1 00:00:00,280 --> 00:00:02,960 Speaker 1: Brought to you by the reinvented two thousand twelve Camray. 2 00:00:03,160 --> 00:00:08,880 Speaker 1: It's ready. Are you get in touch with technology? With 3 00:00:08,960 --> 00:00:17,520 Speaker 1: tech Stuff from how stuff works dot com. Hello everyone, 4 00:00:17,560 --> 00:00:20,360 Speaker 1: and welcome to tech Stuff. My name is Chris Poulette, 5 00:00:20,360 --> 00:00:22,680 Speaker 1: and I'm an editor at how stuff works dot com. 6 00:00:22,680 --> 00:00:25,840 Speaker 1: Sitting across from me as usual as senior writer Jonathan Strickland. 7 00:00:25,920 --> 00:00:29,480 Speaker 1: Hey there, all right, then, so we're going to talk 8 00:00:29,480 --> 00:00:35,840 Speaker 1: about the latest except it's not malware to make headlines 9 00:00:35,920 --> 00:00:39,080 Speaker 1: all over the world and and and cause international incidents 10 00:00:39,080 --> 00:00:41,440 Speaker 1: and all of that. As of the recording of this podcast. Anyway, 11 00:00:41,720 --> 00:00:43,479 Speaker 1: by the time this podcast goes live, there may be 12 00:00:43,680 --> 00:00:48,040 Speaker 1: even worse news. It's it's funny because we were talking 13 00:00:48,080 --> 00:00:50,720 Speaker 1: about what we wanted to call this and and uh 14 00:00:51,120 --> 00:00:53,880 Speaker 1: we we thought of all of our flame metaphors and 15 00:00:54,000 --> 00:00:57,200 Speaker 1: jokes and puns and puns um and I was going 16 00:00:57,240 --> 00:00:59,920 Speaker 1: to make the joke about it being our old flame 17 00:01:00,000 --> 00:01:02,760 Speaker 1: even like except it's new. Except it, as it turns out, 18 00:01:02,800 --> 00:01:06,440 Speaker 1: it's not this. This malware has been making headlines over 19 00:01:06,440 --> 00:01:09,360 Speaker 1: the past few weeks as of the date of recording 20 00:01:09,400 --> 00:01:13,160 Speaker 1: on June one and two thousand twelve. But as it 21 00:01:13,160 --> 00:01:19,400 Speaker 1: turns out um this brand new, latest um Um malware. 22 00:01:19,440 --> 00:01:21,000 Speaker 1: I was going to call it a virus, but let's 23 00:01:21,000 --> 00:01:25,080 Speaker 1: just call it malware. UM isn't new at all, and 24 00:01:25,120 --> 00:01:26,959 Speaker 1: that's one of the fascinating things about it. But there 25 00:01:27,000 --> 00:01:31,679 Speaker 1: are many fascinating things. Yeah. The the component file name, 26 00:01:31,760 --> 00:01:36,240 Speaker 1: the main part the foundation of this malware made date 27 00:01:36,280 --> 00:01:39,800 Speaker 1: back as early as two thousand seven, possibly even earlier. 28 00:01:40,200 --> 00:01:43,279 Speaker 1: And one of the reasons why this is a really 29 00:01:43,319 --> 00:01:46,920 Speaker 1: fascinating uh, well, there's so many reasons why this is 30 00:01:46,959 --> 00:01:50,080 Speaker 1: fascinating malware. One is that it was able to escape 31 00:01:50,200 --> 00:01:54,680 Speaker 1: attention for so long. Yes, because you're talking about a 32 00:01:54,760 --> 00:01:57,760 Speaker 1: file that is capable of doing lots and lots of 33 00:01:57,760 --> 00:02:00,880 Speaker 1: stuff depending upon what you add to it, which is 34 00:02:00,960 --> 00:02:04,040 Speaker 1: brings us to fascinating thing number two. It's a modular 35 00:02:04,200 --> 00:02:08,720 Speaker 1: kind of malware. Now, in general, when someone creates some malware, 36 00:02:09,200 --> 00:02:13,440 Speaker 1: there is there tends to be a specific goal in 37 00:02:13,560 --> 00:02:16,680 Speaker 1: mind of the person who's designing it. Right, They're thinking, 38 00:02:17,080 --> 00:02:19,640 Speaker 1: I want to design this malware because what it'll do 39 00:02:19,680 --> 00:02:23,360 Speaker 1: is it allow me to get backdoor access to another 40 00:02:23,400 --> 00:02:26,640 Speaker 1: person's computer, and I'll be able to get administrative control 41 00:02:26,639 --> 00:02:28,640 Speaker 1: over that machine, and then I can create a button 42 00:02:28,639 --> 00:02:31,400 Speaker 1: net that that would be one example. Or I want 43 00:02:31,480 --> 00:02:33,919 Speaker 1: to record key strokes so that I can get user 44 00:02:34,000 --> 00:02:37,639 Speaker 1: names and passwords for people's accounts and maybe commit identity 45 00:02:37,680 --> 00:02:39,720 Speaker 1: theft right, Or I want to create a piece of 46 00:02:39,760 --> 00:02:43,640 Speaker 1: code that will propagate itself across a network, which you know, 47 00:02:43,720 --> 00:02:46,359 Speaker 1: on its own is just one thing like so you 48 00:02:46,440 --> 00:02:49,600 Speaker 1: might want to add more to it. And and historically 49 00:02:49,800 --> 00:02:53,519 Speaker 1: hackers and malware programmers have been doing that. They've been 50 00:02:53,639 --> 00:02:58,200 Speaker 1: creating malware that either complements some other piece of code 51 00:02:58,680 --> 00:03:01,520 Speaker 1: or it acts as the first step to another piece 52 00:03:01,560 --> 00:03:07,440 Speaker 1: of code that can, in combination create whatever the effect 53 00:03:07,560 --> 00:03:10,079 Speaker 1: is that the hacker wants. So there might be one 54 00:03:10,120 --> 00:03:12,720 Speaker 1: part of the code that is designed to help get 55 00:03:12,880 --> 00:03:16,920 Speaker 1: access to a network, or perhaps it's designed to UH 56 00:03:17,000 --> 00:03:19,120 Speaker 1: to copy itself once it gets on a network. It 57 00:03:19,200 --> 00:03:22,920 Speaker 1: might even be to copy itself multiple times on the 58 00:03:22,960 --> 00:03:25,800 Speaker 1: same machine in order to fill up that machine's memory 59 00:03:25,919 --> 00:03:29,560 Speaker 1: and and hard drive space so that you brick the machine. 60 00:03:30,200 --> 00:03:33,120 Speaker 1: It all depends on what the goal is for the hacker, UH, 61 00:03:33,160 --> 00:03:35,160 Speaker 1: and then there might be some other component that does 62 00:03:35,200 --> 00:03:37,480 Speaker 1: something else on top of it. Well. What makes flames 63 00:03:37,480 --> 00:03:40,280 Speaker 1: so interesting is that it takes this concept to a 64 00:03:40,320 --> 00:03:45,640 Speaker 1: new level. It's a modular kind of malware, meaning that 65 00:03:46,320 --> 00:03:49,560 Speaker 1: the basis of Flame is so that you can infect 66 00:03:49,560 --> 00:03:54,160 Speaker 1: a machine and then you can send a modular tweak 67 00:03:54,320 --> 00:03:58,040 Speaker 1: to that malware that's now living on the victims machine 68 00:03:58,640 --> 00:04:02,600 Speaker 1: and give its specific abilities. So think of it in 69 00:04:02,640 --> 00:04:06,200 Speaker 1: a way as kind of a very very much scaled 70 00:04:06,480 --> 00:04:11,960 Speaker 1: down operating system. Kind of it's a platform. Yeah, So 71 00:04:12,000 --> 00:04:14,360 Speaker 1: it's not not a full operating system in the traditional sense. 72 00:04:14,400 --> 00:04:17,960 Speaker 1: It's not like it's uh, taking over your operating system 73 00:04:18,040 --> 00:04:21,720 Speaker 1: and and interacting with your computer's hardware. It's just sort 74 00:04:21,720 --> 00:04:25,360 Speaker 1: of on a on a high level, the same basic concept. 75 00:04:25,440 --> 00:04:29,599 Speaker 1: It's acting as a platform that other applications can operate 76 00:04:29,760 --> 00:04:33,440 Speaker 1: on top of and affect how your computer behaves. And 77 00:04:33,440 --> 00:04:36,720 Speaker 1: it all depends on which modules you send to the 78 00:04:36,800 --> 00:04:40,479 Speaker 1: Flame foundation that will allow it to do whatever it 79 00:04:40,520 --> 00:04:44,200 Speaker 1: is he wanted to do. Right right. Um. When we 80 00:04:44,279 --> 00:04:47,720 Speaker 1: talked about hackers before on the show, we've we've discussed 81 00:04:48,640 --> 00:04:52,320 Speaker 1: people who are known as script kitties, and that that's 82 00:04:52,760 --> 00:04:56,839 Speaker 1: what they sort of, uh that it's sort of a 83 00:04:56,880 --> 00:05:02,280 Speaker 1: derogatory term for people who are very very basic, um 84 00:05:02,279 --> 00:05:06,159 Speaker 1: hackers who you are intent on causing mischief and the 85 00:05:06,160 --> 00:05:09,520 Speaker 1: reason they're called that is not UM. Well, the reason 86 00:05:09,520 --> 00:05:11,120 Speaker 1: I want to talk about why they're called that is 87 00:05:11,120 --> 00:05:14,520 Speaker 1: because in order to create malware, it doesn't take a 88 00:05:14,560 --> 00:05:17,400 Speaker 1: whole lot of code. To do this. UM you could 89 00:05:17,400 --> 00:05:20,200 Speaker 1: basically say write a script that says, look, I want 90 00:05:20,240 --> 00:05:22,520 Speaker 1: you to erase you know, I want you to copy 91 00:05:22,560 --> 00:05:26,039 Speaker 1: all the the addresses in the address book, email