:16] Speaker B: I would be using, like, a very large pin code. I'm going to tell you how many digits, but I. [01:07:20] Speaker A: Sure, but. But something pretty long and secure. Same. Same as you would for a password. Right. Just, you know, you're following those good principles of making a. Making a pin. [01:07:28] Speaker B: That's right. [01:07:29] Speaker A: So I just. I don't. I think maybe reading up more about this stuff has made, you know, they say you should, like, face your fears, right. And that'll help you get over them. And so I was like, when I first started hearing about this stuff, I'm like, well, maybe I just need to read up on it. It's not that bad. [01:07:41] Speaker B: It made it worse. [01:07:41] Speaker A: It made it worse. [01:07:42] Speaker B: Yeah. [01:07:43] Speaker A: I'm reading this, and I'm like, there's no way that this has been going on for years and years and years. And I know they say that, like, if a technology becomes public and available to, like, civilians and stuff, the military's had it for years or the government's had it for years or whatever, there's, like, that theory. So. But actually reading it and being like, oh, yeah. Like, Google's had this technology ever since before it became mainstream, but didn't release it because as they've stated or as they had spokespeople state, we didn't really know what the implications of that would be. We were kind of scared to release it. If a. If these companies that are, like, always first to the table, trying to get. Be the first to get to technology are holding it back because they're a little afraid of the implications of what it might mean, what does that do to me? There's not a bigger red flag in the world. Like, I just. You might as well be in a bullfight with how big that red flag is. So, like I said, you know, I'm getting a little. [01:08:27] Speaker B: Yeah. [01:08:29] Speaker A: So I just don't love this. [01:08:30] Speaker B: I like this version of Sophia. [01:08:31] Speaker A: I get that it's supposed to be for, oh, it's gonna stop scam ads and da da da da. But also, then what are the odds that maybe, like, we were talking about earlier with Ronnie, how it's this algorithm that's intended to help and prevent these scams or whatever, but then an innocent guy gets hit by it? So is this kind of technology all it's gonna do is make it harder for real people to do stuff? You know, I just. I get that the intention's supposedly good, but I just don't know that I believe that. So, anyway, moving on, we'll be done with AI and facial recognition for the day, but I'm not gonna. Not gonna promise it's not gonna come up again next week. This last article, we started the show with some news about a gaming giant, and we're gonna finish it with some news about a different gaming giant, also based in Japan. Took about 2 seconds for Nintendo's mysterious Switch game to leak. Nintendo is working hard to take images of this off the Internet, but supposedly what happened is they had this, like, playtest that they were doing, and people that were engaged in the playtest, they said, hey, you know, click this box, agree to this. Please don't share this information. Come on. [01:09:28] Speaker B: Of course they click. [01:09:29] Speaker A: It's like, oh, that's going to be done in about a minute. And so people then started sharing stuff about it, went public, and now Nintendo's like panicking. I don't know how they, I don't know how you curb that. [01:09:38] Speaker B: You're gonna sue Carl Smith. [01:09:40] Speaker A: He's gonna show up to the guy's house. [01:09:41] Speaker B: Well, you know, Milwaukee, Wisconsin, like a net. [01:09:44] Speaker A: Yeah, you're done. So I don't know how they. If you're just relying on people's honor to like, yeah, well, you and, you. [01:09:50] Speaker B: Know, it was like a college kid. [01:09:52] Speaker A: Yeah, right on like Twitter or X or whatever, like just posting, hey, there's whatever. Hope Nintendo. Yeah, he literally said, hope Nintendo doesn't kill me for this. [01:10:00] Speaker B: This is the generation that will like, you know, go to a grocery store and throw jugs of milk on the floor for TikTok views. You think they're not going to stick this shit in their, their feed? Get real. [01:10:10] Speaker A: When even if you can't, it's not like they can say it's Sonic spin battle. Like, it's not specifically like a name or anything, but even just like how much data it uses, how much space it takes up on your switch, right. It says it's a. A social MMO hybrid experience. Some are already comparing to the miiverse, which was a social network that they had for three deciseconds and Wii U, that's obviously long dead, just like the three deciseconds and the Wii U, so. But even just getting people will like get little pieces of information like it's 2.2 gigs. Well that narrows it down. And like, they know, well, it can't be this kind of game. It's gotta be this kind of game. So even something like that. [01:10:42] Speaker B: Are three deciseconds games available on the Switch? [01:10:45] Speaker A: You know, I don't know because I'm gonna tell you right now, maybe some. [01:10:48] Speaker B: Of them, I guarantee Christian out there is listening, he knows what I'm about to say. That three deciseconds, it was amazing platform. That's an amazing system. I love that system. And I get it, like, everything kind of like phases out and you go to switch, but to kill the entire ecosystem of that thing was a mistake because it's such. I mean, my hats off to the developers of that system and the people that kept it going. The games were great. Like, it is a really phenomenal system now. They're like through the roof in price and man, I should have gotten a hand on one before they went stupid, but I didn't know you were gonna do this? [01:11:32] Speaker A: Yeah. [01:11:33] Speaker B: Nintendo, it's coming to you. [01:11:36] Speaker A: I bet there are at least a handful of games that maybe, like, were released for both. Yeah, the end. And so now they've been ported over the Switch. Who know? Who knows? I'll scan this. [01:11:45] Speaker B: You know what? Get to talking. [01:11:46] Speaker A: Okay, so there are some notes on what kind of a game this