We question the security of our technology and react to a few stories about scammers, hackers and even a case of a personal friend's identity theft. Stay digitally safe out there everyone.
✍🏻 View the transcript for this episode
We question the security of our technology and react to a few stories about scammers, hackers and even a case of a personal friend's identity theft. Stay digitally safe out there everyone.
Social media
Toast & Roast:
Georgie:
Geoff:
Geoff 0:09
And welcome back to another episode of Toast & Roast, I’m your co host, Geoff. Oh, no, I should have done your one, I should have like, “Hey, what’s up everybody? It’s it’s another episode of Toast & Roast pod”. And I’m here with Georgie. How’s it going Georgie?
Georgie 0:28
I’m good. You said you had a scam story to share.
Geoff 0:34
Oh, yeah, yeah. So I got a call today and—
Georgie 0:38
Alright gotta get the popcorn.
Geoff 0:39
I picked it up, haha. Yeah, picked it up and they’re like, “Hello”. I’m like “yes, hello”. By the way, a tip for, a tip for everybody. Anybody who picks up—
Georgie 0:49
Don’t say hello.
Geoff 0:50
Don’t say your name. Yeah, never pick up your phone and say “hello, this is x speaking”. I used to do it because it’s very polite. But these days, they will just echo your name back as if they know who you are. So. Don’t do that.
Georgie 1:03
And they’ll use your name to like, kind of unlock shit. Like—
Geoff 1:08
Yeah.
Georgie 1:08
It’s a security risk.
Geoff 1:11
So they’re like, “hello“, I’m like, “Hello”. And they said, “I am calling from Telstra. Because we have noticed a lot of errors in your internet causing, like causing internet issues. And these are connections from around the world”. And I said—usually I don’t have time for this, but it’s Saturday, Saturday afternoon, why not, all right. I’ll buy it. I don’t... So I responded with, I don’t, I don’t have Telstra internet. They’re like, it doesn’t matter what internet, you’re, provider you’re using. All internet goes through the “mother internet”.
Georgie 1:56
(laughs)
Geoff 1:58
Ooh. The “mother internet”. (laughs) I’m like, who talks like this? Who wrote this script? The “mother internet”. So they said, so they explain, you know, it goes through everything goes through this mother internet, Telstra. I’m like, okay. I just pause and they’re just like, “so the reason I’m calling is to help you fix this”. So I’m like, okay. And they said, they said, they asked me when was the last time I checked my internet speed. And I said last night?
Georgie 2:40
Is this true?
Geoff 2:41
They responded—
Georgie 2:42
Did you?
Geoff 2:42
Yeah yeah, I did check last night. Because I have actually had some internet issues lately. So the last couple of days. I think it was even last—no, no, last, on on Thursday. My internet was just not working. I had like really, really slow internet. I could barely message. But I found out, I restarted my modem and I restarted my router and wired it back to normal. And I’m like, okay, everything’s fine. Today, I had a little bit of a glitch as well. My YouTube wasn’t playing properly, but that’s fine now too. Anyways, so I said last night, they said, okay, what speeds are you getting? I said, Oh, 80 up and 80 down. And they put the phone down on me immediately. So I’m guessing my internet was too fast. Like oh, there’s nothing wrong with their internet. Shit, abort, abort, abort! Not, your internet’s too good. For this scam to work. I’m not even sure what the end game was. Fake internet speeds?
Georgie 3:50
The mother internet though.
Geoff 3:50
Yeah.
Georgie 3:51
The mother internet. I’m gonna I’m gonna ponder this one for...
Geoff 3:56
The mother internet. Do not do not fear the mother internet, for it is there, always watching looking out for you, because we are its children. The Cult of the Mother Internet. Can I go get motherinternet.com?
Georgie 4:14
Can you check, yeah, while you check if that’s available, I’ll share I’ll share a similar experience I had but a really long time ago, I got called by somebody and they were trying to get me to... I think they’re trying to get me to open something on my computer. And they were telling me about problems, and problems that they could detect on my computer. I’m like, sure. Tell me more about these problems. I can’t remember the details. But then they started saying you need to upgrade to the to the latest, like version, of Windows, whatever it was, Windows XP or something. I’m like, yeah, that’s It’s great but I have a have an Apple Macintosh and then they hung up on me. (laughs)
Geoff 5:07
Oh... see they’re not as smart as the last ones that tried to scam me, they were like, doesn’t matter, your, your Windows or Mac, we, we got, we got you, we can we can definitely scam you. So motherinternet.com is taken but it’s being squatted on so you have to go pay for it.
