 I'm not sure how much and let us know let us know we need to know if the lake So welcome to vlog Thursday, and as I think I checked there's over 5,300 of you So this you know we're excited about 5,000 now we're at 50 years There's more of you so 300 in a week 300 a week. We're excited about that. That's awesome Yeah, tell all your friends if someone says a box now honestly I just got the box and they put it on my desk and I was out of the office most yesterday so we open a box and it's from eating and Yeah, I don't know a lot about the company it says switch on that eatin.com I'll read it down there, and we got a frog in a duck and a note that says hi We want to star in your next video. This is our next video seen as I just opened the box And they just got the box and she says this is the next video so the next one Devil duck and Zen frog. Yes devil. Does it say duck to devil duck to and then I don't know It's double duck and Zen frog. I Think it's devil duck and then and then and Zen frog and I think that's supposed to be like a plus Oh, got it devil duck and Zen frog anyways. Thank you very much eatin, and I like to sticky notes Because we use sticky notes. We put them on things be sure so thank you very much And they are now featured in our next video. I'll read more about the company I'm not in specifically endorsing because I've never used their products, but hey This is a good marketing. I guess so they sent us a duck and a frog and I'm now playing with the frog He's squeezing a duck. I can't stop Marvin squeeze a duck. I will squeeze a duck. I will squeeze a duck all day long Yes It's left to my own devices And we're laughing because we have prop props today And these are I think they're called props. I'm not much of a plain person, but they're actually off a drone Anyway, so I think they sell the same terminology. I think so, but you'll may notice that this is slightly uneven That's because We'll start with we got a new sign Yay insert sign here. Yeah, we'll put a little sign here. Yeah, and So time hasn't fallen its drone in a while and it was windy But I wanted to fly the drone and first I was super angry because that I updated the software and then I had to Re-register my drone so I had to get on the internet and re-register my drone I can't do the internet to do it while the sign people here And I thought I'd just fly the sign, you know fly around the sign of the drone Then it was windy and then through all this time crashed and that's what that's what we're really getting at here The good news is the only casualty is these propellers I have not thrown away our prop props here and the reason why is I had an idea Seen as they're broke this far we're gonna measure it and break it off on the other side I want to know what happens when I have a I know it happens when there's an uneven one on there It goes away, but When it's not uneven we'll see if it flies with the one on there That's just a curiosity of how durable the propellers are and will the drone still fly Why not because you've crashed the drone once when I tried again. We're gonna do this one over the grass and not whacking into the building Something about plastic and brick now This is only the second time since I got my drone like six seven months ago that I've crashed it in a epic manner The first time though, I ended up stepping in poop. So this is what better to you were there I was like what I was like wait a minute. I was maybe I'm bad luck for the drone I was it both massive crashes Perfect around it's me. I apologize. Yeah, that was pretty good, but I didn't step in poop this time Yeah, much better Yeah, that's true When caught it blew it right into the bushes. Yeah when and same this time we'd blew it into the building But there was no proof to step. Thank goodness. Well, it's because we move. Yeah The whole place it was a possibility It's a possibility So any place not other exciting things going on here is we got furniture not furniture appliances there It's like we did. Yeah, he's like he was curious about this dude. I'm sweet But it's coming next but we did get some appliances. We got a fridge. We got a a big fridge We had a mini fridge with a mini fridge now we have a big fridge for to fill with stuff to fill with things Actually, I got a box of meat. I got to bring in from my car, too. That's gonna go in the fridge Looks have been in your car. It's still edible So that was so we got a microwave so we that project is complete now Fixing things like the fridge came here Because it was broken and I figured we could fix it so I took it apart and it's fixed so I'm excited So I don't we're hitting it on the side. Well, it worked for a while So this is the fridge from my house and we had to we called it the Mike Tyson fridge So about once a day to punch it out You had a good hit and it would it would start right back up and work now You didn't know when you have to hit it So I just continuously punched it every morning. Well, so it wouldn't thought it would depend if it was bald bull You had to hit it on the like second. Yeah, if it was what was the guy that like did the spin punches? Super whatever. Yeah. Yeah. Yeah, so it's the Tyson friends or punch out Tyson fridge Yeah, it's funny like when I went on vacation because the fridge was at my house and it was my actual fridge that was I went on vacation and We had to have Steve all we're gone for a week Oh at my house and punched my fridge and he took video of him like you know line it up and punch in the fridge Once and he leave and that was his so actually so the fridge is right over there And as I'm looking at it you can actually see all the places where it was punched it may have been punched quite a few times So that was so Tom put a new fridge in his house and donated his old one to the store because we store He spent a lot