a 92 00:05:26,120 --> 00:05:29,400 Speaker 1: copy of this script to everybody in the address book, 93 00:05:29,440 --> 00:05:32,400 Speaker 1: and then wipe the hard drive clean. Ha ha. It 94 00:05:32,480 --> 00:05:35,840 Speaker 1: really doesn't have to be that complex. And and one 95 00:05:35,920 --> 00:05:39,520 Speaker 1: of the things that uh uh is also interesting about 96 00:05:39,600 --> 00:05:43,279 Speaker 1: flame is that, as Jonathan said, it's modular, but it 97 00:05:43,360 --> 00:05:47,200 Speaker 1: takes up twenty megabytes of space now and and our 98 00:05:47,360 --> 00:05:49,960 Speaker 1: terms today, that's not a particularly large file. A lot 99 00:05:50,000 --> 00:05:52,440 Speaker 1: of people have broadband, it's not an an issue to 100 00:05:52,480 --> 00:05:54,880 Speaker 1: download a twenty megabyte file. But you really don't need 101 00:05:55,160 --> 00:05:59,599 Speaker 1: that much code to have a basic virus or trojan. UM. 102 00:05:59,720 --> 00:06:03,479 Speaker 1: This is extensively written code. It's very sophisticated code to 103 00:06:03,520 --> 00:06:07,559 Speaker 1: allow additional modules to operate on the main system. And 104 00:06:07,760 --> 00:06:13,120 Speaker 1: that's why organizations that have been affected by it believe 105 00:06:13,240 --> 00:06:16,840 Speaker 1: that it might be state sponsored. We we should point 106 00:06:16,880 --> 00:06:19,000 Speaker 1: out to that this is not something that you're likely 107 00:06:19,040 --> 00:06:22,479 Speaker 1: to get on your PC. This is aimed at very 108 00:06:22,640 --> 00:06:27,320 Speaker 1: high level government run systems. Apparently, Yeah, if you're a 109 00:06:27,400 --> 00:06:32,000 Speaker 1: high level government official, then maybe your PC would be 110 00:06:32,120 --> 00:06:35,480 Speaker 1: at risk if you're and to be more specific, if 111 00:06:35,480 --> 00:06:38,839 Speaker 1: you're a high level government official in a country in 112 00:06:38,920 --> 00:06:42,920 Speaker 1: the Middle East, because that tends to be the possibly Hungary, 113 00:06:43,320 --> 00:06:45,839 Speaker 1: because those that those tend to be the countries that 114 00:06:45,960 --> 00:06:50,960 Speaker 1: have been targeted. Specifically, Iran and Israel have had the 115 00:06:51,040 --> 00:06:55,359 Speaker 1: largest number of infected computers, but there are other countries 116 00:06:55,400 --> 00:06:57,800 Speaker 1: that also seem to have it, or at least those 117 00:06:57,839 --> 00:07:02,000 Speaker 1: are the the countries that have computers running this software. 118 00:07:03,440 --> 00:07:05,120 Speaker 1: I'm sorry, go ahead, go ahead, I was gonna say. 119 00:07:05,120 --> 00:07:09,640 Speaker 1: Also the West Bank, Palestinian West Bank and uh Lebanon 120 00:07:10,120 --> 00:07:13,720 Speaker 1: are are known to be places, and then oddly enough 121 00:07:13,760 --> 00:07:17,400 Speaker 1: in Hungary, although I you know that's I was about 122 00:07:17,440 --> 00:07:20,840 Speaker 1: to go into a Renaissance festival speak. I've managed to 123 00:07:20,840 --> 00:07:23,120 Speaker 1: avoid it this entire season, and I almost said, I 124 00:07:23,160 --> 00:07:30,840 Speaker 1: know not why that is so? Austria, Russia, Hong Kong. Yeah, Now, 125 00:07:30,920 --> 00:07:36,080 Speaker 1: some of these may be unintentional targets, right, they may 126 00:07:36,080 --> 00:07:39,880 Speaker 1: not be the targeted computers because you would The conclusion 127 00:07:39,920 --> 00:07:42,960 Speaker 1: we draw is whichever countries seem to have the highest 128 00:07:43,040 --> 00:07:47,000 Speaker 1: rates of infection are more likely to be the targeted countries. 129 00:07:47,040 --> 00:07:49,520 Speaker 1: Of course, we can't know that for sure. It may 130 00:07:49,560 --> 00:07:51,920 Speaker 1: be based upon just the behaviors of the people who 131 00:07:51,960 --> 00:07:55,800 Speaker 1: work within that that that country, but it's a it's 132 00:07:55,840 --> 00:07:57,920 Speaker 1: a fair indicator. Now, let's talk a little bit about 133 00:07:58,640 --> 00:08:02,040 Speaker 1: what this malware can actually do and then why someone 134 00:08:02,160 --> 00:08:05,680 Speaker 1: might use it to target those particular countries. Well, some 135 00:08:05,720 --> 00:08:10,000 Speaker 1: people feel that it's a relative of stocks net or 136 00:08:10,160 --> 00:08:13,920 Speaker 1: or Dooku, both of which have been known to circulate 137 00:08:13,960 --> 00:08:16,960 Speaker 1: in the same part of the world. Um stucks net 138 00:08:17,040 --> 00:08:24,200 Speaker 1: was aimed apparently at power plants and other structure stuff. 139 00:08:24,240 --> 00:08:27,120 Speaker 1: I think it's safe to say stocks net was specifically 140 00:08:27,120 --> 00:08:33,000 Speaker 1: engineered to target Iranian nuclear power facilities. That that's the way. 141 00:08:33,120 --> 00:08:36,040 Speaker 1: That's that's the way it's presented. Yet because I didn't 142 00:08:36,040 --> 00:08:37,920 Speaker 1: write it, so I don't know. One of the functions 143 00:08:37,960 --> 00:08:42,000 Speaker 1: of stocks net was to change the the rate of 144 00:08:43,080 --> 00:08:47,679 Speaker 1: revolutions per per minute for centrifuges, and the whole idea 145 00:08:47,800 --> 00:08:50,480 Speaker 1: was that by changing that, that speed at which the 146 00:08:50,480 --> 00:08:54,800 Speaker 1: centrifugure turns within a nuclear power facility you could cause 147 00:08:54,960 --> 00:08:58,920 Speaker 1: a failure of that part of the facility, thus effectively 148 00:08:59,320 --> 00:09:02,719 Speaker 1: shutting it down out um. Presumably if you could get 149 00:09:02,760 --> 00:09:07,600 Speaker 1: it to spin uh erratically enough, you could cause more 150 00:09:07,679 --> 00:09:11,160 Speaker 1: of a catastrophic failure than just you know, slowing down 151 00:09:11,160 --> 00:09:15,080 Speaker 1: the program. But that appears to be what stucks net 152 00:09:15,160 --> 00:09:17,839 Speaker 1: was all about. Now now we still don't have official 153 00:09:18,040 --> 00:09:20,720 Speaker 1: news of who was behind it, although of course there 154 00:09:20,720 --> 00:09:23,000 Speaker 1: are a lot of um, there are a lot of 155 00:09:23,080 --> 00:09:27,280 Speaker 1: likely candidates. But but along those lines, Flame is a 156 00:09:27,320 --> 00:09:30,559 Speaker 1: little different. Stucks Now, of course, was was looking at, 157 00:09:31,320 --> 00:09:36,960 Speaker 1: at least from what we understand, physically, sabotaging a power facility. 158 00:09:37,400 --> 00:09:43,760 Speaker 1: Flame looks like it's more about spying upon various targets. 159 00:09:43,960 --> 00:09:47,760 Speaker 1: That's that's true. Um it is uh. It is also written, 160 00:09:48,400 --> 00:09:52,400 Speaker 1: like those other two pieces of malware, using a h 161 00:09:52,480 --> 00:09:56,160 Speaker 1: scripting language called Lua. I haven't ever heard that pronounced 162 00:09:56,280 --> 00:09:58,560 Speaker 1: l u a, which is often used actually for in 163 00:09:58,600 --> 00:10:02,640 Speaker 1: the gaming industry. Yeah, and Lua is an obscure enough 164 00:10:02,800 --> 00:10:07,360 Speaker 1: language that it might actually be. One of the reasons 165 00:10:07,440 --> 00:10:11,000 Speaker 1: why the hackers may have chosen Lua as one of 166 00:10:11,040 --> 00:10:14,400 Speaker 1: the languages they worked in is because it was obscure 167 00:10:14,520 --> 00:10:19,319 Speaker 1: enough to not raise red flags immediately. It wouldn't look 168 00:10:19,480 --> 00:10:23,079 Speaker 1: like other kinds of malware just at first glance, and 169 00:10:23,160 --> 00:10:26,760 Speaker 1: so that might be a reason why the hackers chose it, 170 00:10:26,840 --> 00:10:28,600 Speaker 1: or may just be that the hackers were really really 171 00:10:28,600 --> 00:10:30,760 Speaker 1: familiar with that particular language and it could do what 172 00:10:30,800 --> 00:10:33,960 Speaker 1: they needed it to do. But Uh, a lot of 173 00:10:33,960 --> 00:10:37,320 Speaker 1: the analysis I've read suggests that perhaps the reason for 174 00:10:37,360 --> 00:10:43,600 Speaker 1: picking it was because it was less recognizable. But it does. 175 00:10:43,760 --> 00:10:48,080 Speaker 1: Flame does record system information about the systems that it's on. 176 00:10:48,280 --> 00:10:51,480 Speaker 1: Boy howdy does it. It's it's kind of an uh 177 00:10:51,760 --> 00:10:54,480 Speaker 1: catch all when and again a lot of this depends 178 00:10:54,480 --> 00:10:58,080 Speaker 1: on what modules are installed on top of Flame. You know, 179 00:10:58,160 --> 00:11:00,760 Speaker 1: think about think about Flame in a way like uh, 180 00:11:01,320 --> 00:11:04,960 Speaker 1: you would and operating system like iOS, and that you know, 181 00:11:05,000 --> 00:11:07,840 Speaker 1: iOS can do lots of stuff, but it can do 182 00:11:07,920 --> 00:11:10,400 Speaker 1: more stuff when you add apps to it. The apps 183 00:11:10,440 --> 00:11:14,720 Speaker 1: give you very specific features. It's the basically the way 184 00:11:14,760 --> 00:11:18,880 Speaker 1: that computers work exactly. So so, uh, Chris and I 185 00:11:18,960 --> 00:11:21,840 Speaker 1: both happen to have an Android phone, different Android phones, 186 00:11:22,200 --> 00:11:25,320 Speaker 1: and that I would wager that many of the apps 187 00:11:25,360 --> 00:11:27,520 Speaker 1: that Chris has I do not have, and vice versa, 188 00:11:27,559 --> 00:11:29,160 Speaker 1: and there are a few that we might have in common. 