Georgie 5:27
That’s annoying.
Geoff 5:28
But you can get motherinter dot net.
Georgie 5:32
Oh, domain hacks. You know, you know actually speaking at domain hacks I really want, wanted, I don’t really care anymore. G-E-O-R-G dot I-E. And so dot I-E—
Geoff 5:45
That’s cool.
Georgie 5:46
...is for Ireland. But you have to be a citizen of Ireland and I don’t know anybody who could do me the favours and who I’d trust with a domain name. So unfortunately that never happened. But they would have been a very clever one. But then you know, we could go down the rabbit hole of, is this good for SEO because it’s technically like the domain name is G-E-O-R, like Georg, you know, like.
Geoff 6:13
Yeah, Georg. You can get mother internet dot com dot A-U though. That’s important. The Australian mother internet.
Georgie 6:21
Is it important though?
Geoff 6:22
...to complete this plan. Because it’s a scam for Australian Internet, apparently. Actually another. So when our friends had their identity stolen.
Georgie 6:35
Oh no. Okay, I do want to hear about this. Because I’ve never I’ve never known anybody who’s...
Geoff 6:40
Yeah, it’s kind of crazy. Um, so I think someone stole like a card of some sort out of the, out of the trash or something of theirs.
Georgie 6:50
Yeah. This is why, by the way, this sidebar, this is why you should destroy any documents that have your name and your address on them because people can steal your information.
Geoff 7:00
Yeah. Either hi—like, I mean, like for for regular people who don’t have paper shredders, you could possibly, you know, put half your shredded half your torn up documents in one bag—
Georgie 7:14
Yeah, that’s exactly what I do.
Geoff 7:15
A couple of days later, throw it in the next bag. In any case, so they had their identity stolen, I was like, wow, this is really interesting. Like you, never heard of anyone had their identity stolen. But it is a pain in the ass. Like they need, they need like documents from you that span three to five years. And not only your documents, they need a person close to you. Their documents from the past three years. So what happened was that this person who took their identity went and signed up to a Telstra Mobile phone plan that includes a phone, took the phone and didn’t pay for the plan. So Telstra obviously trying to chase up the plan chases up my friend and says, you haven’t paid this, you haven’t paid this bill in a while. And they don’t have a Telstra plan. So, so I don’t know how I came up with like, came to exactly figuring out that their identity was stolen. But I think they went to the police and just made a report saying like, I don’t have this mob—I didn’t sign up for this mobile plane. And they’re chasing money from me. Anyway, so the police require you to prove who you are. So they’re like, three to five years worth of statements, bank statements, rental, like applications, all that kind of stuff. And because I’m on the n—I’m on those rental application documents I—
Georgie 8:59
You’re the friend.
Geoff 9:01
And yeah, and I think they need someone that’s known you for like X amount of years to then verify that that person is who they say they are, and to verify they are who they say they are. I have to verify that I’m who I say I am. Like this whole circle, circular process. And it takes, took like three to six months and you know the outcome? The outcome was that Telstra blacklisted my friend from ever having another Telstra plan.
Georgie 9:39
Really?
Geoff 9:40
Like wait, wait, you had your identity stolen and they’re punishing you. But they didn’t have to obviously didn’t have to pay for the plan in the end.
Georgie 9:50
What kind of resolution is that?
Geoff 9:55
Yeah, I don’t know. Telstra is Telstra weird.
Georgie 9:59
So they just cancelled that that phone or that plan, that that whole thing because—
Geoff 10:04
They were just like oh, wasn’t you? Then I guess we’ll cancel that and you’re never allowed to, to to apply with us ever again.
Georgie 10:13
That’s just shitty. That’s just shitty.
Geoff 10:15
Yeah. It is really shitty. I don’t even know that they need Telstra. Some people can’t have any other today but Telstra because they’re so far away.
Georgie 10:24
Yeah, that’s, that’s ass. Luckily I’ve never been in that situation.
Geoff 10:30
Have you not been blacklisted from anything?
Georgie 10:32
Haha. I don’t think I have. I laughed, I laughed with extreme doubt just then for some reason. But oh no. We already talked about that time I got banned from Neopets, or my Account got frozen—
Geoff 10:48
Yeah I got banned from the—
Georgie 10:49
Your and your Habbo Hotel.
Geoff 10:50
Wait, what? Yeah my Habbo Hotel banning. Wait, you got banned with a bank account being frozen?
Georgie 10:56
No, no, no, I um, I had my new Neopets account frozen.
