 do you understand the information or do you just regurgitate it that's the question that exactly do you do you take it and process it or do you just read it back from a book or do you just here's all the information back this is what the book said and these are discussions that go on before we start vlog Thursday so welcome to vlog Thursday and I think I'm gonna cut some of that in there our discussion behind the scenes behind the scenes hi everybody it's Thursday hey hi all 9800 of you oh yes 9800 that's awesome yes we're coming up on that 10,000 mark I've been rocking out some videos because we finished client projects time goes back to making videos yeah that so I was able to you know make a few more I've been trying to show more of how we do this how we process stuff I'm just always not sure what to share on the business side so you know I did one on invoicing maybe I'll do more on money because I think some people understand maybe how balance sheets and ledgers and I'm not an accountant but these are still I have the understanding I think a business owner should have maybe I should have more of an understanding but you never really know how well you know something until you explain it so that is very true yeah you have to have some in-depth knowledge and me and my co-host for the SML I were talking about it Tony because Tony is now teaching security at the college really yeah he's we're calling him professor Tony now yeah she's pretty cool and those things like he's good he works he does security over at a large hospital he works in IT of course and it's he's among a big team of people you know and you understand a lot of the functions of your job but he's had to for student purposes did get a little deeper topics what he teaches it it's just interesting he's like oh yeah you know because you got to make sure you are teaching the most accurate information that's really important if you're teaching is that you're doing it right absolutely yeah well and make sure like as you do things more and more like you develop your own little shortcuts and things like that you can't necessarily teach little shortcuts well you can in security because there's no there's not enough oversight when it comes to IT stuff because just because you can doesn't mean you should welcome to Jurassic Park nature will find a way so something we couldn't remember whether or not we talked about so maybe we're talking about it again and it could be that your new subscribers this is the first time you've heard this is a service we're providing service we're providing rewind a bit but I wanted to touch a little bit on validation of institution and the work we do so I've seen this come up and it was some Twitter discussions I had with some people that were funny and there are certain cybersecurity degrees or certifications you can get but you know defining talent and defining who should be in charge of something is really really not an easy process and I bring this up because we'll some discussion was around you know the Equifiasco as I'm referring to now that's my new term that yeah Equifiasco won't spend too much time dwelling on Equifax but we'll talk about like there's a chief security officer and she had a music degree now I I am a believer that some people because they have degrees and something does not necessarily mean they're good at it but to the same effect people can have a degree in one subject graduate top of their class and she was the Latin thing summa cum laude he says about her to me she I believe it said she was some who body in in graduate music the other thing is she was older therefore when she graduated college what cyber security degree should she have gotten and she would have graduated I'm guessing in the 80s based on I'm guessing her age oh think about that for a second too so I'm not trying to defend it all that her because clearly there was a breakdown in things that have caused the Equifax and if you are head of the ship and you're head of security and security failed you are the one in trouble but I do find that people who are really really talented at at something often find that they're talented other disciplines because the same rules even though she may decide to focus music or maybe there's so many folks on music they may use security now I think the circumstances of Equifax may punch holes in all that but I don't think just grabbing and making headline over that is the ideal way like you can't just say oh just because they don't have that because really we've seen some amazing security researchers who have very little qualifications there's a lot of hackers of course they're just done some amazing talented things you know I'm looking like the Geo hot the guy who hacked all the PS state playstations built his own self-driving car and I don't think he has any type of degree he because he started doing this in high school yeah well when you when you don't I think when you don't have a degree you don't go through that formal education thing you don't worry about the rules that surround like said yeah you know I think so like you're more free to break the rules and like you know figured out for yourself come up with something new because you're not you know you're not in that mindset of oh it must be done this way right and I think that's something and I don't know I didn't go to college so I can't speak to the other side of it and so I can't really make available an argument my own experiences and I think sometimes schools and correct me if I'm wrong in the comments all the time yeah they sometimes teach you like this is the way it's done and maybe give you too many rules and a lot of people go why is it done this way they come an approach of I don't understand why it's on this way because they lack some that formal