189 00:11:29,600 --> 00:11:32,079 Speaker 1: And that that's because Chris wants this phone to do 190 00:11:32,600 --> 00:11:35,160 Speaker 1: a certain set of things, and I want my phone 191 00:11:35,160 --> 00:11:37,000 Speaker 1: to do a certain set of things. Hackers are the 192 00:11:37,040 --> 00:11:40,760 Speaker 1: same way. They may want their their malware to do 193 00:11:41,040 --> 00:11:44,760 Speaker 1: certain things in certain situations, and they don't necessarily need everything. 194 00:11:44,840 --> 00:11:47,079 Speaker 1: It doesn't have to be a kitchen sink approach. So 195 00:11:47,120 --> 00:11:49,320 Speaker 1: that's kind of the idea behind Flame. So some of 196 00:11:49,320 --> 00:11:53,360 Speaker 1: the things that can do as far as cyber espionage go. Uh. 197 00:11:53,400 --> 00:11:58,160 Speaker 1: It can do keyboard activities, So a key logger function, 198 00:11:58,240 --> 00:12:00,880 Speaker 1: like Chris was talking about earlier, This is what tracks 199 00:12:01,240 --> 00:12:04,120 Speaker 1: what keys are being pressed. Usually you use this so 200 00:12:04,160 --> 00:12:07,240 Speaker 1: that you can find out things like passwords and that 201 00:12:07,320 --> 00:12:11,800 Speaker 1: sort of stuff. It can monitor network traffic, so we 202 00:12:11,840 --> 00:12:15,280 Speaker 1: can actually see what computers the infect the computer is 203 00:12:15,600 --> 00:12:19,080 Speaker 1: communicating with and possibly even sniff out those that data. 204 00:12:19,640 --> 00:12:22,960 Speaker 1: It can take screenshots, so the person on the other 205 00:12:23,080 --> 00:12:26,520 Speaker 1: end of this uh, this connection can get a look 206 00:12:26,559 --> 00:12:30,280 Speaker 1: at what the user is is looking at whenever they're 207 00:12:30,520 --> 00:12:34,240 Speaker 1: using the computer. Also very important if that particular computer 208 00:12:34,360 --> 00:12:39,600 Speaker 1: is used in a high security environment. It can even 209 00:12:39,679 --> 00:12:44,800 Speaker 1: record audio. It can use a computer's microphone and record audio. 210 00:12:44,880 --> 00:12:48,040 Speaker 1: So just imagine it's like bugging a a an office, 211 00:12:48,080 --> 00:12:49,720 Speaker 1: except you don't have to put a bug in there, 212 00:12:50,360 --> 00:12:52,480 Speaker 1: which is amazing how you think about it. There are 213 00:12:52,920 --> 00:12:55,080 Speaker 1: you know, there are offices that are in such high 214 00:12:55,080 --> 00:13:00,199 Speaker 1: security areas that there are frequent bug sweeps where the 215 00:13:00,720 --> 00:13:04,080 Speaker 1: company or government agency will have someone come through and 216 00:13:04,200 --> 00:13:07,560 Speaker 1: search for any electronic bugs that might have been planted 217 00:13:07,559 --> 00:13:10,480 Speaker 1: there in order to record conversations. Well, this gets around 218 00:13:10,520 --> 00:13:14,880 Speaker 1: that it turns the person's own computer into that recording instrument. 219 00:13:15,600 --> 00:13:20,000 Speaker 1: It can even do things like a record Skype conversations. 220 00:13:20,559 --> 00:13:24,120 Speaker 1: And the one I saw that I thought was particularly 221 00:13:24,200 --> 00:13:29,000 Speaker 1: clever was there's apparently a module that will allow if 222 00:13:29,360 --> 00:13:36,160 Speaker 1: the computer has Bluetooth capability, it will become a beacon, 223 00:13:36,320 --> 00:13:39,520 Speaker 1: a Bluetooth beacon, and we'll try to connect with Bluetooth 224 00:13:39,559 --> 00:13:43,960 Speaker 1: devices that are within range and download information from them. Interesting, 225 00:13:44,000 --> 00:13:46,880 Speaker 1: So if you have a smartphone, you're a government official, 226 00:13:46,880 --> 00:13:49,280 Speaker 1: and you've got a smartphone, you've got Bluetooth enabled so 227 00:13:49,320 --> 00:13:52,920 Speaker 1: that you can use your cyborg earpiece that everyone tends 228 00:13:52,960 --> 00:13:56,520 Speaker 1: to use, then that your computer might try to do 229 00:13:56,559 --> 00:14:00,760 Speaker 1: a Bluetooth handshake with your device and pull information from 230 00:14:00,760 --> 00:14:04,079 Speaker 1: your device into the computer so it can send it 231 00:14:04,120 --> 00:14:08,920 Speaker 1: off to the hacker so it's all about gathering information. 232 00:14:09,200 --> 00:14:16,400 Speaker 1: There's also been some some uh suggestions that perhaps this 233 00:14:16,480 --> 00:14:20,040 Speaker 1: is related as well to another kind of malware. In fact, 234 00:14:20,080 --> 00:14:22,000 Speaker 1: that malware may just be a module on top of 235 00:14:22,040 --> 00:14:26,480 Speaker 1: Flame called Wiper, which does exactly what you would think 236 00:14:26,480 --> 00:14:29,600 Speaker 1: it does. It wipes data from a device. So it 237 00:14:29,640 --> 00:14:32,800 Speaker 1: may also not just be about data collection, but also 238 00:14:33,760 --> 00:14:36,960 Speaker 1: destroying data. And in fact, it does look like there's 239 00:14:37,000 --> 00:14:41,320 Speaker 1: been some some data loss, uh, particularly in Iran that 240 00:14:41,520 --> 00:14:46,000 Speaker 1: may be due to this particular malware. UM. It is 241 00:14:46,040 --> 00:14:48,080 Speaker 1: important to note too that this is not the only 242 00:14:48,120 --> 00:14:52,640 Speaker 1: piece of modular mountainware out there. UM. It is just 243 00:14:53,400 --> 00:14:57,600 Speaker 1: it is especially unusual in the size of this malware 244 00:14:57,640 --> 00:15:04,120 Speaker 1: sophification and sophistication. UM. But yeah, it uh this is 245 00:15:04,360 --> 00:15:08,520 Speaker 1: sort of an indication that, uh, the game might be 246 00:15:08,600 --> 00:15:14,920 Speaker 1: afoot if you will, basically exactly what what what what's 247 00:15:14,920 --> 00:15:17,400 Speaker 1: going on is And I think this is part of 248 00:15:17,400 --> 00:15:20,360 Speaker 1: the reason that people are so if you if you 249 00:15:20,400 --> 00:15:24,880 Speaker 1: follow the tech press or the tech media, let's say, um, 250 00:15:25,000 --> 00:15:27,240 Speaker 1: you've probably seen a lot about this in the past 251 00:15:27,240 --> 00:15:30,920 Speaker 1: few weeks. And I think the reason for that is 252 00:15:31,000 --> 00:15:33,640 Speaker 1: because it's captured our imagination and it's it's made us 253 00:15:33,680 --> 00:15:40,040 Speaker 1: all realize that, uh, electronic espionage is here. People are 254 00:15:40,120 --> 00:15:42,760 Speaker 1: using it, and it's and it's not uh, it's not 255 00:15:42,840 --> 00:15:46,560 Speaker 1: the exception anymore. I have the feeling that uh, and 256 00:15:46,880 --> 00:15:50,000 Speaker 1: basically I am certainly not the only one from my 257 00:15:50,000 --> 00:15:54,840 Speaker 1: my reading that uh, people seem to feel that this 258 00:15:54,920 --> 00:15:58,520 Speaker 1: is state sponsored espionage and that this kind of thing 259 00:15:58,560 --> 00:16:01,560 Speaker 1: is going to become more and more more common as 260 00:16:02,080 --> 00:16:04,440 Speaker 1: the years go on, because this is the way the 261 00:16:04,480 --> 00:16:09,720 Speaker 1: world does business um, and I mean all kinds of business. Um. Personally, 262 00:16:09,760 --> 00:16:13,600 Speaker 1: I think the reason that it's designed to capture webcam 263 00:16:13,800 --> 00:16:17,480 Speaker 1: stuff is so that they can postum videos on YouTube 264 00:16:17,640 --> 00:16:22,040 Speaker 1: of high level officials dancing to Lady Gaga, videos in 265 00:16:22,080 --> 00:16:24,360 Speaker 1: their closed offices that they've had swept for bugs so 266 00:16:24,360 --> 00:16:28,920 Speaker 1: that they won't get caught doing it. That's ridiculous. That's 267 00:16:28,960 --> 00:16:34,320 Speaker 1: Taylor Swift videos. But now the the the other thing 268 00:16:34,360 --> 00:16:36,800 Speaker 1: about this is that I think it's