Geoff 11:01
Oh.
Georgie 11:02
Yeah.
Geoff 11:05
Wait, why? I can’t remember.
Georgie 11:06
I think I had another account where I was also trying to get all the free shit. Like the Giant Omelette, the, what is it called the tiki shrine thing or whatever?
Geoff 11:16
You tried to trick them.
Georgie 11:18
Hey?
Geoff 11:19
There’s, um, you tried to trick them?
Georgie 11:21
Not really. I was just trying to get more stuff and then.
Geoff 11:24
Allegedly.
Georgie 11:24
Transfer it to my primary account, which—
Geoff 11:27
That’s exactly what you’re not supposed to do.
Georgie 11:29
Yeah, I know, I took, I took the risk. And then, you know, I was upset for all of like, maybe 10 minutes. And then I was like, Well, I’m not getting it back. So. Fuck it.
Geoff 11:40
There’s, there’s a game called Genshin Impact.
Georgie 11:43
I think, you’ve talked about this. I think you said there was some huge thing.
Geoff 11:46
I think I have too. Yeah, it’s like a gatcha, but not a gatcha game. In any case, there’s there’s a mechanism right when they first launched, you got, I think, ten free, like rolls. Which is basically, if anyone’s never heard of it, in games, you can sometimes get loot boxes, which are random items. And in order to get those boxes, you need to pay some money. And you can get packs of, I don’t know, one all the way to, I don’t know, 100 loot boxes for X amount of money. So in this game, it’s all about rolling the dice and seeing if you’re able to get one of the good characters. And the whole point of this game is to have some characters to fight throughout the world. So when you first start, you get five, ten, free rolls. You can get someone really good or you can get some really mediocre ones. Maybe you don’t get characters, you just get a sword. You’re like, I can’t do anything with the sword, not a character. So what they did was, they, to stop people from just like signing up to a new account and re-rolling for the characters until they got someone good... They they literally tracked, like the IPs on the devices that you rolled on. And you sign up for an account the same IP and then they catch you, they like ban you. Is pretty insane. So you could very well like lose your account. If you had rolled like a good character, and you could lose it just on day one of trying to try to do this trick.
Georgie 13:27
Oh no, you just lose your entire like, yeah, yeah.
Geoff 13:33
You can’t trade the characters. Yeah, they just didn’t want anyone to be like gaming the system in any way, shape or form. So yeah, I was a bit concerned because I started on... I think I started playing on PC and then I switched to PlayStation.
Georgie 13:49
Yeah.
Geoff 13:49
And I was like, oh, no. Are they gonna think I’m trying to cheat?
Georgie 13:53
Oh, because you’re on another device that you’re playing on? Yeah.
Geoff 13:57
Same IP! But thankfully, they didn’t do anything about it. I think it only if you like if they saw a massive spike of accounts from like one IP address. They’re like, five people probably aren’t playing... ten, a thousand people are probably not playing in that one house.
Georgie 14:13
Yeah. Yeah. That reminds me recently, there was a website that that I was on, because they had some kind of, like a shopping site. They had some Easter egg hunt. And you had to find these eggs hidden around the website. And then you’d click on them. And if you found one and clicked on it, and it said it was still available—it was like an item—so that the page was like an item in the store. You just have to find the page by finding the hidden egg and clicking on it. And then you could add that to your cart and along with some other items and then you would only pay $1 for like, the whole cart.
Geoff 15:05
Oh yeah, yeah.
Georgie 15:06
And so the slightly annoying thing is that they promoted this on Instagram, before they sent out an email from the, to the people on the mailing list. And—
Geoff 15:22
That’s rude.
Georgie 15:22
Yeah, so by the time I—so I wasn’t, because I don’t look at Instagram all day, like come on. By the time they sent it out to the mailing list, and I received the email, literally all of the, they had five of these hidden easter eggs, literally all of them were gone. So they, the prizes were taken. And the way I found out was like, I went to, I went to Instagram, and they posted to the Instagram story, 20 minutes before the time stamp on the email, and they said, oh, they’re all gone now, like, well, that was fucking stupid. But that wasn’t my main point. My main point is that as soon as I got the email, because I just happened to be on my computer, I was like, oh, I’ll have a go. I don’t really care. But like, let’s try and find these fucking easter eggs. And then I went to like, immediately I thought, let’s go to the footer of the website and look at their “about us” and all of those pages and see if there’s a fuckin egg there, I just thought that might be easier to find than if they hid it on some product page. So I found one, and I clicked on it. And the thing is, because I said it’s a, it’s a product in the store, like an item in the store, once you click on the egg, I looked at the URL and said egg number five. And so what do you think I did? I fucking updated it. I went egg number four, egg number three. Number two, egg number one.
