Mostly Security

Eric performs Digital Spring Cleaning and Jon mostly works outside. Open source groups are worried about other 'XZ Style' hacks, Roku announces a second security incident, LastPass employee is deepfaked, and LG TV vulnerabilities. Don't expose your TVs to the internet folks. For fun we have an amazing article about deep sea cable repair ships and a performance by Drum Tao. 0:00 - Intro 13:34 - "XZ Style" Hacks 14:46 - Roku Part Deux 17:21 - LastPass Deepfaked 20:31 - LG TV Vulns 26:50 - Cable Repair Ships 29:57 - Drum Tao

Eric pulls out the BBQ, taunting the Rain Gods. Jon checks on his bees and deserves a third wire. Hackers lure folks with AI promises from hijacked social accounts while a software supply chain narrowly avoids a big oopsie. Eric dips his toes in hydroponic herb gardening while Jon eyes smart contact lenses (and narrowly avoids an April Fools oopsie). 0:00 - Introduction 9:42 - Fake AI Ads 12:29 - The xz that could have been... 20:11 - Hydroponic Herbs 26:09 - Smart Contact Lenses

Eric gets back home from vacation and Jon (tries to) defy range anxiety in his new car. Google has a proposed settlement for their harvesting of incognito browsers and the big AT&T breach has 'encrypted' PINs but are easily reversed. The first Neuralink transplant recipient pulls an all nighter playing Civ6, and we (may) have a record number of bee colonies in the US. 0:00 - Intro 11:02 - (Not so) Incognito 14:52 - (Uselessly) Encrypted 23:47 - Civ6 on Neuralink 26:49 - Record Bees

Eric and Jon chat about vacations, Jon looks for whales in Washington while Eric searches for license plates in Utah. Eric finds 3 million hotel room doors can be opened while Jon finds a company playing boths sides. Eric discovers he's a Lightweaver while Jon is an Elsecaller who also likes a whale museums. [NOTE: Eric's travel mic was having issues - sorry for the audio!] 0:00 - Introduction 4:30 - Subpar Park Poster 5:46 - Dead Horse Point State Park 10:45 - 3 Million Hotel Doors 15:35 - Data Broker CEO as two sides 21:20 - Knights Radiant Order 23:57 - All 10 Orders Described 26:50 - Whale Museum

Pi day, wasps about, new 3d printer, Dune 2, and a bee update. Stroustrup objects to the characterization of (modern) C++ as unsafe (but are any projects in C++ fully modern??), Apex Legends tourney participants forced to cheat, swappers come for the eSIMs, and your connected car is probably selling your driving behavior data to insurance companies. For fun we have a sick tulip identification and eradication robot and the Voyager 1 was POKEd in early March and is returning its FDS memory for analysis. 0:00 - Intro 15:54 - Stroustrup Objects 18:55 - Apex Legends Tourney Hacked 23:03 - eSIM Swapping 28:28 - Your Driving Data Sold 35:21 - One Sick Tulip Picker 39:16 - Poking Voyager

Eric survives a birthday at Benihana, laments the inability to game the system and looks forward to building a new 3D Printer. Jon is giddily gearing up for bee season and educates Eric on Yellowjackets. Roku discovers what its user accounts are worth on the dark web and Jon needs to update his QNAP. Again. The British Library is under-appraised the consequences of a cyber attack. Learning to program a computer is similar to learning a spoken language and Jon shares plans on how to build a Langstroth Hive. 0:00 - Introduction 11:24 - Roku Data Breach 15:49 - QNAP 17:35 - British Library Cyberattack 28:07 - Study on Learning to Code 33:19 - Langstroth Hive Plans

Eric's 'things are breaking' woes continue and Jon has a nice trip to UW. Info stealers are targeting ChatGPT creds, beware cheap IOT devices (like that's new advice), and Anycubic's cloud MQTT service is hacked (or misconfigured). Bumblebees exhibit cumulative culture (!!), Eric says to watch Resident Alien, and Colossal scientists manage to induce pluripotent (asian elephant) stem cells in their quest to resurrect mammoths. 0:00 - Intro 17:04 - ChatGPT Creds On Sale 21:38 - Mass Market Insecurity 28:23 - Anycubic (Benign?) Hack 34:00 - Cumulative Bumblebee Culture 37:12 - Resident Alien 39:36 - To Raise A Mammoth

Eric has a phone again! AT&T: 1, Apple: 0... then discovers wind chimes are not awesome at 4am. Jon puts his woodworking skills to ancient use and starts housing chickens in the bathroom. Don't miss the private lander relaxing on the moon. The White House says "Use Memory Safe Programming Languages" (and there was much rejoicing). Jon does a Hugging Face-Palm and asks why can't we have nice things - Eric immediately blames JavaScript. Did you celebrate Leap Day? And finally Jon discovers the Eddington Limit needs a rethink. 0:00 - Introduction 12:12 - Relaxing on the moon... 14:27 - Rust for Everybody! 18:45 - Hugging Face-palm 23:59 - Happy Birthday, Leaplings! 26:35 - Big Bad Black Hole

Eric wardials and Jon fails to locate. Falling for scams is easier than you think and how threat actors are using LLMs. Oregon fails to adopt standard time, NASAs new moon landing, and snapshotting activity on the attosecond scale. 0:00 - Intro 12:48 - Eric Topic 18:26 - {color}{weather event} use of LLMs 29:47 - (Not) Standard Oregon Time 33:28 - Moon Landing 35:20 - Attosecond Fun