interesting if you 269 00:16:36,840 --> 00:16:39,320 Speaker 1: think that this this malware may have been around since 270 00:16:39,800 --> 00:16:44,120 Speaker 1: two thousand seven, it shows that hackers were of the 271 00:16:44,200 --> 00:16:49,160 Speaker 1: same mindset as Steve Jobs because they saw that apps 272 00:16:49,200 --> 00:16:52,800 Speaker 1: were the next big thing. No really, seriously, when you 273 00:16:52,840 --> 00:16:54,520 Speaker 1: think about it, it it is kind of amazing because they 274 00:16:54,520 --> 00:16:58,400 Speaker 1: were thinking, well, let's make this a very flexible, adaptable 275 00:16:58,480 --> 00:17:01,560 Speaker 1: malware system so that we can use it in multiple 276 00:17:02,000 --> 00:17:05,480 Speaker 1: uh use cases and we don't have to again, we 277 00:17:05,520 --> 00:17:09,359 Speaker 1: don't have to send the whole thing to everyone. Um 278 00:17:09,400 --> 00:17:12,440 Speaker 1: it did you know? Just like other malware, it attempts 279 00:17:12,440 --> 00:17:14,679 Speaker 1: to cover its tracks as much as possible, so that 280 00:17:14,720 --> 00:17:17,920 Speaker 1: way you know that it can stay on an infected 281 00:17:17,960 --> 00:17:20,439 Speaker 1: computer as long as possible. And it's very good at 282 00:17:20,440 --> 00:17:23,359 Speaker 1: it if it's been around for years um and just 283 00:17:23,480 --> 00:17:27,639 Speaker 1: now we're talking about it. Uh. And also it's it 284 00:17:27,800 --> 00:17:32,280 Speaker 1: spreads kind of in a way similar to other types 285 00:17:32,320 --> 00:17:34,159 Speaker 1: of malware. You might think, well, how does how do 286 00:17:34,240 --> 00:17:38,399 Speaker 1: they get How is that initial entry into a system? 287 00:17:38,440 --> 00:17:40,600 Speaker 1: How is that accomplished? Well, there are a couple of 288 00:17:40,640 --> 00:17:44,480 Speaker 1: different ways you could do it. Um. There's some suggestion 289 00:17:44,520 --> 00:17:48,720 Speaker 1: that perhaps it was a spear fishing attempt, which is 290 00:17:48,760 --> 00:17:52,240 Speaker 1: where you have a specific target in mind and you know, 291 00:17:53,080 --> 00:17:55,199 Speaker 1: you know, you have enough information about that target to 292 00:17:55,200 --> 00:17:57,639 Speaker 1: be able to create an email that could tempt that 293 00:17:57,720 --> 00:18:03,600 Speaker 1: target into executing a file that they probably shouldn't have done. Right. 294 00:18:03,680 --> 00:18:08,760 Speaker 1: Phishing is uh with a pH is a social engineering 295 00:18:09,080 --> 00:18:12,960 Speaker 1: tool to gather information you've probably just about everybody I'm 296 00:18:13,000 --> 00:18:16,040 Speaker 1: sure who is listening to this has had a phishing 297 00:18:16,040 --> 00:18:19,240 Speaker 1: email show up in their spam box where it says, hey, 298 00:18:19,480 --> 00:18:24,080 Speaker 1: you've uh, your bank account has been compromised and we 299 00:18:24,160 --> 00:18:28,159 Speaker 1: need you to send us your information. Um, and you go, 300 00:18:28,880 --> 00:18:30,720 Speaker 1: you know, I haven't. I don't have an account at 301 00:18:30,720 --> 00:18:32,560 Speaker 1: this bank and I've never had an account at this bank. 302 00:18:32,560 --> 00:18:36,680 Speaker 1: I always chuckle at those because I think, nice try, um, 303 00:18:36,720 --> 00:18:38,840 Speaker 1: but that that but that isn't what what fishing is 304 00:18:38,880 --> 00:18:40,959 Speaker 1: known for. If you if you were to click on 305 00:18:41,000 --> 00:18:45,280 Speaker 1: that link and go further and um enter your private 306 00:18:45,320 --> 00:18:47,399 Speaker 1: information in there, they would be able to use that 307 00:18:47,440 --> 00:18:53,400 Speaker 1: in identity theft um operation. But spear fishing is specifically 308 00:18:53,440 --> 00:18:57,479 Speaker 1: targeted um as Jonathan said to a certain person. So 309 00:18:57,520 --> 00:19:00,560 Speaker 1: it is especially effective because it says, hey, Jonathan in Strickland, 310 00:19:00,640 --> 00:19:03,720 Speaker 1: we know that you have an account here. Uh and uh, 311 00:19:03,840 --> 00:19:05,800 Speaker 1: this is a problem with your account. You need to 312 00:19:05,880 --> 00:19:09,960 Speaker 1: enter your information stuff. There's been some unusual activity on 313 00:19:09,960 --> 00:19:14,520 Speaker 1: your account. Which is even better because the unusual activity 314 00:19:15,080 --> 00:19:18,280 Speaker 1: comes true. Yeah, because you go and you check your 315 00:19:18,320 --> 00:19:20,280 Speaker 1: account and the next thing you know, you have actually 316 00:19:20,320 --> 00:19:22,680 Speaker 1: given over the information to the people who will generate 317 00:19:22,720 --> 00:19:27,119 Speaker 1: the unusual activity on your account. Don't ever follow those links. Yeah, no, no, 318 00:19:27,200 --> 00:19:30,240 Speaker 1: it's better to it's better to go to those those 319 00:19:30,280 --> 00:19:34,680 Speaker 1: sites directly through your your browser. Uh, as long as 320 00:19:34,720 --> 00:19:39,639 Speaker 1: you don't have um the DNS changer now where on 321 00:19:39,800 --> 00:19:42,919 Speaker 1: your computer, which leads you to the wrong browser anyway 322 00:19:42,920 --> 00:19:46,600 Speaker 1: around wrong site rather anyway. So anyway, getting back to this, 323 00:19:47,680 --> 00:19:52,400 Speaker 1: spear fishing is a very very possible way that this 324 00:19:52,560 --> 00:19:55,160 Speaker 1: initially got out into the wild. However, it can also 325 00:19:55,200 --> 00:19:59,000 Speaker 1: be spread through USB thumbsticks, which means getting physical access 326 00:19:59,040 --> 00:20:02,159 Speaker 1: to someone's computer. Not always the easiest method, no, but 327 00:20:02,280 --> 00:20:04,840 Speaker 1: that's that's exactly what they did with stucks Neat apparently, 328 00:20:05,480 --> 00:20:09,800 Speaker 1: was they snuck it into nuclear power facilities on a 329 00:20:09,960 --> 00:20:13,639 Speaker 1: USB flash drive, which you know it's not necessarily the 330 00:20:13,680 --> 00:20:15,639 Speaker 1: easiest way, but it is. I mean, I guess it 331 00:20:15,680 --> 00:20:19,080 Speaker 1: all depends on your target, because you could either do 332 00:20:19,119 --> 00:20:22,840 Speaker 1: it yourself where you are. You know, you pose as 333 00:20:22,880 --> 00:20:26,160 Speaker 1: say a technician saying I have to install this new 334 00:20:26,200 --> 00:20:30,200 Speaker 1: software onto your computer so that we can maintain security, 335 00:20:30,520 --> 00:20:34,320 Speaker 1: perhaps your Klaus Hergersheimer checking radiation shields, or you could 336 00:20:34,520 --> 00:20:38,600 Speaker 1: uh actually mail thumbstick to a person and say here 337 00:20:38,680 --> 00:20:42,400 Speaker 1: is the file you wanted and have them install it themselves. 338 00:20:42,480 --> 00:20:45,600 Speaker 1: Sometimes it's that easy. Yeah, sometimes it sometimes that that works. 339 00:20:45,640 --> 00:20:48,360 Speaker 1: I mean, because you know, people don't necessarily think, oh, 340 00:20:48,400 --> 00:20:51,920 Speaker 1: there could be something bad on this thumb drive. By 341 00:20:51,920 --> 00:20:54,760 Speaker 1: the way, there could be something bad on that thumb drive. Um, 342 00:20:54,920 --> 00:20:57,720 Speaker 1: so you know that's another possibility. And also once it 343 00:20:57,760 --> 00:21:00,920 Speaker 1: gets in the network, there were other ways of leveraging 344 00:21:00,960 --> 00:21:03,640 Speaker 1: the network to help infect other computers. One of which 345 00:21:03,640 --> 00:21:10,399 Speaker 1: I saw was using a printer spooling UH protocol where 346 00:21:10,440 --> 00:21:13,920 Speaker 1: certain printers, you know, you could send the malware through 347 00:21:13,960 --> 00:21:16,840 Speaker 1: the printer queue, and other computers as they connect to 348 00:21:16,840 --> 00:21:19,520 Speaker 1: the printer queue could be infected that way, which is 349 00:21:19,600 --> 00:21:21,520 Speaker 1: kind of interesting. But that means that you already have 350 00:21:21,600 --> 00:21:25,040 Speaker 1: to get into the network initially in order to take 351 00:21:25,080 --> 00:21:28,000 Speaker 1: advantage of something like that. So in other words, you 352 00:21:28,040 --> 00:21:31,359 Speaker 1: can't just necessarily attack straight through the printer, although I 353 00:21:31,359 --> 00:21:33,680 Speaker 1: suppose you could if it was a printer that had 354 00:21:34,080 --> 00:21:37,880 Speaker 1: Internet connectivity and you had the password to get into that. 355 00:21:38,440 --> 00:21:42,679 Speaker 1: But at any rate, it propagates through those ways, and 356 00:21:42,760 --> 00:21:47,399 