and it gets them outside there and some of the most celebrated you know successful people who've created something are not always the people with the highest degrees you know that's something that a lot of people don't realize or maybe don't think as much about it's just they they want to gain understanding and it comes down to the bottom line is there are people who are really successful this is at least my theory is they're not seeking the validation of institution they're only focused on the acquisition and knowledge so people ask me on time should I go to college so I get a degree so I get a job no should you get educated so you have a clear understanding of what your job should be and be really good at it and then make a career out of it that is the acquisition of knowledge when some people I just need to pass this test so I get this degree so I can have a job somewhere is that the degree is a qualifier and I think employers are getting smarter and smarter about this and you know as we kind of progress through the job markets and things like that and going I it's not just about a degree it's do you have a clear understanding of subject did you acquire the knowledge or did you as we were saying regurgitated all back on piece of paper yeah with no clear understanding other than hey I got the the cliff notes of how to take the test and how to pass the test so and hopefully it's going that way because I for a long time it has the piece of paper has been the only qualifier or at least the largest qualifier and I don't know if maybe just because it was in an easy way for employers to go well you got the piece of paper you must know well and we we hold a lot of it to the standard of we go doctors and now I'll admit I do like validation of institution when I'm going to the doctor sure I don't want a guy going we're gonna do brain surgery day I read this Wikipedia article yeah are you ready I got it I got it you know what I went on YouTube I got a video I'm pretty sure that I know I can just root around inside your head yeah and there's a book I've been wanting to read called I think it's referred to as Titans and it's about the Rockefellers and that era yes yeah one of the things they did in in we're specifically top of the medical industry is they use a lot of their influence to structure and create a very strong system in the medical industry so there were standards in it and because there were not different you could all have the same title of doctor but it didn't have to carry the same weight and meaning there was a organization between the colleges and they did it with a series of grants if you follow these guidelines to produce doctors that were not doctors on paper but actually went through qualifications this is also why the the medical industry is interesting and why we don't mind that qualification the hours take about the hours it takes to be a doctor think about all the internship time it is to be a doctor it is a structure program and we almost need something more like that I don't know exactly how to apply it but where no you're not a cybersecurity professional because you got a degree because you passed an exam because you got a certification because an employer does want you to you know the your market value as a tech person really has a lot to do with your background in experience and not just the degrees and how do we get a better internship programs and things like that going to it not and there's companies doing it don't you know that you can list them below but I know there are places doing that and working with internships mentorships because that's how doctors aren't it doctors are of course referred to as a practice just like law for the same reason because they don't see it as a finality of you learned it you apply the discipline there's a constant continued learning necessary for both laws that's hence why they're called practices yeah so makes perfect sense kind of a rant on that well it's almost I mean there's a reason that the like apprenticeship way of doing things worked for centuries because it worked yes I mean you you spent seven years watching the the the guy who knew what he was doing do the thing and then you spent another 10 years or whatever practicing that to get almost as good as him yes you know like there's a reason that way and there's a tier system on the downside is because cost of living cost of school and things like that especially here in America we a lot of times just go we'll give him a free intern job the problem with free interns as much as they're nice to have from the business standpoint is they have things to pay for and life to live so you it makes it a little bit challenging but like so this is it's an interesting topic to me because I it affects us as a whole and you know securities tough and we need better security professionals so maybe there's some more things good news is the internet makes a lot of it easy so people who are ambitious and want to acquire knowledge without any validation of institution you can certainly do that absolutely that's kind of a time did I just read books I read books Wikipedia Google stuff go to hacker conferences like that's my knowledge is 22 years of actual hands-on experience in the tech industry of just doing which is I think better than regurgitating information I knew a piece of paper I just you know anytime I drop read books read books read books and then I don't read physical books anymore I read them all mine but the same concept supply and you can just acquire this for that you know I don't really have anything more than a diploma so I'm also my rebellious side I've never liked like pomp and circumstance around qualifications like I didn't even go to my own graduation I didn't go to my college graduation yeah I just kind