The Host Unknown Podcast

By: Host Unknown Thom Langford Andrew Agnes Javvad Malik
Listen for free

  • Summary

  • Host Unknown is the unholy alliance of the old, the new and the rockstars of the infosec industry in an internet-based show that tries to care about issues in our industry. It regularly fails. With presenters that have an inflated opinion of their own worth and a production team with a pathological dislike of them (or “meat puppets” as it often refers to them), it is with a combination of luck and utter lack of good judgement that a show is ever produced and released. Host Unknown is available for sponsorship, conferences, other web shows or indeed anything that pays a little bit of money to keep the debt collectors away. You can contact them at contact@hostunknown.tv for details
    All rights reserved - Hands Off!
    Show more Show less
Episodes
  • Episode 203 - The Too Soon Episode

    Episode 203 - The Too Soon Episode
    Sep 24 2024
    This week in InfoSec (10:44)With content liberated from the “today in infosec” twitter account and further afield18th September 2001: The Nimda worm was released. Utilising 5 different infection vectors, it became the most widespread virus/worm after only 22 minutes.https://twitter.com/todayininfosec/status/1836495262409175187 17th September 2014: Apple announced that the iOS 8 operating system (used on iPhone and iPad) would be architected to prevent it from being technically feasible for the company to extract data from customer devices. A day later Google made a similar announcement pertaining to Android.With iOS 8 Update, Apple Will No Longer Provide User Data to Policehttps://twitter.com/todayininfosec/status/1836071319030374437 Rant of the Week (17:50)No way? Big Tech's 'lucrative surveillance' of everyone is terrible for privacy, freedomBuried beneath the endless feeds and attention-grabbing videos of the modern internet is a network of data harvesting and sale that's perhaps far more vast than most people realise, and it desperately needs regulation. That's the conclusion the FTC made after spending nearly four years poring over internal data from nine major social media and video streaming corporations in the US.These internet behemoths are collecting vast amounts of data, both on and off their services, and the handling of such data is "woefully inadequate," particularly around data belonging to children and teenagers, the FTC said. Billy Big Balls of the Week (28:06)LinkedIn started harvesting people's posts for training AI without asking for opt-inLinkedIn started harvesting user-generated content to train its AI without asking for permission, angering netizens.Microsoft’s self-help network on Wednesday published a "trust and safety" update in which senior veep and general counsel Blake Lawit revealed LinkedIn's use of people's posts and other data for both training and using its generative AI features.In doing so, he said the site's privacy policy had been updated. We note this policy links to an FAQ that was updated sometime last week also confirming the automatic collecting of posts for training – meaning it appears LinkedIn started gathering up content for its AI models, and opting in users, well before Lawit’s post and the updated privacy policy advised of the changes today. Industry News (35:07) Over Half of Breached UK Firms Pay RansomICO Acts Against Sky Betting and Gaming Over CookiesAT&T Agrees $13m FCC Settlement Over Cloud Data BreachEuropol Taskforce Disrupts Global Criminal Network Through Supply Chain AttackGoogle Street View Images Used For Extortion Scams8000 Claimants Sue Outsourcing Giant Capita Over 2023 Data BreachWestern Agencies Warn Risk from Chinese-Controlled BotnetGoing for Gold: HSBC Approves Quantum-Safe Technology for Tokenized BullionsCybersecurity Skills Gap Leaves Cloud Environments Vulnerable Tweet of the Week (42:39)https://twitter.com/ProfWoodward/status/1837084678836171089 Come on! Like and bloody well subscribe!
    Show more Show less
    47 mins
  • Episode 202 - The Dog Eating Episode

    Episode 202 - The Dog Eating Episode
    Sep 16 2024
    This week in InfoSec (11:25)With content liberated from the “today in infosec” twitter account and further afield12th September 2014: Stephane Chazelas contacted Bash maintainer Chet Ramey about a vulnerability he dubbed "Bashdoor", which later becoming known as Shellshock. It was publicly disclosed 12 days later.Shellshock was kind of a big deal - and the vuln had been in Bash for 25 years!https://x.com/todayininfosec/status/1834293229472416242 9th September 2001: Mark Curphey started OWASP (the Open Web Application Security Project). In 2023 it was renamed the Open Worldwide Application Security Project.https://x.com/todayininfosec/status/1833191889790480500 Rant of the Week (16:33)WhatsApp's 'View Once' could be 'View Whenever' due to a flawA popular privacy feature in WhatsApp is "completely broken and can be trivially bypassed," according to developers at cryptowallet startup Zengo.According to cofounder Tal Be'ery, his team was building a web interface when they discovered a flaw in WhatsApp's View Once. While the feature was supposed to be limited to platforms where the necessary controls could be enforced, such as mobile clients, the WhatsApp API server didn't properly enforce it.The server would still send these messages to other platforms, but they couldn't be viewed - unless someone fiddled with the code."The View [O]nce media messages are technically the same as regular media messages, only with the “view once” flag set," the technical explanation states."Which means it’s the virtual equivalent of putting a note on the picture that says 'don’t look.' All that is required for attackers to circumvent it, is merely to set this flag to false and the media become regular and can be downloaded, forwarded and shared." Billy Big Balls of the Week (27:10)Australia’s government spent the week boxing Big TechThe fun started on Monday when prime minister Anthony Albanese announced his intention to introduce a minimum age for social media, with a preference for the services to be off limits until kids turn 16."I want kids to have a childhood," the PM urged. "I want them off their devices … I want them to have real experiences with real people."Albanese promised legislation to enact the rule will be tabled before Australia's next election, due by 2025. Opposition leader Peter Dutton broadly supported the proposal, which is pitched at parents who are tired of having to protect their kids online. Industry news (34:34)DoJ Distributes $18.5m to Western Union Fraud VictimsPoland's Supreme Court Blocks Pegasus Spyware ProbeUK Recognizes Data Centers as Critical National InfrastructureMastercard Acquires Global Threat Intelligence Firm Recorded Future for $2.65bnTfL Confirms Customer Data Breach, 17-Year-Old Suspect ArrestedIrish Data Protection Regulator to Investigate Google AIMicrosoft Vows to Prevent Future CrowdStrike-Like OutagesRecord $65m Settlement for Hacked Patient PhotosMalicious Actors Spreading False US Voter Registration Breach Claims Tweet of the Week (41:57)https://x.com/MikeTalonNYC/status/1834311262563377553 Come on! Like and bloody well subscribe!
    Show more Show less
    45 mins
  • Episode 201 - The Difficult 201st Podcast

