welcome to the cyber rants podcast where we're all about sharing the forbidden secrets and slightly embellished truths
about corporate cyber security programs we're ranting we're raving and we're
telling you the stuff that nobody talks about on their fancy website and trade show giveaways all to protect you from
cyber criminals and now here's your hosts mike rotondo zach fuller and lauro
chavez hello and welcome to the cyber rants podcast this is your co-host zach fuller
joined by mike rotondo and laurel chavez and uh today we are going to be talking
about a few things that have happened in the news and just see where the conversation goes too there's always something interesting coming out when we
don't pre-plan a topic but uh just talk about some of the stuff that's going on out there so with that said
mike why don't you just tee us up get us going tell us if there's any good news but probably
not maybe it's just news i never have good news so i'm still suffering over
the the vodka shortage that uh the vodka hack in ukraine so bear with me it's been a couple weeks so
here we go goodwill ransomware's arrived was either creepy weird spin on robin hood a ransomware gang is encrypting
data and then forcing each victim to perform three good deeds before they can download a decryption tool the so-called
goodwill ransomware group first identified by cloud sex threat intel team doesn't appear to be motivated by
money instead it is claimed that they require victims to do things such as donate blankets to homeless people take needy kids out for
pizza and then document these activities on social media info videos or videos the victims must also write an article
on social media about how you transform yourself into a kind human being by becoming a victim of ransomware called
goodwill the operators are allegedly interested in promoting social justice rather than conventional financial i
kind of like that i mean i don't know how i feel about that it's uh yeah no it's not like it's not like they can
just target bad people right i mean they're just they're just going off they're just looking for exposure
right probably hitting anybody with it so i mean you could you know you could hit mother teresa with this
right yeah i mean the whole thing is they're randomly judging you is not a good person and
deciding that you're going to have to transform yourself i know there's a lot of a lot of
different opinions out there but i i do believe that overall people are good so
it's kind of a kind of a crappy thing to do but um anyway that maybe now corporations
not necessarily are good some are yeah but people sure and uh well we'll not
talk about government well corporation's just an entity really it's just a legal structure
so is it good or is it bad i don't know maybe it is the people within the corporations but anyway you either
believe they're there to crush the proletariat or to promote the common good that's one of the two philosophical cyber cyber security
fridays yeah exactly bust out a cup of coffee or a nice cup of tea
and relax and listen to those ultrasounds of news from cyber sector um i don't even remember this
ransomware attacks need less than four days to encrypt systems this is actually a little scary the duration of ransomware attacks in 2021 averaged 92.5
hours measured from initial network access to payload deployment in 2022 ransomware actors spent an average of
230 hours to complete their tax and 1637.6 hours in 2019.
this data was collected by researchers at ibm's x-force from instance analyzed in 2021 they also noticed a closer
collaboration between initial access brokers and ransomware operators uh previously network access brokers might
wait for a couple days or even weeks before they found a buyer for their network access in addition some ransomware gains now have direct control
over their initial infection factor which they had previously the performance of the threat detects and response systems in 2021 improved since
2019 but this was not sufficient according to the researchers the most impressive development in this area is endpoint detection solutions in 2019
excuse me eight percent of targeted organizations had such capability while in 2021 this percentage grew to 36
my concern is why is it still only 36 in terms of alerts generated by security tools data shows that 42 percent of
attacked organizations were warned of a timely manner in 2019 last year alerts were delivered in 64 of
the network intrusion cases promptly um two things that's popped out of mine pop
into my head is uh is someone at ibm a big fan of deadpool for the x-force comment
yeah well i'd hope so it's it's pretty pretty spectacular drop in numbers um but anyway moving on chrome loader
browser hijack provides gateway to bigger threats this is an interesting thing chrome loader may seem on the surface like a run-of-the-mill browser
hijacker that merely redirects victim victims to advertisement websites however chrome loader is a pervasive and
persistent browser hijacker that eventually manifests a browser extension modifying victim's chrome settings and
redirecting user traffic to advertisement websites on windows machines victims become infected with the malware through iso files that pose
as a cracked video game or pirated films or tv programs chrome loader uses a power shell his use
of powershell could pose a greater risk by leading to further and advanced malicious activity such as the
propagation of ransomware or spyware or theft of browser session data researchers are warning of the potential
chrome loader which has seen a resurgence in activity recently to pose a more sophisticated threat than typical male 1
malvertisers do according to two separate blog posts by malwarebytes and red canary 3.6 million that's million
with an m my sequel servers found exposed online uh shadow server researchers scanning
the internet for exposed my sql server said they received more than 2.3 million ipv4 and 1.3 million ipv6 addresses in