Sportsball weekend. Jon can't pause TV and he's annoyed. Eric still has negative opinions of JavaScript and adds cell towers to the list. Followup on political ad clones. Eric uses ChatGPT to find missing US States. Almost. LassPass is not a Dating App. Phishception is the word of the day. FTC says Fraud Losses top 10 Billion in 2023. For fun, Eric reminds you about XKCD and some random math facts about the number 323. Jon reads up on Lake Kivu's Potential Energy. 0:00 - Introduction 8:17 - AI Political Ads 10:42 - FCC Ruling 12:12 - Robocall Investigation 16:10 - LassPass in the AppStore 18:54 - Phishception 21:52 - Scammy Snapshot 26:19 - XKCD 29:09 - Lake Kivu's Explosive Energy

Eric Laser Tags and Jon's bees are (mostly) alive; arrests in a 400m crypto heist that may or may not have been from FTX, and the FBI cleans up old routers infected with a PRC botnet; a Chinese company announces new hyperloop speed record, and the winners of the Scrollprize demonstrate extracting text from papyrus charred by Vesuvius. 0:00 - Intro 10:01 - SIM Swap Heist Arrests 15:05 - PRC Botnet Disruption 22:47 - Hyperloop Speed Record 25:37 - Scrollprize Achieved

Eric has an eye for pain while Jon admires his bees and discovers upgrade issues with his TV. Google ads can send you to malicious software and Facebook has 2000+ companies send them your data. Doom runs everywhere, including bacteria while gene therapy treats hearing loss for kids. 0:00 - Introduction 9:06 - Google Ads are Risky 15:57 - All your data are belong to Facebook 19:51 - Running DOOM with E. Coli 24:19 - Treating Genetic Hearing Loss

The Oregon Thaw has happened and Eric and Jon can leave their houses. There was much rejoicing. Are or will AI Sleeper Agents be a thing, a President Biden Deepfake encouraging New Hampshire voters to stay home, and an extremely large data breach posted to Have I Been Pwned. For fun, the soon to be demise of the Leap Second, and a hidden city discovered in the Amazon thanks to lidar. 0:00 - Intro 10:20 - AI Sleeper Agents 16:44 - Don't Vote Deepfake 22:20 - Naz.API List 27:23 - Leap Seconds No More 30:59 - Ancient Amazon City

It is all about the Ice. Kids out of school, but no Snow Days for the WFH crowd - and Jon avoids walking out his front door. Serving a court summons via Bitcoin is now a thing and irritating Mandiant is generally not a good move. Eric shares fun facts about Ice and Jon talks Noble Gas Clusters. 0:00 - Introduction 13:26 - Here's some bitcoin: Oh, and You've Been Served! 19:42 - CLINKSINK Drainer 25:38 - Fun Facts about Ice 29:51 - Noble Gas Clusters

Eric struggles with plane and weather issues (thanks Alaska!), and Jon drives in the Snow. Researchers demonstrate Denial of Wrench, the SEC is hacked to promote Bitcoin ETFs so they join the party, and Ransomware in 2023. For fun we have the Peregrine lunar lander and the first (?) person to beat Tetris on the NES. 0:00 - Intro 12:54 - Hacking Connected Wrenches 18:47 - Schröedinger's ETFs 23:45 - Ban or No Ban 30:07 - Peregrine Woes 35:48 - Tetris Savant

Happy New Year! Adult Diapers, what? Eric jumps a car, Jon eats brisket and has a stinkin' dishwasher. Security Best Practices for Earth and Beyond with more Triangulation Details. Eric likes a space picture and Jon shares a handful of the Good Stories you missed in 2023. 0:00 - Introduction 12:31 - Security in Space 19:39 - Triangulation Continuation 28:22 - Double Bang 29:55 - 66 Good Stories

Jon has a relaxing Christmas while Eric faces More Water Issues. Also, tire size matters. The first two Lapsus$ teens are sentenced in the UK, Japan plans to crack down on app stores, Ukraine hacks back for Kyivstar, and SSH servers under attack. What is a Flow Battery and is it better than Lithium Ion, and the Juno space probe will pass close to Io Dec 30th. Happy New Year! 0:00 - Intro 16:02 - Two Lapsus$ Teens Sentenced 18:25 - Japan cracking down on App Stores 22:48 - Ukraine Hacks Rosvodokanal 26:08 - SSH Under Attack 29:11 - Go with the Flow (Battery) 35:28 - Io be close, Juno?

Eric recounts a 2500 mile roadtrip that includes a kidnapping while Jon enjoys concert week. Eric has a secret shoe shopping habit that has been compromized while Jon moots about a map mess. Garage chemists powered by ChatGPT and the world revolves around checks. 0:00 - Introduction 10:36 - VF Corp's 8-K 18:40 - Google Maps History 24:53 - Chemists use ChatGPT 29:40 - Checks!

Eric and Jon depart in two directions on road trips, Vans, Zoo Lights, and Bee Hives. Binance will be scoured for {evil,taxes}, Beeper Blues, and Push Notification spying by governments. A fun bonanza with We Are Bob, Humane, and Cassiopeia A in stereo(-ish). 0:00 - Intro 11:23 - Binance Scouring 18:07 - Beeper Woes 24:34 - Push Notifications Spying 30:10 - Bobiverse 32:00 - Humane 35:02 - Creative Selection 36:00 - Cassiopeia A Two Ways

Eric gets a new toy and installs a license plate holder thanks to Amazon - and no thanks to Amazon subscriptions. Jon gets his new router table set up and finds a photo frustration. Eric uses an (invalid) excuse to be annoyed with JavaScript while Jon checks in on iOS zero-days and Citrix bugs. The Internation Space Station turns 25, Charlie Munger passes on and we'll see you at CosMc's! (Maybe... or maybe not...) 0:00 - Introduction 15:24 - Fuzzy Hashing 20:27 - iOS Zero Days 22:22 - Citrix Bleed 25:46 - ISS Turns 25! 26:46 - Charlie Munger 28:49 - CosMc's