Geoff 15:23
Hahaha such a hack.
Georgie 15:31
But the prizes were all gone by then. But I was like, I wonder who else like, didn’t look for the eggs, or found one and snatched up one of the others just by changing the URL. But I also wondered if they would check the legitimacy of people having found the eggs, like backtracking—
Geoff 17:07
Look, let’s be real. Let’s be real. If someone made this, and they put it in the URL for like, the egg number in the URL, and they gave the eggs URLs, let’s be real, they are not tracking the legitimacy of clicking the eggs. Because, like security wise, for people who don’t know, don’t put this type of identifying code into a URL because like Georgie, figure it out. Change it up, game the system. Find out who you are, steal your identity, buy more shit.
Georgie 17:54
Yeah.
Geoff 17:54
With your credit cards. But that’s crazy. That’s I mean, that just reminds you of you know, the, the countdown timers for stock like, like there’s five left. Yeah. Or there’s like 20 minutes left to like, buy this deal, one left, and crap like that. Didn’t you say that you dug into the code to figure out these?
Georgie 18:20
I didn’t, I didn’t do it. But um, because I was on booking.com recently, because we were looking for, we’re looking for accommodation for an upcoming holiday. It reminded me of and I couldn’t find it. But someone did a really great Twitter thread, at least maybe a couple of years ago saying, I saw like two rooms left or whatever—it might not have been booking.com might have been a similar site—but they saw “two rooms left”, and they’re like, I really want to know, like if this is legit, and I think they were suspicious because they opened it like the next day or in another in other tab. And it just didn’t add up. Like the numbers changed in a really weird way. And then they did. They did. They dug into the code. Kudos to this person who did it. If someone does know this story and knows the tweet, please share it with us. They went to the Network tab, I think, and looked into the JavaScript, I think they were able to identify the like the area like the the element that this number was on. And they went and dug to the net, Network tab and looked for the JavaScript and looked for a piece of JavaScript that meant that was kind of controlling this this element and putting the number there, and I think it has some weird math stuff. But it was like completely arbitrary. It was like the number just came out of like thin air basically.
Geoff 20:00
Yeah, it’s yeah, you can probably tell like if you went into I guess, the original page like load and you can figure out if over the network what it gave the page. And if it gave the page like 10 rooms, like the network call can’t actually lie, I think.
Georgie 20:23
Yeah.
Geoff 20:24
So if you had a look at what, how many rooms the page loaded, and then and then you can see that something else has changed the number. That’s it, but it’s such a, this is such dark kind of dark UX as you call it.
Georgie 20:39
Yeah.
Geoff 20:41
Yeah. When websites I dunno, flip the positive and negative actions like, oh, do you want to accept these cookies? And then like, “accept” is in big red button and “reject” is in like, small, small white texts? It’s kind of like, really, you want to promote rejection of the of the cookies? I think?
Georgie 21:07
I don’t know. I thought—
Geoff 21:10
Well, the websites want to promote accepting them.
Georgie 21:13
Well, I think that, I thought the one you were gonna say was when they make the “No thanks”, as if you feel like a fucking douche bag? Because it’s like, no, I don’t want a good deal. It, what’s it called. There’s a word that there was a term for it. I can’t remember it was quite funny.
Geoff 21:31
Yeah, I can’t. I can’t actually—there’s definitely yes scenarios, where they just flip the positive and the negatives around. And it just messes with you. Because you automatically like go for the brightest thing or the most coloured in thing over the negative one. And then you can just accidentally, like do the opposite action that you wanted. But you know, enough about our jobs.
Georgie 21:59
Have you heard this, there’s this—when you were talking about the identity theft thing—it reminded me of this guy named Mat, Mat Honan. And how he got really hacked back in like, I have this article here. Oh, yeah. Oh, yeah. From around 2012.
Geoff 22:23
Do I know it? Mat Honan?
Georgie 22:24
How do I share the screen?