Speaker 1: apparently it will only do so under the direction of 357 00:21:47,440 --> 00:21:50,760 Speaker 1: the hackers, So this is not the kind of malware 358 00:21:50,800 --> 00:21:54,520 Speaker 1: that will just copy itself an infinite number of times 359 00:21:54,520 --> 00:21:57,440 Speaker 1: and just send it to every single contact within a 360 00:21:57,560 --> 00:22:02,960 Speaker 1: computers database. Instead, it's a very controlled attack, which is 361 00:22:03,119 --> 00:22:08,960 Speaker 1: again another another reason why UH the analysts think this 362 00:22:09,080 --> 00:22:13,240 Speaker 1: could be state sponsored, because typically if you have someone 363 00:22:13,280 --> 00:22:16,239 Speaker 1: who's just interested in either creating as much trouble as 364 00:22:16,280 --> 00:22:19,600 Speaker 1: possible or just trying to make a profit off whatever 365 00:22:19,640 --> 00:22:23,119 Speaker 1: that is they're doing, they're probably less likely to have 366 00:22:23,320 --> 00:22:26,800 Speaker 1: this sort of controlled approach where they're targeting specific computers, 367 00:22:27,240 --> 00:22:29,720 Speaker 1: because why do that when you could go with a 368 00:22:29,760 --> 00:22:35,280 Speaker 1: blanket bomb approach and just infect everyone you possibly can. UH. 369 00:22:35,320 --> 00:22:39,000 Speaker 1: This appears to be much more of a precision attack, 370 00:22:39,119 --> 00:22:44,040 Speaker 1: so that tends to suggest a state sponsored approach. Now 371 00:22:44,160 --> 00:22:47,760 Speaker 1: by that we mean that some government has gone out 372 00:22:48,680 --> 00:22:53,840 Speaker 1: and hired programmers to create this malware with the intent 373 00:22:54,000 --> 00:22:59,320 Speaker 1: of using it on some other nations computers, possibly possibly 374 00:22:59,320 --> 00:23:01,679 Speaker 1: computers within the own their own nation. I mean, it 375 00:23:01,680 --> 00:23:06,119 Speaker 1: all depends on what the government's UH motives are, and 376 00:23:06,160 --> 00:23:10,600 Speaker 1: then they're going to gather information and analyze it and 377 00:23:11,240 --> 00:23:13,639 Speaker 1: make their own plans based upon what they see. So 378 00:23:13,960 --> 00:23:18,800 Speaker 1: typical spy stuff as opposed to say a group of 379 00:23:18,800 --> 00:23:22,240 Speaker 1: of you know, just just a group of hackers that 380 00:23:22,359 --> 00:23:24,159 Speaker 1: just want to get as much information as possible in 381 00:23:24,240 --> 00:23:26,679 Speaker 1: order to make as much money or as much trouble 382 00:23:26,760 --> 00:23:34,240 Speaker 1: as they can. Yeah. The the country that has asserted 383 00:23:34,640 --> 00:23:37,359 Speaker 1: the state sponsored claim more than any that I've seen 384 00:23:37,680 --> 00:23:42,960 Speaker 1: is Iran, who blames Israel and the United States for 385 00:23:43,040 --> 00:23:46,160 Speaker 1: the attack. And there was a statement from an Israeli 386 00:23:46,240 --> 00:23:51,960 Speaker 1: government official that I think inadvertently kind of gave the 387 00:23:51,960 --> 00:23:57,040 Speaker 1: the implication that Israel was directly involved. But I don't 388 00:23:57,080 --> 00:24:00,840 Speaker 1: think that was the intention of the statement. Well, one 389 00:24:00,880 --> 00:24:03,280 Speaker 1: way or the other. I'm sure it wasn't right, but 390 00:24:03,400 --> 00:24:06,359 Speaker 1: the but the government official essentially said, we would you know, 391 00:24:06,760 --> 00:24:09,120 Speaker 1: this is this is sort of that I'm paraphrasing here, 392 00:24:09,359 --> 00:24:12,560 Speaker 1: this is the world we're in, and if if we 393 00:24:12,640 --> 00:24:14,639 Speaker 1: think these tactics are going to work, we're going to 394 00:24:14,760 --> 00:24:21,040 Speaker 1: use them, which essentially sounded like an admission. But the 395 00:24:21,119 --> 00:24:26,000 Speaker 1: Israeli government very quickly said, no, no, no, we deny 396 00:24:26,080 --> 00:24:28,760 Speaker 1: that we have anything to do with this. However, we 397 00:24:28,800 --> 00:24:31,440 Speaker 1: could write a much more sophisticated program than that. Now 398 00:24:31,480 --> 00:24:34,720 Speaker 1: I'm I'm kidding um, but yeah, I mean he they're 399 00:24:34,720 --> 00:24:39,360 Speaker 1: saying that they they wouldn't uh, just because they did 400 00:24:39,480 --> 00:24:42,119 Speaker 1: or did not launch this. This is the kind of 401 00:24:42,119 --> 00:24:43,600 Speaker 1: thing that we're going to see more of, which is 402 00:24:43,760 --> 00:24:47,040 Speaker 1: which is what the analysts have been saying too. Um. 403 00:24:47,080 --> 00:24:52,160 Speaker 1: It was very unusual too, because the the organization known 404 00:24:52,200 --> 00:24:55,720 Speaker 1: as f Secure, which is a h an anti known 405 00:24:55,760 --> 00:25:02,440 Speaker 1: anti virus organization in Europe, was contacted by the Iranian 406 00:25:02,680 --> 00:25:06,800 Speaker 1: Computer Emergency Response Team UH for assistance with that, but 407 00:25:06,840 --> 00:25:10,000 Speaker 1: apparently it never never went through. But they did contact them, 408 00:25:10,000 --> 00:25:13,680 Speaker 1: which is kind of unusual because usually they uh, Iran 409 00:25:13,920 --> 00:25:17,000 Speaker 1: is kind of uh tight lipped about these kinds of 410 00:25:17,000 --> 00:25:19,359 Speaker 1: things until you know, they can they can say something 411 00:25:19,359 --> 00:25:23,520 Speaker 1: about it. But they were asking for help initially. Um. 412 00:25:23,560 --> 00:25:27,760 Speaker 1: But yeah, as Jonathan was saying a minute ago, UM, 413 00:25:27,800 --> 00:25:30,880 Speaker 1: that the attacks have been very targeted, and there we're 414 00:25:30,880 --> 00:25:34,359 Speaker 1: not talking about hundreds of thousands or millions of computers 415 00:25:34,359 --> 00:25:38,400 Speaker 1: that are infected like other malware has. We're talking about 416 00:25:38,400 --> 00:25:40,680 Speaker 1: a few thousand at most now. There may be fewer 417 00:25:40,760 --> 00:25:44,040 Speaker 1: than a thousand in fact, across the entire world, with 418 00:25:44,240 --> 00:25:47,240 Speaker 1: the greatest concentration, like we said, being in the Middle East. 419 00:25:47,720 --> 00:25:51,680 Speaker 1: And uh yeah, so it's you know, it's very possible 420 00:25:51,720 --> 00:25:57,119 Speaker 1: that um that this is uh, this is not necessarily 421 00:25:57,119 --> 00:25:59,840 Speaker 1: one of those global things that everyone should freak out about. 422 00:26:00,080 --> 00:26:02,840 Speaker 1: What they should freak out about, rather than the nature 423 00:26:02,960 --> 00:26:06,919 Speaker 1: of the threat that flame poses, is the nature of 424 00:26:06,960 --> 00:26:11,320 Speaker 1: the threat that the type of malware flame is poses. So, 425 00:26:11,359 --> 00:26:13,280 Speaker 1: in other words, in other words, it's not flame we 426 00:26:13,320 --> 00:26:15,359 Speaker 1: need to worry about. It's the fact that now we 427 00:26:15,480 --> 00:26:18,960 Speaker 1: know actually I guess it's better than we know. But 428 00:26:20,520 --> 00:26:23,080 Speaker 1: right there's a proof of concept here. There's this malware 429 00:26:23,119 --> 00:26:26,960 Speaker 1: that can exist, that can be incredibly effective at gathering information. 430 00:26:27,680 --> 00:26:31,440 Speaker 1: And who's to say that the next version of this 431 00:26:31,680 --> 00:26:34,040 Speaker 1: isn't already out there. In fact, it very well maybe 432 00:26:34,080 --> 00:26:36,919 Speaker 1: out there right now. I'd be amazed if it weren't 433 00:26:36,960 --> 00:26:38,919 Speaker 1: out there right now, to tell you the truth. And 434 00:26:38,960 --> 00:26:42,440 Speaker 1: it's possible that it could be spying on more than 435 00:26:42,560 --> 00:26:50,119 Speaker 1: just government or or infrastructure type of agencies. And also, 436 00:26:50,320 --> 00:26:53,639 Speaker 1: even though this particular kind of malware it's all about 437 00:26:53,640 --> 00:26:58,440 Speaker 1: gathering information that would be you know, espionage type stuff, 438 00:26:58,480 --> 00:27:01,840 Speaker 1: there's nothing stopping any and else from taking that same 439 00:27:01,920 --> 00:27:07,640 Speaker 1: model and applying it for things like stealing identities, stealing 440 00:27:07,720 --> 00:27:10,960 Speaker 1: bank account information. You know that you could you could 441 00:27:11,000 --> 00:27:15,560 Speaker 1: easily take the same approach and apply it to the 442 00:27:15,800 --> 00:27:21,040 Speaker 1: very uh stereotypical means of you know what malware tends 443 00:27:21,119 --> 00:27:25,080 Speaker 1: to do, and it could wreak a lot of havoc. 