    Episode 201 - The Difficult 201st Podcast
    Sep 9 2024
    This week in InfoSec (13:08) With content liberated from the “today in infosec” twitter account and further afield3rd September 2014: Twitter launched its bug bounty program via the HackerOne platform, stating it would award at least $140 for vulnerabilities found in http://x.com/ or its Android or iOS apps.$140? 140 was the max tweet length. $1.6 million has been paid out since inception.https://twitter.com/XSecurity/status/507220774336225280https://x.com/todayininfosec/status/183140868660414060230th August 2014: A user of the message board 4chan posted leaked nude photos of Jennifer Lawrence, Kate Upton, Kirsten Dunst, and other celebrities. Several years later 4 people were sentenced for crimes related to the hacking of Apple iCloud accounts of dozens of targeted individuals.Apple knew of iCloud API weakness months before celeb photo leak brokehttps://x.com/todayininfosec/status/1830016468328575386 Rant of the Week (19:09)'Error' causes Alexa to endorse Kamala Harris, refuse to discuss TrumpIt would be perfectly reasonable to expect Amazon's digital assistant Alexa to decline to state opinions about the 2024 presidential race, but up until recently, that assumption would have been incorrect.When asked to give reasons to vote for former President Donald Trump, Alexa demurred, according to a video from Fox Business. "I cannot provide responses that endorse any political party or its leader," Alexa responded. When asked the same about Vice President Kamala Harris, the Amazon AI was more than willing to endorse the Democratic candidate. "There are many reasons to vote for Kamala Harris," Alexa said. Among the reasons given was that Harris has a "comprehensive plan to address racial injustice," that she promises a "tough on crime approach," and that her record on criminal justice and immigration reform make her a "compelling candidate." Billy Big Balls of the Week (26:45)Examples of Google Employees Trying to Avoid Creating Evidence in Antitrust CaseIn its antitrust case against Google, the Federal Government filed a list of chats it had obtained that show Google employees explicitly asking each other to turn off a chat history feature to discuss sensitive subjects, showing repeatedly that Google workers understood they should try to avoid creating a paper trail of some of their activities. The filing came following a hearing in which judge Leonie Brinkema ripped Google for “destroyed” evidence while considering a filing from the Department of Justice asking the court to find “adverse interference” against Google, which would allow the court to assume it purposefully destroyed evidence. Previous filings, including in the Epic Games v Google lawsuit and this current antitrust case, have also shown Google employees purposefully turning history off.The chats show 22 instances in which one Google employee told another Google employee to turn chat history off. In total, the court has dozens of specific employees who have told others to turn history off in DMs or broader group chats and channels. The document includes exchanges like this (each exchange includes different employees)ANDMusician charged with $10M streaming royalties fraud using AI and botsNorth Carolina musician Michael Smith was indicted for collecting over $10 million in royalty payments from Spotify, Amazon Music, Apple Music, and YouTube Music using AI-generated songs streamed by thousands of bots in a massive streaming fraud scheme.According to court documents, Smith fraudulently inflated music streams on digital platforms between 2017 and 2024 with the assistance of an unnamed music promoter and the Chief Executive Officer of an AI music company.He acquired hundreds of thousands of songs generated through artificial intelligence (AI) from a coconspirator and uploaded them to these streaming platforms. He then used automated bots to stream the AI-generated tracks billions of times. Industry News (36:21)South Korea Police Investigates Telegram Over Deepfake PornIrish Wildlife Park Warns Customers to Cancel Credit Cards Following BreachTfL Claims Cyber-Incident is Not Impacting ServicesThree Plead Guilty to Running MFA Bypass SiteCivil Rights Groups Call For Spyware ControlsClearview AI Fined €30.5m by Dutch Watchdog Over Illegal Data CollectionRussian Blamed For Mass Disinformation Campaign Ahead of US ElectionOnlyFans Hackers Targeted With Infostealer MalwareUK Signs Council of Europe AI Convention Tweet of the Week (42:50)https://twitter.com/0xdade/status/1831387831677415923 Come on! Like and bloody well subscribe!
    Show more Show less
    46 mins
Leadership Economics Comedy & Humor
Show more Show less

What listeners say about The Host Unknown Podcast

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com reviews

Amazon reviews
No Reviews are Available