of like yeah anyways back to other topics yeah yeah so the Equifiasco the last thing I'll say about that is someone's up a fake website I think it's called secure Equifax 2017 instead of Equifax Secure 2017 which is what they registered yeah and it's titled why did Equifax it looks like their website but it's not it's a phishing site but a hysterical one that Rick rolls you really yeah if you click any links you get Rick rolled awesome sorry for sorry if I spoiled it I'll leave a link here for it's hysterical but it's a whole breakdown of why did Equifax create a separate domain instead of just using their own domain slash you know we we want to help you it has on there things like why did Equifax register this stupid domain is like the title but it's all in the same fonts and layout so if you just glazed over it it looks the same till you read the words in it and it says this is arbitrary for me to do in Recreator something like that I mean it's really funny but what gets better and why this is funny is because Equifax started tweeting it out to people accidentally I know so they were he here it's like you're proving my point you're proving my point like even your own team who's handling your Twitter's is got it transposed and tweeted out the wrong link to several people asking questions on the Twitter's oh wow I love and hate that all at the same time it's so funny because the guy's non-malicious which is wonderful which is something he comments at least I'm not malicious I'm just rolling all right yeah oh my gosh so that is entertaining speaking of the Twitter's I've been tweeting oh yeah you know I've had a Twitter account for a long time I've never used it and I decided I'm gonna do the Twitter's I like the Twitter's yeah I do Facebook way more than Twitter but I should do Twitter more because I love one-liners and that's pretty much what it's pretty much what the tweeter is good for the tweeter is good for one-liners and I I've always just used Twitter for comedy less mine more just following lists of comedians yeah like that of people I find funny because you write it's it's 140 characters it's limited which pretty much means it's a one-liner so it's a zing yeah I think Neil deGrasse Tyson he tweets all the time and he makes he makes all of his tweets 125 characters he spends a lot of time crafting yes so that they're all 125 characters and packs so much into them yeah and there's that's one of the reasons I follow him yeah he's funny aside from that I will admit to having a man crush on him yeah he has a big brain he's got a big brain it's very attractive yeah yeah he's one of those people with the piece of paper and the smarts yes and if you haven't read his book on Pluto read it I actually read I've actually read his books I like Neil deGrasse Tyson books yeah yeah I have so I have it's audio book but I have his astrophysics for people in a hurry right now oh I've not read that one it just came out okay that's probably so it's basically like it's real astrophysics it's not like necessarily dumbed down it's just in a book that's like that thick if you get the actual book it's just he like explains it you know as as thoroughly as you can in 30 seconds so next week I'll be at Microsoft but I'm taking I'm gonna be making more videos there I was actually asked by one of the people there like hey want to make some more videos I'm like yeah we're doing podcasting there and so I'm also gonna create some other content and every people I didn't do that much video at the build conference but the build conference was also really packed into a few days first time I really understood what to talk about when I was there this is a conference I'm gonna be up for five days not just two and the podcasting schedules kind of scattered around through the day so there's a lot of things going on in between so I actually have a lot of free time to wander around and meet with Microsoft people and probably do some videos so trying to figure out how to get all the equipment down there because that's the challenge of dealing with the TSA and everything like that yeah yeah I'm always afraid when I pack stuff but anyway I am taking all the stuff and I'm gonna be going and all that fun stuff there so that's really cool that's happening next week probably next week based on our current rate of expansion I'm guessing we're gonna break that 10,000 subscribers so it seems like we're just a couple hundred away yeah we're just a couple hundred away and I need 100 I think as I checked this morning tell all your friends about us tell all your friends about us on that note is there a topic specifically like me cover would you like me to do a Q&A I thought about just setting up a like a livestream Q&A time you can schedule that and what time should I do it because you guys commented all hours and I want to do the most effective time but I don't know you know it's funny through my YouTube channel acquired some friends from Australia so friends from England because wife's like who is messaging you this morning at 5 a.m. then I'm like Chris hi Chris because it's 10 o'clock where he is we were having a discussion on on password management systems and some little details we had about something and because he does it over at England and that's like 10 a.m. for him so he knows that I'm awake that early so he messes me and I reply and you know I'll get into discussions so that's definitely something to talk about and I don't mind doing Q&As if there's some weird personal question or whatever feel free I don't mind sharing some of my personal life as well people sometimes here as I know I'm curious I thought about what to do because that's something I always find interesting and maybe you do too when I follow youtubers when they also share some of their like