444 00:27:25,440 --> 00:27:28,440 Speaker 1: And I think, I think when it comes to gathering 445 00:27:28,440 --> 00:27:31,760 Speaker 1: information like all that information like listening into phone calls 446 00:27:31,760 --> 00:27:35,919 Speaker 1: and stuff, I think that's probably not something that the 447 00:27:36,000 --> 00:27:38,920 Speaker 1: average person needs to worry about, simply because if you're 448 00:27:39,000 --> 00:27:43,479 Speaker 1: using a typical virus attack where you're trying to hit 449 00:27:43,520 --> 00:27:47,520 Speaker 1: as wide a an audience as possible, it doesn't make 450 00:27:47,560 --> 00:27:50,119 Speaker 1: a whole lot of sense to be filtering through that 451 00:27:50,200 --> 00:27:53,320 Speaker 1: much information. You would have so much information hitting you 452 00:27:54,119 --> 00:27:57,120 Speaker 1: that it would be the signal to noise ratio would 453 00:27:57,119 --> 00:27:59,880 Speaker 1: be out of control, right, So you don't have Well, 454 00:28:00,400 --> 00:28:03,240 Speaker 1: I was really hoping to get something I could use 455 00:28:03,280 --> 00:28:05,520 Speaker 1: as blackmail for this guy, but I have to first 456 00:28:05,520 --> 00:28:08,320 Speaker 1: sit through this three hour conversation he had with his 457 00:28:08,400 --> 00:28:12,800 Speaker 1: grandmother about the sweater she knitted for him, And uh, 458 00:28:12,840 --> 00:28:15,760 Speaker 1: that really is not giving me the juicy details I 459 00:28:15,840 --> 00:28:18,440 Speaker 1: need in order to put the screws to this guy. 460 00:28:18,560 --> 00:28:21,720 Speaker 1: So I mean, it's a it's a very real problem. Now. Granted, 461 00:28:21,720 --> 00:28:23,600 Speaker 1: when you're talking about state sponsored you've got an entire 462 00:28:23,600 --> 00:28:26,000 Speaker 1: departments again stuff through that, not to mention access to 463 00:28:26,119 --> 00:28:29,520 Speaker 1: possible computers that can filter through data much more effectively 464 00:28:29,520 --> 00:28:32,880 Speaker 1: than people can. But when you're talking about like hackers 465 00:28:32,880 --> 00:28:35,600 Speaker 1: who are just trying to get data, you know, about 466 00:28:35,640 --> 00:28:38,880 Speaker 1: a person, it's a different story. Now what they could 467 00:28:38,960 --> 00:28:42,400 Speaker 1: do is if they wanted to infect a lot of 468 00:28:42,400 --> 00:28:46,640 Speaker 1: computers and just cause mischief, then you're talking about some 469 00:28:46,680 --> 00:28:49,520 Speaker 1: pretty serious issues too, Like you could talk about, you know, 470 00:28:50,160 --> 00:28:54,080 Speaker 1: having computers have failures, talking about botton nets, that kind 471 00:28:54,080 --> 00:28:59,760 Speaker 1: of thing. Um, Now do we need to worry that 472 00:28:59,760 --> 00:29:03,160 Speaker 1: our computers are all infected? Well, what you need to 473 00:29:03,200 --> 00:29:06,480 Speaker 1: do is do the same thing that we recommend in 474 00:29:06,560 --> 00:29:09,680 Speaker 1: every podcast we ever talk about when it comes to malware. 475 00:29:10,240 --> 00:29:13,720 Speaker 1: Back up your hard drive and use virus protection, virus 476 00:29:13,760 --> 00:29:19,080 Speaker 1: protection software, use a firewall, anti virus protection, protect those viruses. Wait, no, 477 00:29:19,240 --> 00:29:21,680 Speaker 1: that's not what I meant protect yourself from viruses. Yes, 478 00:29:21,760 --> 00:29:25,720 Speaker 1: you want anti virus software, reliable antivirus software. You want 479 00:29:25,720 --> 00:29:27,040 Speaker 1: to keep it up to date. You want to keep 480 00:29:27,040 --> 00:29:30,640 Speaker 1: your operatings system up to date, because as you patch 481 00:29:30,680 --> 00:29:33,960 Speaker 1: your operating system, it plugs up vulnerabilities that get discovered 482 00:29:34,000 --> 00:29:37,880 Speaker 1: over time. Because that's that's what they're doing, really, Um, 483 00:29:37,960 --> 00:29:40,600 Speaker 1: a hacker is not necessarily somebody who's evil, but it's 484 00:29:40,640 --> 00:29:45,440 Speaker 1: somebody who takes something apart two uh re engineer it, 485 00:29:45,640 --> 00:29:47,520 Speaker 1: or or to find a different use for it, or 486 00:29:47,520 --> 00:29:49,840 Speaker 1: to find something that's wrong with it. Um And in 487 00:29:49,880 --> 00:29:53,160 Speaker 1: this case, what the computer hackers are doing is finding 488 00:29:53,760 --> 00:29:56,440 Speaker 1: flaws in an operating system, and it can be any 489 00:29:56,520 --> 00:30:00,480 Speaker 1: operating system in the case of Flame. And we should 490 00:30:00,520 --> 00:30:03,080 Speaker 1: point out these are Windows based machines that are being 491 00:30:03,120 --> 00:30:05,120 Speaker 1: attacked by Flame. We didn't talk about that in your 492 00:30:05,560 --> 00:30:08,840 Speaker 1: first of all the podcast A Windows based machines, but yes, 493 00:30:09,200 --> 00:30:14,640 Speaker 1: there are Any upbring system has vulnerabilities because operating systems 494 00:30:14,640 --> 00:30:18,280 Speaker 1: are built by humans, and humans don't always think of 495 00:30:18,520 --> 00:30:22,600 Speaker 1: every contingency. It's just impossible to do. And while you 496 00:30:22,640 --> 00:30:26,760 Speaker 1: are building an operating system, or building any system, you're 497 00:30:26,800 --> 00:30:29,520 Speaker 1: looking at it from one perspective. You're thinking, how can 498 00:30:29,560 --> 00:30:32,680 Speaker 1: I make this as secure as possible? The hackers looking 499 00:30:32,680 --> 00:30:36,040 Speaker 1: at thinking how can I get into that system? And 500 00:30:36,080 --> 00:30:38,040 Speaker 1: they're going to start looking at ways that you could 501 00:30:38,080 --> 00:30:40,040 Speaker 1: not have thought of, because they're going to see what 502 00:30:40,120 --> 00:30:43,240 Speaker 1: you have thought of and go beyond that. It's it's 503 00:30:43,280 --> 00:30:45,560 Speaker 1: just that's the way the game works. But then as 504 00:30:45,640 --> 00:30:49,680 Speaker 1: vulnerabilities are are discovered, then you have the flip flop. 505 00:30:49,720 --> 00:30:51,920 Speaker 1: You know, you've got the reaction to it where you 506 00:30:51,960 --> 00:30:55,880 Speaker 1: plug that vulnerability. Now that might create other vulnerabilities, or 507 00:30:55,920 --> 00:30:59,440 Speaker 1: maybe that other vulnerabilities exist that you have not yet discovered. 508 00:31:00,000 --> 00:31:02,320 Speaker 1: That's why it's important for you to make sure that 509 00:31:02,440 --> 00:31:05,800 Speaker 1: you update your operating system as updates become available. Yes, 510 00:31:06,200 --> 00:31:07,920 Speaker 1: I know it can be irritating, especially if you're on 511 00:31:07,920 --> 00:31:10,920 Speaker 1: a slower connection, to have to update your operating system 512 00:31:10,960 --> 00:31:13,720 Speaker 1: every week and you're shutting down your computer and it 513 00:31:13,720 --> 00:31:18,680 Speaker 1: says installing update one of thirty three, I wanted to 514 00:31:18,760 --> 00:31:22,560 Speaker 1: go home. Um, But still it's better to do it 515 00:31:22,760 --> 00:31:25,960 Speaker 1: and to maintain as high a level of security as 516 00:31:26,000 --> 00:31:29,840 Speaker 1: you can. And ultimately, the most important thing I think, 517 00:31:29,920 --> 00:31:34,400 Speaker 1: besides the antivirus software and plugging the operating system, is 518 00:31:34,640 --> 00:31:39,080 Speaker 1: engage in good behavior in the sense of don't open 519 00:31:39,240 --> 00:31:43,040 Speaker 1: strange links, don't execute files that are sent to you 520 00:31:43,160 --> 00:31:45,640 Speaker 1: from people you don't know. If it's sent to you 521 00:31:45,640 --> 00:31:48,640 Speaker 1: by someone who does you do know, make sure that 522 00:31:48,720 --> 00:31:51,520 Speaker 1: you contact that person first and say, hey, I got 523 00:31:51,520 --> 00:31:53,560 Speaker 1: this email from you and had this file in it. 524 00:31:53,600 --> 00:31:55,240 Speaker 1: Is this what I think it is? Is it cool? 525 00:31:56,080 --> 00:31:58,640 Speaker 1: Because it may be that your friends computer has been 526 00:31:58,640 --> 00:32:03,240 Speaker 1: infected and that you're getting a file that is automatically 527 00:32:03,280 --> 00:32:05,920 Speaker 1: generated because it's gone through that friends contact list and 528 00:32:05,920 --> 00:32:09,200 Speaker 1: you have to be on it. You know, think of 529 00:32:09,280 --> 00:32:13,200 Speaker 1: the think the way hackers think, and make sure you 530 00:32:13,280 --> 00:32:17,160 Speaker 1: don't engage in those high risk behaviors that hackers target 531 00:32:17,280 --> 00:32:20,520 Speaker 1: because they're they've proven to be effective tools. And if 532 00:32:20,560 --> 00:32:22,600 Speaker 1: you managed to do that, if you avoid the high 533 00:32:22,680 --> 00:32:26,000 Speaker 1: risk behaviors and you keep your antivirus software up to date, 534 00:32:26,000 --> 00:32:28,360 Speaker 1: and you keep your oberating system out to date, you 535 00:32:28,560 --> 00:32:32,360 Speaker 1: have done as much as you can to prevent this 536 00:32:32,480 --> 00:32:35,440 Speaker 1: sort of stuff from infecting your computer. Doesn't mean that 537 00:32:35,480 --> 00:32:40,680 Speaker 1: it's full proof, but it it dramatically decreases those chances. Yes, 538 00:32:40,840 --> 00:32:45,880 Speaker 1: as Jonathan was was saying, there there could be uh contingencies. 