of money on everything else. So we now have a fridge at the store Are we are we to believe that the store didn't buy that fridge to begin with? In some way Somehow how that works. Yeah, hopefully no one fire so this thing Look eventually I paint and it's that's it's all good Back to other fun things going at large technologies Camera systems been going in and lots of bids going out and we realized we had to meet Marvin at a conversation Because I'm such a distraction It's like when I'm gone for a while things get done and I'm hearing things get disrupted again So we're we're realizing that perhaps my lack of focus in my jumping around could be detrimental to the business So yeah, so we stopped and created a little structure for people that need a little structure Because it's well, it's it's like Tom you told me to sell this and then you came in and did this and then you distract To be over here, and then you said hey write a blog post and you said hey I got this idea and we stopped all work again. I'm like, oh, yeah, I probably did that so Yeah We we've got some focus Understanding and accepting it is the first step on the road to recovery. I am self-aware It's good that he has accepted these things about himself now something interesting, too We picked up a German client. Well, they operate they have their base operations in Germany They operate here and we're doing some IT work for them. They were really neat company We met them through one of our other companies and which really interesting was talking to them They don't have outsourced email and that was the first thing I like oh really so we're helping them set up the systems here I'm working with their counterparts in Germany and everything all their servers are in-house and they were very open about oh, yeah It's like your your government tapped our chancellor and you know they were talking about like they're very like oh, yeah Yeah, we we don't trust any American company to host email So we have all of our servers internal we don't believe in any cloud owned by an American company We're just like they said and even a cloud companies that we think probably have spies So we just do everything in-house. I'm like that's interesting cool That's probably a good idea. I suppose yeah, so I was like, okay. That's interesting Yeah, so yeah, so we're set everything up. They you know really good. Well done networking. So they're they had clear Separated networks everything else VPNs back to Germany to hide everything gave nothing passes Even their VoIP was then wrapped in a VPN before it was sent back to Germany Even though it's an encrypted protocol, so they're really Strict on privacy like they operate here because they know there's money to be made But they're not willing to not have anything in VPNs like everything's a VPN Sure, we have Comcast for internet and then we tunnel this and tunnel that We worked with them. They were actually a great people and we're excited to have them as a new client So yeah, if you're if you're just joining us and you're wondering how the heck of VPN works We have a video about that wait and involves us storing a pins at each other few tubes So check it out. Check it out the VPN explained with a pens. That's right. That's the video So there's that Also, I was at a Goldman Sachs event yesterday So I'm part of the Goldman Sachs small business program that was exciting to go to their alumni events and then I was asked to speak at a Another event so that became more me hanging out with some of the Goldman Sachs people that are in this program It's called the 10,000 small business program. Yes, I did a whole YouTube video explaining what it is but more Information of course and this is a nationwide. Oh, she global program But specifically I'm talking about the one in the US here You can learn more about it by googling Goldman Sachs 10,000 small business program before you say Isn't that the company that screwed up the economy? Yeah, that is the same Goldman Sachs This is something you're doing to help fix things It was actually a really good program So I have nothing bad to say about the program at all. It was actually a really interesting experience to learn more about it There I did a whole video where I kind of get a debrief on what the program is but go there learn about it No need to be angry about who Goldman Sachs is at all the in regards to this You know, they're a company trying to do some of the right things Sure companies make mistakes and in the name of money and whatever. So that this is not a discussion now back to other fun news though So I've been trying to figure out how to do so for my podcast at some alarm. We have a whole new section well right now So one of the co-hosts went to Iceland another one went to Japan and another one is where's Tony's in Italy So, you know there we have some bank shows are releasing from our Microsoft Which means I don't get to read my new stuff and I'm always excited about the news things that are happening So I have all those news. I've been building up. So I'm trying to figure out what to do with it I think maybe I'm just gonna put throw more news things I did kind of one in there about how dots help catch an NSA leaker Which my wife was fascinated by oh that she and how people know that there's printer. Yes, she watched it She actually watched it last night and I was like I was just like I was like, okay Listen, this stuff is interesting to me and my ilk. I was like, but are you actually interested in this? And she was like actually yeah, it's pretty it is pretty it is interesting. I was like, all right cool But yeah, so it's a it's a it's an interesting video even if you're not into the idea. It's the technical stuff I don't get into the political aspect of it. There's always There's all kinds of ramifications there and all the