response to their connection requests on port 3306. indicating the connected servers were
wide open to attack of the more than 3.6 million exposed my sql servers most were located in the u.s
with more than 740 000 followed by china with more than 296 000 in poland for
some reason with two hundred seven thousand and lastly sidewinder hackers plant fake android vpn app in google
play store uh phishing campaigns attribute to an advanced threat actor called sidewinder involved a fake vpn
app for android devices published on google play store along with a custom tool that filters victims for better
targeting sidewinder relies on a fairly large infrastructure with that which includes more than 92 ip addresses
mainly for phishing attacks hosting hundreds of domains sub domains uses command control servers sidewinder is an
atp apt group that's been active since at least 2012 with a relatively high level of sophistication
um there's a couple other things in here that you need to be aware of microsoft office apps are vulnerable to idn
homograph tax microsoft did share the mitigation for office zero day exploitation exploitation
exploited in attacks so there's a there's a couple of things out there and channel link ta-413 group actively
exploits microsoft folena zero day flaw so there's a couple microsoft issues
going on as well with that boys where do we go i think it's my turn to talk about exploits but i don't remember that's
right it's been three weeks since that's right i was supposed to have some exploits to talk about today luckily i do um just to
kind of follow up on your felina vulnerability from microsoft i think i think this is important to be for for a
couple reasons um one is that you know there's there's
other than microsoft's patch that you know there's really kind of an unknown amount of time that that this has been
going on this was kind of accidentally stumbled upon by researchers and when you there's a lot of articles
on this so i urge you to you know to look into this and you know we're specifically talking about you know the
microsoft word document that manipulates the microsoft's diagnostic tool so if if
you're out there and you're looking at this you're going to find references to cde 2021 that's four zero four four four
for this again stumbled upon and then microsoft's like oh we'll fix that and you're kind
of left wondering how long has this been going on i mean it's microsoft so this shouldn't shock you at all
what's what's cool about this is that this file um you know this a rich text format file
in in microsoft word that you can generate um has the ability to run
lots of lots of things outside of powershell and outside of this um this
microsoft's um you know microsoft's diagnostic tool so i was doing some poking around because
as a security researcher um you know this this is just super interesting to me on how they
figured this out and like other security researchers out there who have way more time than i do
um specifically clevirus please virus gonna give you a shout out on github man he's got a fully weaponized
a fully weaponized payload for generating one of these now now before you free panic microsoft's patched this
so if you if you haven't updated your microsoft office please do so because this is not the only one i've seen this
is a probably one of the best ones that i've seen out there today um this fully weaponized uh version of faulina for cde
2021-4044 so very very interesting go check that out on github there's a lot of other
ones out there and then the other one i want to talk today is if you're running big five and i'm sorry if you're running
f5 big five if you're right here if you're in an f5 it's a big mess if you're writing a f5 it's a big five mess
for sure first forever apologies um yeah but if you've got f5 technologies and you're
running one of their big ips that's got version 160 installed make sure you're updating that because we've got a remote
code execution proof of concept that's out there and it can execute all types
of things that could possibly get a remote attacker root so there's a lot of dlls that the rce
can call there's some pocs available on github some appear to be incomplete but there are some that do look like they
would give get you pretty close okay so if you're on f5 big-ip 16-0 make sure
you update off that awesome so that's all we have for exploits today zach i'm going to turn it back over to you i know
we've got well a good conversation hopefully we know what planet we're on today vodka shorter hopefully yeah it
might be a little a little rusty after a couple weeks off and um just everybody a
listener should know in advance that we're going to be out next week as well um summer is here
there's traveling there's lots of lots of busy stuff going on work all kinds of good
things happening but that said we apologize for the inconsistency because i know you jump
out of bed every week whenever this launches i think usually tuesdays and are excited to listen to
this podcast so i apologize for that um but we will get back into a little bit
more of a consistent routine here um but uh that being said let's take a
quick commercial bait and be right back want even more cyber rants be sure to subscribe to the cyber rants podcast get
your copy of our best-selling book cyber rants on amazon today this podcast is brought to you by silent
sector a firm dedicated to building world-class cyber security programs for mid-market and emerging companies across
the us silent sector also provides industry-leading penetration tests and cyber risk assessments visit
silentsector.com and contact us today and we're back as a quick reminder
all the news articles are at the cyberrantspodcast.com on each episode page you can click through read the full
articles that mike shares and you can also leave your comments questions thoughts smart remarks all that good
stuff right there or reach out on linkedin i guess i don't think any of us has any other social