Geoff 22:26
I only remember the one where this guy lost his phone. And, and he just, he he didn’t unsync? Well, he synced his iCloud to of course, he syncs his iCloud with this new phone. And then every, every couple of days, he would just get pictures of like this Asian guy with his with his oranges, or his mandarin, in the background. And just like, like years, like of just receiving pictures of the selfie of this guy, and the guy, so the person who owned the phone posted on Reddit, and he said, oh, like, I’m getting these random photos. And then like it got so viral, that... you can probably just Google it, just “iPhone oranges guy”. And it got so viral that someone in a response said, that’s my uncle. That’s his trees. And they found the family. They found the family that owns the bloody oranges. And they ended up inviting him out to the to the country and... guy drinking oranges? There okay. This one. Yeah, “I followed my stolen iPhone across the world became a celebrity in China and found a friend for life”.
Georgie 23:48
Wow.
Geoff 23:48
Yeah.
Georgie 23:51
Okay.
Geoff 23:52
2014. Yeah. So there’s, it’s like, it’s so trippy is though he went across the world got invited and then he became a town hero for some reason.
Georgie 24:05
It says he... OK, he was at a bar. “Someone swiped his phone off the table. I applaud the person who took my phone. I bet you he stole 20 phones that night. It’s the perfect place to steal phones. Bravo, genius”. He calls the phone, it goes straight to voicemail. He’s like, okay, it’s it’s gone the phone’s gone. Accepted it’s gone. About a year later, sitting on the couch with some friends going through some photo stream. He sees a ton of pictures he didn’t take. Most of them are about twenty selfies of some dude in orange tree. Hilarious and scary, freaks out. Come up with a bunch of theories, feels like his phone is possessed. So for a month, this orange.
Geoff 24:46
Possessed. I would totally think that.
Georgie 24:50
“Hundreds of pictures of fireworks. Little hands, assume like a children’s hand. A terrifying picture of a crouching person through a really dirty window”, okay? He says “I don’t really do anything about these photos until I talk to a friend of mine. And he scares the shit out of me. He asked if I lost a phone recently. Well, I didn’t recently but over a year ago”, he says it’s in China and that’s where most stolen iPhones end up. So this man has to log in to his iCloud, he goes to the Apple store, his old—
Geoff 25:21
Yeah, just unwittingly purchase the phone that was stolen.
Georgie 25:26
Okay, he makes a post online. And then he gets tweets from people in China, who have translated the story, put it on Weibo.
Geoff 25:35
“My friends and I making an effort to try and find orange tree guy.” (laughs)
Georgie 25:40
People say he’s famous in China. Now they’re talking to him, hours later they find the orange tree guy and then he goes and joins Weibo where the story’s being shared, gets over 1000 followers. He talks to this orange dude.
Geoff 25:56
He’s like, that’s my uncle, takes a photo of him across the dining table.
Georgie 26:02
Wow.
Geoff 26:03
Hilarious.
Georgie 26:04
So...
Geoff 26:05
“Brother orange and I exchange messages for weeks.”
Georgie 26:08
He advised me to visit him the Chinese internet’s watching, sets a date. He has some fun on Weibo... He starts teaching people—this is so wholesome. This is really wholesome.
Geoff 26:19
Yeah. “We and bro Orange keep talking to each other on Weibo, we exchanged messages daily. We now have actual fans that want us to fall in love together”. Yeah, he goes to China and he basically goes through some of the town’s cultural rituals. I think there was like a mud bath and everything so he took a mud bath with the guy. “I love your videos. This is funny”. Yeah, pretty wholesome.
Georgie 26:56
Dude, how long is this? I hope this, this, is this including comments? This is a very long article.
Geoff 27:03
You and your blog comments, man. No one leaves comments on blogs anymore, Georgie.
Georgie 27:08
Oh, yeah, I don’t even... don’t even get me started. Wow.
Geoff 27:13
You’re gonna change your website soon, right?
Georgie 27:14
What was that?
Geoff 27:16
You gotta change your website soon right?
Georgie 27:18
To do what? Oh, you want to build me a fucking thing without? I think you I think he rose to the challenge of like, trying to build something for me, that wasn’t on WordPress, for me to move off WordPress, then you gave up and then I was also like, I don’t know if I really want to move 20,000 comments.
Geoff 27:40
Yeah, you said you just didn’t want to comment... You wanted a comment system. And I couldn’t. I was like, I’m not going to build you a comment system. And I left it.
Georgie 27:47
But then at the same time, no one really leaves comments on my blogs anymore. Or blog posts anymore. Yeah, it’s all changed.
Geoff 27:53
Just have a Like button.
Georgie 27:55
Yeah.
Geoff 27:56
Look at that, mudbath. Wow, this is a really long article.
Georgie 27:59
I think he’s just documenting his whole time. So he’s had the time of his life.
Geoff 28:03
Yes.