details of the case aren't known So I don't I never like to base my opinion on some hyperbole I heard the news because the same news people that both have their own opinions on either side also Were saying that she was caught by the folds they noticed in the paper two news agencies said that that's part of what set Tom off going no it wasn't folds in the paper It was not it was tiny little yellow dots to give the serial number. That's how they know they didn't go Oh, it's folded this way. We know a person there who pulled they tried to explain that away in the news I'm like you're the news. Are you insinuating Tom that the news will get things wrong They may even say it was a fax when it was not a fax And I'm gonna do another video about that because I think enough time has passed for an investigation I can talk about it which leads me to something else Tom wants to talk about So I love the details behind the news and there's a few places that kind of gives some of that But I like that specifically the technical details and of how something happened how a hack occurred I'm really looking for some resources. If not, I may start an entire blog called how they got hacked And what I want to do is I'm I've you know people I talked to on reddit and things like that Basically, they're IT system in stories of in debriefs of how a hack or a systems failure occurred Now a lot of that in reddit does a good job of this They it's posted in a more anonymous fashion Because it's not that we're trying to point out the company at all The goal is to educate other IT people as to what went wrong with a series of systems or a company and a process of procedures that went wrong That could have prevented the incident from happening So it's an educational thing of a debrief on how the hack occurred and what steps could have been taken to mitigate it And you know sometimes we brush it over here broadly and say oh, it's just security They should just had a better this or a better that But some of the hacks especially there was one of them on reddit about a month or two ago Where system in detailed how they got hacked and the hacker ransomware them and they thought their systems were protected They weren't and so they had to pay some of the ransom But in agreement the hacker also would disclose if they paid the ransom these are backing for the communications Which I thought was fascinating of how he got in the systems Okay, and it turned out they had a really as they kept calling it a complicated and only one guy understood it firewall rule set Which led to it not being audited very well Which led to a port being open that they didn't know was open because they weren't doing external vulnerability scans Which led to someone had set a backup password with the username backup and a weak password So they're admin passwords Admin was disabled But other users had admin privilege, but they all had really high entropy passwords really complicated passwords for those outside of security But really complicated passwords and so they couldn't figure out what exactly it happened And the guy even let them know the list of tools So he gains access to backup which backup has admin privileges weak password And they'd set it because some backup programs need to run as backup So you sometimes will just set a weaker password because you're thinking all no users really logging in is this so the passwords not being seen You know slip of the mind and you're also thinking there's no external access So there was accidentally through a firewall rule that got changed. So anyways, it's interesting if the hacker would actually tell him This is how I did it because like now I can't now we can't do that again Oh, well they locked down the systems and everything afterwards. They were in full audit mode after they got hit still But the concepts there and I want to Start publicizing more of them, you know, even when we've done debriefs on clients and be before I can just do it myself Because there would be some leakage if I only was the one doing it I want stories submitted from other people and do breakdowns and so that way it's all mixed I mean, I have my own stories near to and I mix them all together Everything's anonymized because the purpose has nothing to do like you said without even the company It's all about how they got hacked and how the details of how it occurred So so someone can look at it from a security standpoint going man I'm gonna double-check my systems to make sure I'm not doing those same things. So yeah, probably a good idea So it's a it's an educational idea I have so I can share with other people and educational purposes only occasional purposes only But you got a serious stuff so Next thing down and back to my news topics is so booze booze Allen Hamilton They they are such a famous company. There was a great headline. They're a military contractor And they were cited as probably being one of the most profitable Military contractor out there, but you may know them by the people who employed Snowden And and now more famously again, and this goes back to my news and government insecurities Apparently they dumped an entirety of credentials onto a public server on Amazon Yeah, now this brings me back to my roots of Exploring things and systems and I did this for years So you can find back in the early days the internet used to be what referred to as open FTP servers people who accidentally dump things and directories And we would just randomly search for them and their public repositories and go look we found a thing and there's no password on it And we could just see whatever those things aren't usually just BS or random as occasionally companies would just accidentally dump their files there Because they would turn on FTP for a vendor and open up their entire directory to it So these are