539 00:32:46,240 --> 00:32:51,800 Speaker 1: Flame actually looks for anti virus software, especially the more 540 00:32:51,880 --> 00:32:56,760 Speaker 1: common manufacturers software, and it looks for things that are 541 00:32:56,760 --> 00:33:02,320 Speaker 1: going to report unusual activity online activity their applications for 542 00:33:02,600 --> 00:33:06,840 Speaker 1: I think pretty much every operating system that will say, hey, uh, 543 00:33:06,880 --> 00:33:10,000 Speaker 1: this program is sending message out? Is it supposed to 544 00:33:10,040 --> 00:33:13,760 Speaker 1: be sending a message out? UM? And I've seen malware 545 00:33:13,840 --> 00:33:17,960 Speaker 1: for for multiple operating systems be able to detect that. 546 00:33:18,280 --> 00:33:21,360 Speaker 1: So it's looking for anything that's going to report on 547 00:33:21,400 --> 00:33:25,360 Speaker 1: its activity or or try to eliminate it UM. And 548 00:33:25,400 --> 00:33:29,240 Speaker 1: of course, if it's something as sophisticated as Flame UM, 549 00:33:29,280 --> 00:33:33,440 Speaker 1: the software can be updated by the hackers to get 550 00:33:33,480 --> 00:33:39,080 Speaker 1: around virus detection software UM. So the vulnerabilities UM that 551 00:33:39,080 --> 00:33:42,560 Speaker 1: that initially allowed Flame to operate apparently been patched and 552 00:33:42,640 --> 00:33:45,960 Speaker 1: more some time ago. Again, if if if the people 553 00:33:46,040 --> 00:33:49,120 Speaker 1: who UM had been using those operating systems had patched 554 00:33:49,160 --> 00:33:51,920 Speaker 1: their software would have made it a lot more difficult. Now, 555 00:33:51,960 --> 00:33:55,160 Speaker 1: if if the hacker has a backdoor into that software, 556 00:33:55,560 --> 00:33:58,760 Speaker 1: then he or she can say, okay, uh, this vulnerability 557 00:33:58,800 --> 00:34:00,600 Speaker 1: has been patched, but this one is still open from 558 00:34:00,600 --> 00:34:03,920 Speaker 1: now on, use this door out into the internet instead 559 00:34:03,960 --> 00:34:06,200 Speaker 1: of the one that you were using before and stay. 560 00:34:06,600 --> 00:34:09,560 Speaker 1: And that allows them to stay one step ahead. But again, 561 00:34:09,600 --> 00:34:12,480 Speaker 1: if you if you take those steps UH to keep 562 00:34:12,480 --> 00:34:16,400 Speaker 1: your anti virus in your operating system patched as often 563 00:34:16,480 --> 00:34:19,520 Speaker 1: as you can, as as it's done regularly, then you 564 00:34:19,760 --> 00:34:22,080 Speaker 1: you stand a much better chance at at preventing something 565 00:34:22,120 --> 00:34:26,799 Speaker 1: like this from happening. Yeah, again, not full proof, but 566 00:34:26,840 --> 00:34:29,960 Speaker 1: at least it decreases that percentage. It's fascinating to to 567 00:34:29,960 --> 00:34:33,480 Speaker 1: look at these modules because you it's it's such an 568 00:34:33,480 --> 00:34:38,399 Speaker 1: amazing architecture. UM. It's it's obvious that the people who 569 00:34:38,440 --> 00:34:41,840 Speaker 1: wrote the software UH intended to set up shop and 570 00:34:41,920 --> 00:34:45,480 Speaker 1: the operating systems of the people whose infect whose computers 571 00:34:45,480 --> 00:34:48,959 Speaker 1: were infected by the software by this malware, and and 572 00:34:49,400 --> 00:34:51,719 Speaker 1: UH they intended to stay there for as long as 573 00:34:51,719 --> 00:34:53,880 Speaker 1: they could and record as much information as they could 574 00:34:54,160 --> 00:34:58,759 Speaker 1: about the operating system, about anything that they can connect to. UM. 575 00:34:59,200 --> 00:35:02,200 Speaker 1: So they they were playing for real. Yeah. The only 576 00:35:02,239 --> 00:35:04,960 Speaker 1: thing I think, the only indicator that shows that they 577 00:35:05,000 --> 00:35:10,719 Speaker 1: were not completely fully baked when when it rolled out 578 00:35:10,840 --> 00:35:14,120 Speaker 1: is that it does not let you play angry Birds. 579 00:35:15,560 --> 00:35:20,160 Speaker 1: Otherwise I think it was a pretty strong modular system. 580 00:35:20,200 --> 00:35:22,239 Speaker 1: But until the system has Angry Birds on it, I 581 00:35:22,280 --> 00:35:28,600 Speaker 1: considered incomplete all right then all right, So that kind 582 00:35:28,600 --> 00:35:32,920 Speaker 1: of that kind of sums up the the knowledge we 583 00:35:32,960 --> 00:35:36,160 Speaker 1: have as the recording of this podcast about Flame. Of course, 584 00:35:36,160 --> 00:35:38,600 Speaker 1: by the time this publishes, we may have more information, 585 00:35:39,000 --> 00:35:42,879 Speaker 1: such as a stronger indicator of who might be responsible. 586 00:35:43,080 --> 00:35:45,319 Speaker 1: Although I don't know what's duck set. It's been out 587 00:35:45,360 --> 00:35:47,839 Speaker 1: for so long and people still don't know. Although yeah, 588 00:35:47,960 --> 00:35:51,959 Speaker 1: both with stucks neet and with flame. The the most 589 00:35:52,000 --> 00:35:56,280 Speaker 1: of the fingers are pointing towards Israel. In the United States, again, 590 00:35:56,400 --> 00:35:59,520 Speaker 1: no smoking gun, and there's lots of flame, but no 591 00:35:59,600 --> 00:36:04,719 Speaker 1: smoking gun. Well and uh, of course, as we know, um, 592 00:36:04,920 --> 00:36:08,080 Speaker 1: internet hackers have been known to find ways to point 593 00:36:08,120 --> 00:36:11,640 Speaker 1: the finger at someone else. Um. They're very good at 594 00:36:12,040 --> 00:36:15,440 Speaker 1: hiding their tracks and making somebody Well. The names of 595 00:36:15,440 --> 00:36:20,400 Speaker 1: these modules are all in uh, in English and somewhat slangy. 596 00:36:20,560 --> 00:36:23,520 Speaker 1: Some of them are are slang terms, so uh, you 597 00:36:23,560 --> 00:36:25,359 Speaker 1: know it kind of says, oh, well, somebody who's very 598 00:36:25,400 --> 00:36:29,799 Speaker 1: familiar with English probably wrote this software. Um. Yeah, so 599 00:36:29,920 --> 00:36:31,640 Speaker 1: that's why I would want to I want to get 600 00:36:31,680 --> 00:36:34,600 Speaker 1: like if I were to write some malware, I'd want 601 00:36:34,640 --> 00:36:37,600 Speaker 1: to get slang and something like Romanian. Yeah. Well, the 602 00:36:37,600 --> 00:36:41,120 Speaker 1: penguins in Australia who wrote this software very sophisticated and 603 00:36:41,120 --> 00:36:42,960 Speaker 1: and and nobody's going to point a flipper at them. 604 00:36:43,000 --> 00:36:47,040 Speaker 1: So now you're suggesting it's lenox. I see what you're saying. Yeah, 605 00:36:47,040 --> 00:36:50,759 Speaker 1: Tucks and his buddies down there. So well, I think 606 00:36:50,800 --> 00:36:54,400 Speaker 1: that wraps up our discussion here now. Granted, what'll be 607 00:36:54,400 --> 00:36:57,400 Speaker 1: interesting to see is if we see future outbreaks of 608 00:36:57,480 --> 00:37:05,000 Speaker 1: malware that follow in flames smoking footsteps. Uh, because it is. 609 00:37:05,160 --> 00:37:09,760 Speaker 1: It has proven to be a pretty effective tactic. And 610 00:37:09,840 --> 00:37:12,640 Speaker 1: of course, you know, we would expect any future form 611 00:37:12,800 --> 00:37:15,960 Speaker 1: of this sort of attack to take to be different 612 00:37:16,080 --> 00:37:19,239 Speaker 1: enough so that it would not immediately trigger suspicion once 613 00:37:19,280 --> 00:37:23,440 Speaker 1: someone downloaded it. Uh, tony megabyte file is like you said, 614 00:37:23,640 --> 00:37:27,440 Speaker 1: that's significant for malware. It's not still not significant compared 615 00:37:27,480 --> 00:37:33,800 Speaker 1: to say a good music file, but uh, yeah, you 616 00:37:33,920 --> 00:37:38,640 Speaker 1: never know. So guys, be careful out there again. Don't 617 00:37:38,680 --> 00:37:40,640 Speaker 1: need to worry about flame unless you are a high 618 00:37:40,719 --> 00:37:46,120 Speaker 1: ranking government official or you run some sort of important 619 00:37:46,160 --> 00:37:49,839 Speaker 1: facility in the Middle East. And but you know, being 620 00:37:49,880 --> 00:37:53,520 Speaker 1: careful is always good no matter no matter what area 621 00:37:53,560 --> 00:37:56,440 Speaker 1: of life you might fall in. And let us know 622 00:37:56,520 --> 00:37:59,320 Speaker 1: what you would like us to talk about in future episodes. 