media presence i would just say i would like to hear some comments on the goodwill ransomware see what people thought think about that
yeah that would be interesting i mean is that is that any better goodwill ransomware
any better or worse than demanding money i mean i i don't know it's still i guess
extortion in a way right it is it's extortion of good deeds i mean
you know it's like it's uh i think it's kind of a it's certainly a backhanded way to go about
it but you must appreciate the change of you know the change of goal from you
know it being given me bunches of bitcoins to okay if you go donate some clothes to the homeless and take this grandma for a
walk around the block and get her groceries we'll give you access to your files back i mean in one way it's like
helping teach people to be more secure and and also helping them to be better
people and it's also in another light still cyber crime and extortion so right
and is it still a good good deed if you were forced to do it yeah that's that's true it's not uh it depends on if the
person you're doing it to appreciates it or not i guess i don't know i i i thought it more a good deed comes from
a place of of love and appreciation and um
free will not not from being forced to do it
i don't know because my mom used to like smack me with the belt and make me go mow the neighbor's yard and the neighbor
was really really happy about that yeah but were you they would well no of course i mean no i mean i didn't want to
be out there in the sweaty texas sun like mowing the neighbor's yard however i got to use the trampoline and the pool
and the neighbor was super super nice um and they had they had they were older they were an older couple and they had
their grandkids would come over and they were my age at the time and so we'd all we'd all play in their backyard but you know my mom would always make me make me
mother yard too and you see that that's kind of how i'm like you know i didn't like i didn't like getting threatened
with the belt for not finishing the mowing however it did have pretty decent return you
know i mean in one i didn't get beat and then two i got to use a pull and a trampoline that i didn't have
well you you also probably deserved it right and then and she made you she made you gave you a
good work ethic right so yeah that's right yeah i don't have ptsd or
anything when i see a line there not at all well let's talk about your emotions laura while we're we're on it
[Laughter] do we need a little therapy session no this is all this is always therapy no
so really right i mean it's kind of like a nudge right sometimes people need to be nudged into realizing that they they
should kind of you know go back to their core of humanity that we're all like you said i do have the belief as well that
we're all good people right sometimes we get wrapped up at things and you know again like it depends right i mean if you know mrs smith you know
appreciated you carrying you know her groceries from her house to her apartment um because she has to do it and you know
she's older and all this stuff then you know you don't have to say anything you know i mean if you're groveling the whole time then yeah maybe it's probably
not an enjoyable experience for her but if you just carry the thing and you're filming it on social media just to prove to the hacker that you did a good deed i
mean at the end at the end of it you know mr smith is up there she's like oh he was such a nice boy
smith anyway i mean that's yeah but how many people would right i mean i mean there's a lot of us right
like we would see that and go okay i'll help you with your car with your groceries but there's so many people that just say whatever she can do well i
know this has changed postcoded like we've become less civilized postcode because of the isolation
the people aren't used to interacting with other people and is that what is that why you raise a
fist every time i come to your house you like it it's kind of just a reaction to you
that's a toned-down version of what i wanted to do fair enough
i i have the answer to goodwill ransomware is do um do good things on a regular basis
the problem is that most people that do good things don't
film those things or get right social proof that they
that kind of defeats my purpose too it's like hey look i'm doing that like all this like the people on social media
that go out and do these these good things and film it to get you know a
sensational post that gets a ton of views and likes and shares like that is that really good deed i i don't know i
mean that seems more like just um self promotion or something like that so yeah that's that's the whole
problem with this is you you know you're you're having a film and do all this stuff while you're doing indeed what if
you're not on social media like me i don't i don't get on social media so what am i supposed to do
for one i mean first off i mean i think a lot of the people that are getting hit here are you
know individuals that aren't a privy to the to the types of you know cyber criminal snare traps that are out there
right and so this happens to be i you know essentially i i guess in in the
in the climate of of of hacker traps this is probably one you wouldn't mind
falling in you still don't want to fall in it so i'd urge everybody to you know pay attention to the places that you're
going and sure you've got pop-up blockers and you know i mean it's it's the other thing i've been telling people is that
you know that if you're doing google search and um you're gonna try to go to one of
the first three or four you know top results you're probably gonna get yourself in trouble you know read read through right use use use some
you know clever google dorking or google switches to try to really isolate what it is you're looking for and try to get
into page two page three as well and try to ignore those first like five top ones because
just like everybody just like marketing companies use seo you know the bad guys using seo too to push results of common