Georgie 28:03
With this guy. It’s funny that he’s name is Mat—
Geoff 28:05
I’ve had the time of my life!
Georgie 28:08
And I’ve never felt this way before!
Geoff 28:13
See, they have to fall in love.
Georgie 28:15
I guess so. Aw, he’s using a selfie stick. So it’s funny this guy’s name’s Matt. Because there was this guy with the... so this guy, Mat with one T.
Geoff 28:26
Yeah.
Georgie 28:26
The title of this article is “How Apple and Amazon security flaws led to my epic hacking”. Yeah. And the tagline is, “In the space of one hour, my entire digital life was destroyed. First, my Google account was taken over, then deleted”.
Geoff 28:40
So before we go into it—
Georgie 28:41
Yes.
Geoff 28:43
I, back when this was released, I use this as like a big example to my family like anyone can get. And they don’t even have to have a reason. They could just want to. So, so yeah, there’s very little information that this guy had on him. And they just went to town.
Georgie 29:02
Yeah, they weren’t targeting him specifically. They didn’t even know like, I guess how prominent he was online.
Geoff 29:09
Yeah, they didn’t even know he existed.
Georgie 29:10
They just wanted some stuff, right? I can’t even remember. Because this is from 2012. This is 20... 2010, sorry.
Geoff 29:17
They wanted his Twitter handle.
Georgie 29:19
Yeah, that’s true. Okay, let’s let’s have a little dive in. Okay. Okay, his account, he says his accounts were daisy chained together, “Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter. Had I used two factor authentication for my Google account, it’s possible that none of this would have happened because their ultimate goal was always to take over my Twitter account and wreak havoc, lols”. so I can’t even remember the detail. This is the first time reading this in a while.
Geoff 29:57
I think I vaguely remember, they took the last, teah, they took the last four digits of a credit card, which, which the, which then they were able to quote back to support Apple support or Amazon support to get the get the rest of the numbers, they logged into his iCloud account. And that just wiped everything.
Georgie 30:20
And unfortunately for him, this was like, you know, a lot of family photos and things that he had like, had sentimental value for him. And they didn’t care because they didn’t know him or anything. They just wanted to, yeah.
Geoff 30:31
No. All they really wanted was a username and password. I think in order to get the password to his Twitter account, they needed his email and then access to his email. So they just did all they could to get access to his email. And, and then, of course, you want to wipe your trace, I guess. I can’t remember why they just destroyed his laptop, I guess maybe it’s protocol for them for them. You know, just like if you if you take someone’s email, you just gotta wipe everything. And it’s really interesting because the, I think that one of the hackers, or the hacker part of the hacker group that was maybe doing something else, he reached out and, and told and told the story of how of how they managed to get all the way into his into his email and his Amazon accounts and just wiped everything just based on the last four digits of digits of his credit card number, which is insane. And no one no one has the patience to read something like this.
Georgie 31:35
I mean, it was a good story at the time. Yeah, no, but you’re right. Yes. 10 years after 2012 Everyone doesn’t want.
Geoff 31:41
2012!
Georgie 31:42
“Too long, didn’t read.”
Geoff 31:47
Yeah, here we go for 4:33pm According to Apple tech support record, someone called Apple Care claiming to be me. Apple says the caller reported that he couldn’t get into his me.com email, which of course is, my me dot com email. In response, Apple issued a temporary password despite the cause inability to answer the security questions I had set up. So I think it’s also yeah, just a matter of unfortunate happenstance. “4:50pm a password reset confirmation arrived in my inbox, I don’t really use my me.com email, rarely check it, but even if I did, I might not have noticed the message because the hackers immediately sent it to the trash”. Oh, that’s why they needed access to his Apple account and probably had to wipe everything, because, I mean, that’s, they were using the me.com email. A Gmail password email arrived in my me.com via mailbox. Two minutes later, another email arrived notifying me that Google account password change and my god, that’s scary. “5:02pm they reset my Twitter password, at five o’clock they use my iCloud’s Find My tool and remotely wiped my iPhone. 5:01 They remotely wipe the iPad five of five they remotely wipe my MacBook”—Jesus, if I couldn’t log into one device after the other, one minute after the, oh god.
Georgie 33:12
Yeah, so anyway, like when he gets in touch with one of them, he says he said “the hack was simply a grab for my three character twitter handle, that’s all they wanted. They just wanted to take it, and fuck shit up, and watch it burn. It wasn’t personal”.
Geoff 33:28
Yeah, it’s like one of the group just got overly happy like clicking all, clicking the buttons to wipe everything. But generally the, I think only one president in the group one of the Twitter name and needed some help.