623 00:37:59,440 --> 00:38:02,440 Speaker 1: You can untacked us via email our addressed as tech 624 00:38:02,520 --> 00:38:05,720 Speaker 1: stuff at Discovery dot com or less know on Facebook 625 00:38:05,800 --> 00:38:08,120 Speaker 1: or Twitter are handled There is tech stuff hs W 626 00:38:08,440 --> 00:38:12,880 Speaker 1: and Chris and I will talk to you again really soon. Hey. Uh, 627 00:38:12,920 --> 00:38:17,359 Speaker 1: you know when we were recorded this podcast initially, yes, 628 00:38:17,880 --> 00:38:22,080 Speaker 1: we talked about things like who was responsible for the 629 00:38:22,280 --> 00:38:26,400 Speaker 1: flame virus, saying that it could literally be anyone. It 630 00:38:26,520 --> 00:38:29,719 Speaker 1: could literally be anyone and one in the world. And 631 00:38:29,719 --> 00:38:32,480 Speaker 1: it was very similar to stucks net. No no connection 632 00:38:32,520 --> 00:38:34,840 Speaker 1: to stucks net at all. Yeah, but it was awfully 633 00:38:34,840 --> 00:38:37,480 Speaker 1: similar in boy, isn't that weird? Okay? Yeah. So, as 634 00:38:37,480 --> 00:38:40,520 Speaker 1: it turns out, since we recorded that podcast, almost broke 635 00:38:40,760 --> 00:38:44,960 Speaker 1: almost I'm sorry not to interrupt, almost literally right after 636 00:38:45,000 --> 00:38:47,719 Speaker 1: we recorded this, it went like a day, Yeah, exactly 637 00:38:47,760 --> 00:38:50,279 Speaker 1: like it was. By the next week, the news had 638 00:38:50,360 --> 00:38:57,279 Speaker 1: broken that that Flame, the code for Flame resembled to 639 00:38:57,360 --> 00:39:00,440 Speaker 1: the point of identity part of the code or an 640 00:39:00,480 --> 00:39:07,880 Speaker 1: early iteration of stucks net, which is an incredibly strong 641 00:39:08,080 --> 00:39:12,439 Speaker 1: indicator that those responsible for the creation of Flame were 642 00:39:12,520 --> 00:39:17,880 Speaker 1: also involved in creating stucks net. So that narrows down 643 00:39:17,960 --> 00:39:22,200 Speaker 1: that field dramatically. And as Chris said, when we recorded 644 00:39:22,200 --> 00:39:25,399 Speaker 1: the podcast, that information had not become public. But now 645 00:39:25,440 --> 00:39:29,920 Speaker 1: we know that stucks net and Flame share enough similar 646 00:39:29,960 --> 00:39:34,200 Speaker 1: code to give us the confidence in saying the same 647 00:39:34,239 --> 00:39:38,319 Speaker 1: parties were involved in the creation of both, So that 648 00:39:38,520 --> 00:39:43,120 Speaker 1: also limits who could have been behind it in other ways. 649 00:39:43,520 --> 00:39:48,600 Speaker 1: Right now, it the accusations have pretty much centered and 650 00:39:48,640 --> 00:39:52,759 Speaker 1: they have since ducks net became public. They've centered on 651 00:39:52,800 --> 00:39:57,120 Speaker 1: the United States and Israel. Yes, and although neither country 652 00:39:57,160 --> 00:40:02,160 Speaker 1: has officially confirmed anything, the evidence, I can't imagine that 653 00:40:02,400 --> 00:40:06,920 Speaker 1: they would. No, I can't either, but uh, the evidence 654 00:40:07,120 --> 00:40:11,200 Speaker 1: has has pointed even more strongly since then. So I mean, 655 00:40:11,320 --> 00:40:14,640 Speaker 1: I would say it's safe that neither Jonathan nor I 656 00:40:14,680 --> 00:40:18,880 Speaker 1: can confirm or deny any you know, any involvement by 657 00:40:18,920 --> 00:40:21,520 Speaker 1: any government anywhere. I can. I can deny that I 658 00:40:21,560 --> 00:40:24,799 Speaker 1: had any involvement. Yes, that's about that. But as far 659 00:40:24,920 --> 00:40:28,319 Speaker 1: as I can, the evidence is is stronger now to 660 00:40:28,480 --> 00:40:31,480 Speaker 1: suggest that based on based on the information that we've 661 00:40:31,520 --> 00:40:34,200 Speaker 1: received in the media. So, and there was also an 662 00:40:34,239 --> 00:40:36,799 Speaker 1: interesting discussion that popped up, and I think it's one 663 00:40:36,840 --> 00:40:39,280 Speaker 1: that we can have a kind of a quick version 664 00:40:39,320 --> 00:40:43,480 Speaker 1: of it here on our show about stuckx net and 665 00:40:43,600 --> 00:40:48,320 Speaker 1: Flame both existed on computers for years before anyone else 666 00:40:48,440 --> 00:40:52,600 Speaker 1: outside of the operations knew anything was going on. Yeah, 667 00:40:52,680 --> 00:40:56,600 Speaker 1: and it's amazing because it seems very fresh to us, 668 00:40:56,719 --> 00:40:58,759 Speaker 1: but it has been out there for quite some time. 669 00:40:58,880 --> 00:41:02,440 Speaker 1: So right, it remained under tected for years. And in 670 00:41:02,480 --> 00:41:05,320 Speaker 1: the case of Flame, you're talking about a significant file size. 671 00:41:05,320 --> 00:41:09,520 Speaker 1: It's a small piece of code. Uh. The argument I've 672 00:41:09,520 --> 00:41:12,880 Speaker 1: seen says that the era of anti virus software is 673 00:41:12,960 --> 00:41:16,000 Speaker 1: over because if anti virus software can't protect you from 674 00:41:16,040 --> 00:41:18,960 Speaker 1: these things that they can remain hidden for years, then 675 00:41:19,040 --> 00:41:24,480 Speaker 1: it is useless. Now yeah, I think I think that's 676 00:41:24,760 --> 00:41:28,680 Speaker 1: I think that's extremist. Now, I do agree that if 677 00:41:28,920 --> 00:41:32,960 Speaker 1: code goes undetected, anti virus software is of little help 678 00:41:33,040 --> 00:41:37,320 Speaker 1: in that case for something of that variety. Now, uh, 679 00:41:37,400 --> 00:41:39,880 Speaker 1: we're when we're talking about the victims of flame and 680 00:41:39,960 --> 00:41:43,280 Speaker 1: stuck s net. These are not you know, people sitting 681 00:41:43,320 --> 00:41:46,160 Speaker 1: at home, uh, you know, checking the web in their email. 682 00:41:46,680 --> 00:41:51,040 Speaker 1: The targets, yes, these are These are are targeted organizations 683 00:41:51,080 --> 00:41:55,239 Speaker 1: and governments. Um. And it is more likely that you 684 00:41:55,560 --> 00:41:59,440 Speaker 1: or I would be targeted by uh script kitties sending 685 00:41:59,520 --> 00:42:04,240 Speaker 1: virus is by email or by phishing or even spear 686 00:42:04,280 --> 00:42:08,800 Speaker 1: fishing for that matter. So yes, I think for everyday folks, 687 00:42:08,840 --> 00:42:11,640 Speaker 1: protecting their computers is still a very very good idea 688 00:42:11,760 --> 00:42:16,360 Speaker 1: backing them up and using virus protection software. Yes, yes, 689 00:42:16,440 --> 00:42:21,280 Speaker 1: and please and remember I mean these these security firms, 690 00:42:21,280 --> 00:42:25,120 Speaker 1: as soon as they identify malware, they are at work 691 00:42:25,200 --> 00:42:28,160 Speaker 1: to try and incorporate that into the anti virus software 692 00:42:28,200 --> 00:42:31,040 Speaker 1: so that you can detect it. And prevent it from 693 00:42:31,120 --> 00:42:36,120 Speaker 1: infecting your computer. Because just because something has become known 694 00:42:36,320 --> 00:42:40,080 Speaker 1: doesn't mean it's no longer dangerous. It's still dangerous. Uh. 695 00:42:40,120 --> 00:42:43,600 Speaker 1: If it's unknown, then it's extra dangerous because your software 696 00:42:43,640 --> 00:42:47,000 Speaker 1: may not be able to protect you against it. But yeah, 697 00:42:47,000 --> 00:42:50,200 Speaker 1: I agree, Chris. I don't think that anti virus software 698 00:42:50,719 --> 00:42:53,279 Speaker 1: is useless. I think it's still has a place. I 699 00:42:53,320 --> 00:42:57,280 Speaker 1: think you have to couple antivirus software with smart computing 700 00:42:57,320 --> 00:43:02,040 Speaker 1: practices and that will help protect you from malware. Yes, 701 00:43:02,280 --> 00:43:06,320 Speaker 1: all right, Well that wraps up our PostScript, so uh, 702 00:43:06,480 --> 00:43:10,160 Speaker 1: please don't write us telling us that we missed out 703 00:43:10,239 --> 00:43:13,440 Speaker 1: on that fact. We did, but we we fixed it. 704 00:43:14,560 --> 00:43:17,000 Speaker 1: For more on this and thousands of other topics. Is 705 00:43:17,000 --> 00:43:23,160 Speaker 1: it how staff works dot com? Brought to you by 706 00:43:23,160 --> 00:43:26,600 Speaker 1: the reinvented two thousand twelve camera. It's ready, are you