things I did back in the 90s and early 2000s and they were always stuff that was funny to do for educational purposes only for educational purposes only And a similar thing happens now and now we have you know the Amazon cloud now Amazon actually supports government services They have a dot gov cloud system essentially, so it's a government secure cloud system Somehow some way and who's Amazon isn't talking about it And I'm sure but everyone else in the security community is they dumped all the credential files to a public Amazon And what happens is they're called Amazon buckets and their storage buckets on the Amazon S3 servers And what they do is you can randomly generate like characters and things like that and and look for things inside there Now you should be properly configuring your Amazon services to be secure and locked down But sometimes people don't check the little box and they make things public now There's reasons for making things public because sometimes you use the back end of Amazon to host a website So everything needs to be accessible and that's how you keep your website fast like oh I have all these big files need downloaded. So here's my website and then it back links to you know Amazon or however You're setting it up. So there's a reason for doing it But the credentials of all top secret officials Probably not something that should be ever even been considered being on that because the government servers are locked down by default With special permissions where Amazon has it that way it's harder to screw up. Well They put it on those standard one that me or you could just sign up for where it's really easy to screw up And you know Pete companies grew up and he accidentally released things But those companies aren't government contractors has just got handed eighty six million dollars to secure things and then dump them Now what this was found by a security researcher and reported but here's where it gets interesting is the question arises a Security researcher found it reported it. It's taken down. That's a great honorable thing to do What if it was found before then and if it's found before then? Then you now have a problem of these guys dumped and copied it the people who have found it before the security researcher And then that leads to the exploits of them logging into government systems because this was the full Credential stacks that were needed to log in as I understand of the data Yeah, so this was really really bad like hugely bad. It's just big leak bad big Yes, it's heard. That's a good word. So yeah, this is this really crazy It's it's the best. It's the best breach ever. It's the best Terrific. Yeah, believe me and I speculated and made my jokes about it and you know one of the questions really comes down to You know are is the government just tired of you know the shadow brokers and places like that selling their government data We're just gonna give it away to the general public We're gonna show those hackers we're gonna put them out of business because frequently what happens is and the shadow brokers is one of the famous one that led to the WannaCry virus because they had the tool kit from the NSA that was leaked and was called eternal blue That was part of an exploit kit So the whole series of events and threat stacking that occurred but they were selling the knowledge of the government documents This is what happens. They get a cash of them and then we'll try to sell them on the dark web Black markets to other places. So if the government just gives them all away, you can't sell them I'm giving away all of our secure login top-secret confidential stuff. Yeah, the ridiculousness of security right now It's a it's a it's perfect. It's the best way to deal with it I have a security friend in the forum comment Wow, I can't even find a job and this kind of stupid he's going to government level I'm like, honestly, you should like go apply a boost Hamilton. I have a feeling they could be hiring right now I have a feeling there would be some job postings right in the security department, right and you've seen the bar You know what the bar is. Yeah, you know, the bar is did you not do that? Yeah, try not to dump top-secret information on the public service. I not if you could that would be awesome If you could that'd be great. That would be a breaker. Don't do that. Yeah Try not to do it. Yeah and on to related news to that another story from reddit that was really good and boy, this was just it was in One of those just face palm just like the other one, but it was it for a company now We don't know the company's name and it's not relevant either But so they hire a new guy then and they him hand the new guy keys to the kingdom Hmm and he's a data He was doing some type of development work So programming and they gave him access to the database now what you're supposed to do you create a separate development environment So here's our main database that runs these major corporation that has all the important data in there We hope it's all backed up. We'll get to that part Then there's a work instruction how to create a local copy yourself of data So you can start learning the tools that they use so you have your development environment and you go Hey, does this stuff work? Then we copy it over to the production environment. That's generally roughly and Briefly how development occurs. So you don't just push things out, you know, they have a how does this program work? How would it how is the program work if I change the code over here? It works good It doesn't crash the entire system. It doesn't wipe the entire system. So we put it over here Well, remember that last yeah, we're the last part. So while reading the work instructions if I understood this the work instructions actually Gave you the details on the main database and it