Georgie 33:44
Yeah.
Geoff 33:46
Geez, “able to prevent me from regaining access and crazily in ways they I didn’t have. I didn’t I don’t I never will understand those deletions were just collateral damage. My MacBook data included irreplaceable pictures of my family and my child’s first year, relatives passed from this life weren’t the target. Nor were the eight years of messages my Gmail account. Target was my Twitter. MacBook data was torched simply to prevent me from getting back in”. Yeah, there you go.
Georgie 34:12
Yeah.
Geoff 34:12
You kind of had to torch things. I think Apple makes it that way right? You need them either need to torch it so that no one can like, so that yeah, you could stop people from regaining access... what’s the security part with that? Yeah, I feel like, I feel like it’s all it’s always all or nothing. But I can’t think of a scenario where I would I would need to reset some of this stuff and have it partially still working so I guess it makes sense. Man, but I think they he got access to his stuff again. Anyways, stay safe out there everybody.
Georgie 35:01
What is the takeaway?
Geoff 35:01
After this I was way more aware. 2FA everything.
Georgie 35:06
Yeah.
Geoff 35:09
Make sure you use a... I think I got a password manager like day after that, reading that. I was like man, password manager. Before anyone says, you know, a password manager is a single point of failure, but it’s 2FA, and you know what, if anyone’s hacked a password manager, I’m sure you would be... you would hear about it, and they would be out of business. You’d hope. You don’t use a password manager?
Georgie 35:39
No, I, I didn’t for a while. It’s just one of those dumb things, right? Because I think I think the way—our attitude towards security has changed over time. Like I remember when... I’m trying to remember like, the whole, right, like the writing down password thing.
Geoff 35:58
Oh, yeah.
Georgie 36:00
And then, like, don’t use the same password for different things and...
Geoff 36:04
Appending numbers...
Georgie 36:06
Yeah, and then like, don’t use, I don’t know, but it just made me go, okay. So then why would I want to put all of this into a password manager? Where there’s only, like, you need one password to open it? And then what if you’re, like, fucking screwed? I don’t know.
Geoff 36:20
Yeah, it kind of doesn’t make sense. It kind of makes sense, it kind of doesn’t make sense. Like, yeah, if someone figured out that one password that you use for 1password—not sponsored—then they will be able to get in. But at the same time, they need to crack your 2FA which is difficult. And not every website that you have a password for has 2FA so this is technically more secure. Either way—
Georgie 36:52
Well, you know what it is? I don’t I don’t trust automation.
Geoff 36:56
Yeah, that’s it. You’re just afraid of the robots?
Georgie 36:59
I am, yeah, I don’t know. I just I’m very old hat when it comes to this. And so using a password manager was very like, to me, it was like, in the line of automation. Like, and people will laugh at me for this, but like, you know, Find and Replace?
Geoff 37:15
Yeah.
Georgie 37:16
I don’t trust the computer, Find Replace, I will fucking do it myself. I’ll highlight every fucking instance and paste over it.
Geoff 37:22
Woah, what.
Georgie 37:22
And it’s so but then it’s like fun. I mean, I don’t feel strongly about this opinion. I’m about to say but you know, fundamentally, robots are programmed by what, humans, right? And then human error is just so like, rife? I? It’s—
Geoff 37:35
Yeah.
Georgie 37:36
I don’t know. It’s, and I’m not saying like, some robot is going to do surgery on me anytime soon. Because obviously, that, that is still being researched, and looked into. But I just feel very weird about letting something do something. Like on the, digitally, on the internet. I don’t know.
Geoff 37:56
I, I have hesitation about having robots in places where human empathy is required. You know, like, you’re having a problem. Oh, so I went to the Apple store because my AirPods were having problems again. I can’t remember if I told AirPods story but yeah.
Georgie 38:17
I don’t think so.
Geoff 38:19
Yeah, the third set of headphones. And the person like checked everything. And he was like, everything’s cool. But I actually also had a problem with my Apple wallet. The wax on the side was like melting. And it’s like, cooled in a really weird way. And it was sticky. So I was like, is there like, warranty? How does warranty work for something like an Apple wallet? And they said, I’ll go check. They came back and said my colleagues said that it’s just cosmetic and we don’t have to replace it. So it’s up to me to whether or not I should give you a replacement.
Georgie 38:54
You did kind of go through this. Yeah.