things to the top of the search results and hopes that you'll click on it right everybody looking for you know the new
crawfish recipe or whatever right from stale cracker so be careful of those things and um you won't you won't get
yourself in this situation but i guess of all the traps to fall in it could be worse
can we expand on that because that's actually been a topic that's on my mind because i've had several conversations
lately people reaching out about browser security specifically um one in
one instance is the classic example of you know the browser pops up a window that looks like a
um a antivirus notification
right on their screen and they you know they're not educated users they fall for it they call the number
you know they do all that kind of stuff um that unfortunately happens i think too often can
you can we just take a few minutes and just talk about safe browsing browser security plug-ins all that good
stuff any any top recommendations or anything you would share with the audience about any browsing
configurations anything like that there's a couple tools from bitdefender that i use one's called stoplight
uh there's another one that um you know will block the they're about browser plugins that will block
certain executables and that sort of thing she'll but the fender has a pretty good sweep for that not that i'm plugging bit defender i'm just telling
you what i use and it's actually so good to the point where i had to uh had a problem i was trying to buy a pay a bill online that i had to step through
their code and see where i was failing and figure out what i had to turn on turn off blocking for for that specific site
so i mean it's it's good it restricts it it keeps that from happening so i mean there's even you know laurel talked
about you know don't click on one of the first couple ads there's times when i've accidentally done that i've been in a hurry and you
know the defender will pop up and say nope you can't go there good stuff so to be quick about my advice is always
for everybody that's you know looking through the public internet of things through the lens which is your your web
browser right it's really what it allows you to do is is do that exploring um is to trust nothing
and no one um everything is paper mache essentially and so personally i don't use
my advice is you know any if you know there are browsers that have larger problems than others um
notoriously google chrome because of its ability um to be to be very fast and
efficient unfortunately you know had a lot of weaknesses lately i mean even you know
mike you were just talking about the chrome loader so there are a lot of web browsers out there
that have native problems with them right they're just software like every other software vendor so
number one make sure that you're keeping not only your computer up to date but you know your web browser up to date and
you know that that's that's as easy as turning on automatic updates for chrome it'll automatically update as soon as you're on the internet and has a new
version it'll pull down um my my advice is you know i i'm a huge
safari user right i'm an apple guy i'm a microsoft engineer that is now a microsoft
not an engineer but i obviously still have to be but um i use i use apple all
the time and so i'm using the apple safari browser now safari um being from apple is limited in some of the
capabilities that you'll get out of it that you won't get in chrome however i do believe it to be slightly safer
because it does not allow certain things to happen that like chrome chrome will and you know not to get into specifics
but i don't use any browser extensions i don't use any um any kind of uh you know
browser-based you know protections i i would caution everybody to install plug-ins especially in chrome and
firefox you know those are those are rampant areas for manipulation and
modification of your local pc so you know be very weary of any add-ons
that you're adding onto your browser right and and and think about how that's going to add a new weakness and i always
tell people just don't go the places you're not supposed to go you know if you're just looking at news articles and you're just going to you
know the the main sites you know your your your yahoos your your beans your googles your fox news is your msnbc's
your cnns whatever right your al jazeera's your you know it doesn't matter what website you're going to
you're watching these a lot of these larger sites have native security built in it's going to be a lot harder for a
cyber criminal to get a foothold at cnn okay so if you're if you're staying in
places that that are say reputable you very very greatly lower your chances of risk while
you're looking through your your browser limits to the public editor things the moment you start doing weird stuff looking for packed video games or or
software hacks or or prawn or anything adult related yep exactly you're gonna you're gonna start
getting into the realm of possibilities that are gonna be very high that there's gonna be malicious content that is gonna
be trying to get injected into your browser and on your machine
back to the plug-ins also i mean there are i mean realities i mean people
people in different sectors are going to have to use certain plug-ins for certain things if um you know for example if
you're in marketing you probably use a something like a hubspot plug-in right and so if you're going to use browser
plug-ins make sure you're using the big name reputable um plug-ins from the
organizations actually certified by that organization it's not
your fly by night i think there's so many plug-ins out there that are not really verified by anybody they just um
you know people getting all kinds of stuff and these things promise the world but uh but don't really deliver but um i
think there are a few plugins that are beneficial like for example if you're using a password
management tool like one password for example you know i think you'd i would