says like, you know insert your own database name here to create it But instead of doing that the person just kind of goes I don't I read the work instruction first day at work, you know, you're excited You're nervous did to do to do and types all the commands instead of putting his own database He uses the name of the production database, which is actually the name in the work instruction Well, then he issues the basically dump command and erases the entire database and everything everyone freaks out and he fests up to it, but they've now threatened legal action they fired him immediately so this is your first day last day and He's like well, I'm sorry anything can do the help they said no We're gonna get legal department involved and you know young guy just out of essentially programming school or whatever And so really nervous about this and he posts the debrief of this on reddit And everyone's like kind of encouraging and he was really happy about it kind of blew up of you know, dude I'll represent you like yeah, they should have not given a junior system in without a lot of experience like their first Real job in tiger access to the kingdom and then not had any backups of anything. So They are inept now this goes a bit deeper and we were actually talking with a guy from the IT&D event He works in the compliance industry. So industries that have certain government compliances Literally have rules that say you can't just hand over access to the new guy. There's vetting processes There's process procedures and things like that So whatever this company is could have bigger problems themselves legally because I've seen her customers We had a service interruption that use the system and so it's all downhill from there I'm sure that company has like a you have like you don't get vacation days for six months So you can't be trusted with vacation days for six months But here's everything you need to wipe the database on your first day on your first day Oh, and we don't have any backups of the database either. So I would be careful. Why would we need a backup? So And the final fun thing that we're doing over here I will and then we'll wrap this up is we have a Some bills we're gonna be doing that I'm gonna actually be doing on video and I'm reaching out to some other youtubers So we're gonna partner with them and doing some cross-promoting videos So that's exciting stuff coming up and then the the bills will get documented some You know because we're kind of back into swinging things here The building's built out and so if someone knows I someone commented was happy that we're posting more videos We're trying to get a more regular content schedule Besides vlog Thursday was the only thing we were able to keep somewhat regular But Yeah, cuz for Thursdays we take our metamucil that keeps us regular. He keeps us regular Oh, I was just waiting for like Marvin's like I said Marvin's like I got to be right there. I got it. I got it. I got this here. Hold my beer There's a comedic insert right here. Oh nailed it. I'm done. Thank you. Good night. Thank you. Good night So, yeah, one of them is gonna be and we gotta prove a big job approval on a free NAS build And that's gonna be a fun one because I think it's a 27 terabytes we're building server 27 terabyte. Yeah, lots of terabytes. Wow, we're working out the details It's in the quote and they signed it Steve worked out the details and Steve's gonna do some videos too About technical things that go on here and he likes talking about it So we're gonna get into those details plus as always We didn't you know print them up ahead of time But a big thank you to everyone who commented because we're fascinated by all the people that are not just in the US But that took the time to learn English and watch us and live in other countries I'm like because I don't we assume they learned English simply to watch our videos. Yeah And to comment to us, but we had we had the Netherlands New Zealand Australia Texas wait that they haven't they haven't succeeded yet. They're still American It's a different world down there. It's a little bigger That's a word you could use. Yeah, so there's that we love Texas. Yeah for the but we're a lot of people from Europe That's just awesome. We're excited to International audience, you know, it's like that just if any of our European friends would like to send us swag Please feel free. Maybe there's a duck with an accent that squeaks with an accent Candy bars. Oh candy bars would be good. Yeah, we love food. We love spicy foods. So there's There's all kinds of fun stuff. So yeah We're also gonna do some of the spicy videos because we've been eating this stuff called flashbang. Look it up. It's Like people do it as a challenge we do it as you know Wednesday Yeah, like right. Let's put this on a hot dog and see what occurs Now hold on put it on it was already a red hot hot dog Okay, and this is the stuff I think we talked about a couple of weeks ago where like I had like a single drop on my finger and My eyes almost burned out of my head and my finger still had like the burn on it for two days Steve took a red hot hot dog Lathered it with this stuff And then I loved watching him because he would take a bite ow Ow And then he'd set it down and like paced around the office for a few and go And we're all like you could just not eat it. He's like no He did the next day and some chicken it was oh, that's right Yeah, he did the chicken the next day this there's just no way he has a stomach lining left exactly not not no So thanks for watching if you like to count here like and subscribe Once again, we love the comments suggestions for videos and ideas that and fun things like that. So appreciate it See you next week see you next week What happens if we turn our microwave on oh with your camera inside yeah Whoops