Geoff 38:57
Yeah, so the good good guy, good guy, Apple employee said, Yeah, I’ll just replace it for you. Robots don’t do things like that. And that’s, like, things that you might like empathy for. Customer service is something that robots are probably not going to be coded to do. You know, the robot needs a percentage of times it can give a discount. Or it’s like a human, human’s just like, I’m gonna help help a person out, “here have a discount”, you know? Yeah, and so like you gotta JB Hi Fi and you can ask any employee to cut their cut their bonus of selling this thing to you because they’re all based on, commission base.
Georgie 39:48
Yeah.
Geoff 39:49
It’s not a secret but JB Hi Fi, all the all the all the sales are commission based. So there is the MSRP. Then there’s the amount the amount that JB Hi Fi sell it for. And the difference is actually—and a percentage of that difference is given to the person who sold it to you. So they can actually choose to reduce the price and this, and thus reduce their commission. A robot won’t ever give you a reduction in the commission, because they’re arguably going to be engineered to make sure that JB Hi Fi makes the most profit. And they’re not going to give you a discount.
Georgie 40:30
This does remind me of someone complaining about some Apple product on like the Apple forums, and I think they said, I just went there a different day, and I got like, a different employee. And it was like, a better experience. Like, they feel like it depended on the staff member. And I feel like this is something that people have brought up before about consumer products like this, and sometimes you just have a really good experience because of the staff member. This reminds me, you know, my my Apple Watch, carked it, like, I don’t know, a year and a bit ago.
Geoff 41:10
Yeah.
Georgie 41:11
The guy I got was just like, maybe it’s just because I was in a bad mood—Nick reckons I was in a bad mood. But the guy wasn’t very empathetic. And I was, I was, I was kind of upset because, you know, he just didn’t seem to know. Like, he wasn’t friendly. I was expecting someone definitely because I’ve had friendly service at the fucking Genius bar. And when I said oh, like it, he said, you just have to send it in. It’s like, fucked, basically. And I was like, “Can I get like a replacement for until it’s fixed?” And he’s like, “Nah”. I’m like, okay, So anyway, I go back outside because Nick was somewhere else. I think he was parking the car because it was an absolute travesty to park in this in the shopping centre. And he brought trackpads, we had the, the trackpad, we had one each of the Apple Magic Trackpadd or whatever. And both of them were acting up and like not connecting properly, I think they didn’t have haptic feedback. So we go and line up again. And just by luck, we get the same fucking guy.
Geoff 42:11
Oh no.
Georgie 42:11
And I had I had told Nick, yeah, that guy wasn’t very nice or whatever. But anyway, for some reason, because Nick was there or some shit. Or like, maybe the guy’s mood just uplifted in like five minutes. He was nice. And he was like, oh, yeah, the the haptic feedback’s broken. I’ll give you I’ll give you a new one. You both have a new one for free. Right? And Nick was like, “What was, what’s wrong with that guy?” And I’m like, “He just wasn’t friendly”. And he was like, Nick was like, “I thought he was alright”, I’m like, I don’t know, man. I don’t know.
Geoff 42:44
Yeah, I mean, like, AirPods are perfectly fine. Even though I think a couple of programs, the microphone doesn’t work. So it’s kind of like one of those scenarios where you think something’s broken, and you go in and they like, and then it’s not broken. You know? Maybe that’s the dude. You know, you go in you think he’s broken, but you come back later, he’s perfectly fine.
Georgie 43:07
The guy, the guy in itself is like, a malfunctioning robot.
Geoff 43:12
Yeah. You know what else is malfunctioning? The end of this podcast.
Georgie 43:18
It’s time.
Geoff 43:18
It’s time. Thanks, everyone for listening to us rant. You can follow us on @toastroastpod on Twitter and Instagram.
Georgie 43:33
Sounds like you’re malfunctioning.
Geoff 43:35
I am malfunctioning.
Georgie 43:35
You can listen to us on... so am I. Apple Podcasts, Spotify, and the big and the big I’ll be back. I would do the voice but... can you do the voice?
Geoff 43:50
I’ll be back. Like—
Georgie 43:52
No that’s, that’s that’s the wrong accent. As in, the accent, but not accent from that movie.
Geoff 43:58
I will be back.
Georgie 44:00
I’ll be back.
Geoff 44:02
I’ll be back. I don’t know. I haven’t actually watched the movie.
Georgie 44:09
Wait what?
Geoff 44:09
New episodes every Monday.
Georgie 44:12
We will be back. Bye.
Geoff 44:13
Yeah. We’ll be back. See you next week.
Georgie 44:16
Bye.
Geoff 44:17
Bye.