personal things that they do as well and that becomes interesting to me like you know what are your hobbies because I find the same correlation that a lot of people who are doing one thing that's really interesting they probably have an interesting hobby as well or something else that they they do either media creation and things like that so Tom likes motorcycles Tom likes motorcycles a lot trivia and I may do another video on my other ones I got but I've got like a video with 7,000 views just because I discussed the details of a Honda you know in things it's funny funny because it's an esoteric thing it's a classic Honda from the 80s and I went and I did a little video breakdown of it then I also like bicycles I have a really unique bicycle imported from Germany so yeah I don't know that's unique or not but I don't think there's but a handful of them in the United States but unique for people who are into that unique for people so yes I have my little I only know two modes of operation it's called passion or shrug I don't care at all or I'm deeply passionate about my bicycle or my classic 1970s Hondas that I have right now that technically classifies you as an extremist oh yeah I only do things in the extreme I either don't care at all or I'm all in now yeah that does that a passion shrug that is my two modes of operation you know I like computers so I have an entire computer business and a YouTube channel and I've been asked about it because I am passionate about technology you know which now has led me to being flown to Microsoft and everything it's because I put all the passion someone did ask me about that and that like oh how do I get paid to go somewhere I'm like putting a lot of passion creating content is a lot of work and I didn't do it with some expectation at the end I just do and then all you guys are following all the stuff that I do I don't have some targeted I'm not drawing up some business model I by this time you have 10,000 and 100,000 subscribers things like that there's not some drawn-out plan I just put a lot of passion and I think it's awesome that you guys have the same interest as me which is probably why you click subscribe so that's just yeah and the same thing we had no idea what the podcast we produced a few hundred well I produced a hundred something of those because Tony started the podcast before me there was not a road map the right time once we have this many Microsoft literally someone that worked at Microsoft listen to our podcast and go you know what we we think you guys and do some good interviews so we did some test interviews they go we loved all the questions you ask because you're different than the other people so let me line up all these trips for you to come fly you out the headquarters all you and your podcast team so it's not like there was some clear focused goal towards it it's more like we just produced and put passion into the content and it happened but it may not happen there's not any way there's I won't lie I would never mention luck to a self-made man no I I understand that because you'll find people I had a goal of doing this BS you didn't you got lucky well there's a you have to be prepared for the luck there is that but how much actually is it luck and how much is it just I mean putting it out there I mean you got you got noticed by Microsoft because you put the content out there we said before like you you know you did your podcast for years before it actually right so there were there's a lot of podcast a similar podcast out there that nobody ever heard there's like people heard it but you're still doing it right so you can say it's luck because maybe you had that turning point yeah but really it was you had done it enough and put out enough that it finally got to somebody that's you know a lot of people people recognize like okay now we're famous or whatever you know it's famous and like but you don't see the 20 years they spent right like you know I think Amy Polar has her book yes please and she talks about that is like people are like oh you're like this overnight sensation you know once you got a Saturday in life she's like yeah but I was at Second City for like 10 years before that and I you know I was you know doing this before you was CK he was around a long time before he became the hero he wrote pootie stank yeah or is that the movie I don't remember but like he's been around a while like that was from like the you know early 90s like yeah he was around a long time to be a big name himself and that's why it's bringing up comedians which is something I know a little bit about this guy knows comedy like when when somebody like the first time a comedian's like first big album like when they put out their first album or their first special whatever like that's like always great right because they spent 20 years building that material now six months later they're Pete the people that now own them are saying you need to put on another one well now you had six months to put it together and that's why so often that next album is terrible I don't want to name any names Dane Cook yeah some people are some people are one trick pony but I mean that's it like you spend all that time building that one thing and that's it that's what yeah but that is what gets you notice so you need to you still have to capitalize that on that and continue to do what it was that you did to build up to that original one keep that passion keep putting out the thing you know and keep getting noticed that's what happens that's how it works yeah it's a it can seem like luck but I the more and more I look at these things the more and more I see really is the work you put into it it's where you put into it and it's being prepared when the opportunity comes so if an opportunity comes like if