might be. It looks it was. There were leaked images of the Nintendo website says the idea of the game is to work with other players to develop a massive planet farmed via resources and building on your own plot of land. So it kind of sounds like Stardew valley, but with a more social, like, mmo aspect to it. Players use beacons that emit a healing light that purifies and develops the land. Okay. You place multiple beacons until your planetary block is fully developed. And your beacon sounds like a protected space in which only you can move, lift, or edit items. So you're working with other people, but you have your own little plot of land space that's yours. And the goal is that together with all these other people that are playing, you develop this planet. I guess there's a devcore that acts as a player hub where you can level stuff up. There is a user generated content aspect, and you'll be able to share what you make with others. And Nintendo had signaled that it recommends playing this new game in tv setup with a wired connection as opposed to the handheld version, given that it's a server based experience. So that's interesting. They did get quite a few details, it sounds like, on what this game is going to be. Still don't know the name of the thing or a code name or whatever, but decent amount of information they were. And Nintendo, you can't get me in trouble for this because I'm pulling this from IGN. Calm. It's not me. I didn't do it. [01:13:01] Speaker B: So if you want to, they'll come for you. They don't care. [01:13:03] Speaker A: They will. [01:13:03] Speaker B: Yeah, they do not care, man. [01:13:05] Speaker A: The guy, I forget the name of the guy that's in charge, but he's going to come to my door. [01:13:09] Speaker B: We're going to have to start saying blin blendo. [01:13:12] Speaker A: Taro furukawa is currently the CEO. Yeah. [01:13:15] Speaker B: He is gonna kick your door in. [01:13:17] Speaker A: Mm hmm. [01:13:17] Speaker B: Furukawa says, by the way, did find out whether or not you can play three deciseconds games on Switch. And the verdict, what do you think the answer is? [01:13:26] Speaker A: Considering they're so like sensitive about emulators and stuff? I'm gonna say probably not. [01:13:31] Speaker B: No. Nintendo three deciseconds and Wii U games purchased on Nintendo eShop do not carry over to Nintendo Switch. Switch console is an all new way to play and does not include backwards compatibility with digital or physical games designed for other consoles or systems. Apparently you might be able to do some emulation on your switch and get away with it that way. But of course, we've seen what Nintendo's doing with emulators right now. They're trying to just grind them into the dirt, right? [01:14:00] Speaker A: So, yeah, not that we're telling you to use emulators. [01:14:03] Speaker B: Haven't said anything about telling you to go use an emulator. [01:14:05] Speaker A: Just saying somebody could if they wanted. In theory, if a really evil person wanted to use an emulator and just undermine Nintendo's entire business by doing so, I'll hail Nintendo. Ronnie's gonna come in here and be. [01:14:19] Speaker B: Like. [01:14:21] Speaker A: Well, that's all I had for our articles today. So started off with some gaming stuff, ended with some gaming stuff and a whole lot of fun. Legal merger news breeches in between. [01:14:32] Speaker B: We just really was quite the smokers, Morgan. [01:14:34] Speaker A: We really ran the stuff today. We ran the gamut today. So I think that's pretty much gonna do it again. Next week is Halloween, so we look forward to seeing you then. Hope you're enjoying your spooky. I did have some kind of spooky earrings, Mikey. [01:14:45] Speaker B: The guillotines. [01:14:46] Speaker A: Guillotines today. [01:14:47] Speaker B: A little head or a blood drop. [01:14:48] Speaker A: It is a blood drop. Yeah, I think it probably. That would have been gone too far for the makers of these earrings. [01:14:53] Speaker B: I just started the nightmare on Elm street series, so. [01:14:56] Speaker A: Enjoying that. [01:14:57] Speaker B: I'm literally in the first. [01:14:59] Speaker A: Oh, okay. [01:15:00] Speaker B: Right now. [01:15:00] Speaker A: So, so far so good. [01:15:01] Speaker B: So far. So Johnny Depp's in the first. [01:15:03] Speaker A: Okay. [01:15:04] Speaker B: Forgot he was in that. Yeah. [01:15:05] Speaker A: A young Johnny Depp. [01:15:06] Speaker B: Young Johnny Depp. [01:15:07] Speaker A: Okay, well, next week, being that it'll be our Halloween episode, you'll have to share your thoughts on how far you've gotten into that, Anthony. [01:15:14] Speaker B: Oh, of course. [01:15:14] Speaker A: By the time we get there, cuz. [01:15:15] Speaker B: Knowing me, I'll have it done by this weekend. [01:15:17] Speaker A: Be spooky. That'll be our theme next week. We'll find some scary. Every week we have scary news though. Like, can't believe this is happening. [01:15:23] Speaker B: How is it? Nothing. [01:15:24] Speaker A: So yeah, every week is Halloween here on Technado, but I think that's gonna do it for today. So again, if you enjoyed this episode, leave a comment. Let us know what you liked. Subscribe so you never miss an episode in the future. Thank you so much. For joining us for this episode, and we will see you next week. Thanks for watching. If you enjoyed today's show, consider subscribing so you'll never miss a new episode.

Other Episodes

Episode

April 28, 2022 00:54:45
Episode Cover

Technado, Ep. 253: RIP macOS Server

The team was back together for a busy week of news. Canonical launched Ubuntu 22.04 LTS, OpenBSD 7.1 came out with Apple silicon support,...

Listen

Episode

March 19, 2020 00:43:32
Episode Cover

Technado, Ep. 143: Lookout’s Aaron Cockerill

In many cases, you’re more susceptible to phishing attacks when you’re on a mobile device. In this episode, Aaron Cockerill from Lookout joins to...

Listen

Episode

April 15, 2021 00:53:27
Episode Cover

Technado, Ep. 199: Cisco’s Utkarsh Srivastava

Cisco Network Consultant, speaker, and podcaster Utkarsh Srivastava joined Technado this week to share his vast knowledge of things like machine learning and artificial...

Listen