you would have a Microsoft would have called us and we weren't ready for it we would have well we really could say yes and failed on our face or we could have said just no but the fact is years of podcasting doing other interviews things like that leads you up to being able to talk to you know in a level executive C low C level I say a little bit a level celebrity but C level executive there you go no weird all right weird yeah because you want to talk to a list of celebrities and C level executives anyways I see yes a a Canadian friends hi last thing I want to talk about is C cleaner someone has me do a whole video on it I don't know if there's enough interest because like it's been covered really well and what happened was C cleaner got compromised now what's really interesting is the compromise and I've seen some other details maybe we'll do a follow-up video when all the details that I think will come out are out but what happened was it's referred to as a supply chain attack and what that means is the programmer involved the people who write the code were in the machine that compiles it were compromised that's what caused distribution so a lot of the other hacks have occurred there's been times when they've hacked a website and replaced the file with a bad version of it all right that's one type of hack but it appears that this one was done and what they the programmer's system itself was compromised and that's a serious problem because if they didn't know they're compromised or did they and they were in on it that's the details we don't know were they in on the hack and embedding the software the guy reading the code person reading the code or was it the programmers I say person or was it a compromise machine that was adding and injecting into it those details are really important how did they get in there what was the attack factor for it and this becomes very scary the millions of people download C cleaner it's a C cleaner short for crack cleaner it's a really really popular for utility was recently purchased by a vast I believe they purchased the whole company that makes that software and so it's really in-depth because supply chain attacks are harder to do and very very dangerous to the public that uses software because you're talking about you know having a mole inside the company pumping out software that's very popular to use and what's their what's their motivations for that it also comes down to a physical security of what if they compromise the person writing the code as in threaten them personally or anything like that because you're talking about a lot of money that can be made from some of these breaches so you have to think about all the points of you know how secure is their system how are they locking things down and is their leverage someone could gain over them personally that would encourage them to write code in there and what's your countermeasures for that so I kind of if I do a video about it I want to talk about like the in-depth thoughts on it as a whole not just that yep it's compromised and if you download between these dates that I'll leave the link to that article below if you downloaded it basically in the last month there could be a problem good news is it was looking for a command and control domain and Talos security their security research company they purchased all the domains that it looked for so they can lock them down so it was never able to deliver its payload it was obviously being staged something because they left in there a long time and that's a high-risk thing for the hackers because they could have activated the command to control whenever they wanted they chose to wait they were waiting for a pretty big install base so if they would have activated it at a high level because there was several million downloads that's a big hit yeah and obviously they waited too long which is good because then the command and control centers get shut down and that payload never gets deployed so but the breakdown of that I think would be interesting so I might do a video on it but I want to make sure I have all the facts straight and a lot of details to share and some thoughts to apply to that because you know security is constantly on our minds and this is about this is a deep topic so down the rabbit hole as they say wow so if you want me to do more videos about money and business any of a specific question like I said I may do just a finance one so I did something about invoicing but I may do because I got to do a few days next week I do our P&L again I do a P&L every end of run the profit and loss sheets and shuffle the money sum up the money figure out how much we made or how much we lost sometimes we lose a lot that happens we'll be alright this week or this month this month we made money last month we lost money this year we've lost money yeah we're gonna see if we're coming close to a break even well it's got a couple more months got a couple more months and that's one of those things my company has done more in dollars than ever before but we had more expenses therefore we operated at a loss and loss is the cash balance since the beginning of the year is less than it was last year therefore it's at a loss even though more money came in and he cashed a check still I got one more I'll cash one I'm only one check behind I just make sure my plays are paid first what's just you know we appreciate they seem to appreciate it you know keeps coming back keeps them coming back for more alright thanks for watching vlog Thursday we probably ramble down for quite a while that's alright alright like and subscribe like and subscribe tell your friends let me know if you want me to do that live Q&A thing or if there's something you want me to do on there but I'll I'll get that going thanks bye