i would think it would be safe to you know put use a 1password plug-in in your browser right make it make it look seamlessly on
your machine so just just keep that in mind and fewer fewer plug-ins is
better um and then i would also obviously antivirus right your antimalware and a
virus solution should not be what comes on your windows box all right get something you should pay
50 bucks a year for at least and and get something of quality and that's
going to stop when you try to inadvertently you know your browser
starts downloading something it should be catching that um for you
yeah plugins i use are part of the actual antivirus bit defender solution that i
use so it's actually a holistic piece so that that type of tool is excellent so yeah absolutely and i i'm not banging
on all plugins i mean if you've got if you've got like top vendor products that offer plugins to your browser to
extend that security um protection you know certainly look into those but there's a lot of stuff out there in like
the chrome store that again promises the world to do a bunch of weird stuff and
those are the ones that i'm talking about specifically you're taking a lot of risk to try to to try to you know cut
some of the workload that might be there open up another tab right or open up another window and the other thing i'll suggest is download virtualbox right no
matter if you're in windows or you're on an apple machine get virtualbox made by oracle it's a virtualization software
and install something uh linux right i mean it did you know anything anything
basic and you can use one of the native browsers there and if you need to go to various things or you need to look up
stuff that's you know unworthy of your regular operating you know your daily i'd say your daily secured computing
stuff use that virtual machine if anything happens it's typically contained in the virtual machine you can delete it's no
big deal right um big difference and then taking over your your main system
well the other thing is don't run as an admin right don't yeah that's run you know
create a separate user that you use for your day-to-day and then have an admin
account on the box that you use i mean that's what we recommend we we go through you know cis or nist or
some sort of you know risk analysis and an assessment one of the things we recommend is that
you end users should not have administrative access to the box that rule should apply to you at home as
well just because you're on your home computer doesn't mean that's not a good idea anymore
yeah good good point mike and and i i would agree with you if you're if you're using if you're using an apple
device create yourself a new user and you know take that admit account and write that password and put it in a safe
some place and just use the user and same thing in windows if you're using a windows machine go into go into the user settings and create
yourself a new user give it user rights and you can always elevate right knowing that admin password if you need to do
something that requires admin privileges you can type it in right just like a type access in linux and that'll limit
hopefully the the amount of access if you do get malware that it can contaminate the machine
hopefully just based on the user shell that you're using right don't don't forget to to clear your cache you know and um
basically wipe wipe all memory from your browser once in a while because um
that'll help help speed things up but also you get rid of a lot of the adware and stuff
and you know responsibilities all that kind of stuff yep all that just clear out i actually do that every time
i close my browser oh you do yeah yeah tracking cookies are for real and
they're kind of a pain in the butt so yeah that's that's just good housekeeping right good good you know keep keep the lens that you're looking
to the public internet things with very clean right just like if you were looking at the stars through a telescope
yep yeah i think i i think it's most i think most browsers now have the it's it's
basically one click clear everything cookies cache browsing history
um all of that and then yeah don't save your don't save your passwords in the browser
definitely don't do that that's bad but anyway well it didn't mean to divert us
too long but i thought that was a topic probably worth discussing because it is a
point of failure for organizations and and um something that everybody has humans
yeah yeah absolutely yeah because i mean you know the the
the fact is is that if you work for a large company you probably got issued a device to use for that organization and
it's got all the protections in place but it's yourself and your significant others and your family that's using the
home computer that is you know gonna get a you know gonna look for some you know hack on a
game or you know how to beat a boss in elden ring or you know something like that and then they're going to get sent to a place that's going to you know be
able to manipulate that browser so don't you know don't forget that you know if you're keeping everything else in the house clean make sure your your compute
devices are also part of that housekeeping
we have a couple more minutes here um we can uh dive into a new topic shortly
or were you going to say something mike yeah i was going to say you know doug telling off what you were talking about downloading extensions from
you know the app store or wherever there i mean there was that story we just talked about that sidewinder hackers plant fake android vpn app in the google
play store you have to be careful so yeah i mean you know these free when you get something for free you
generally get what you pay for yeah that's that's a good way to put it the best way that the best way that the
hacker ever got into someone's computer was by creating a game that had a remote access trojan in it
that everybody wanted to play and everybody downloaded it on their phone and immediately you know the individual
had access to millions of devices and so again if if you you're just looking at
the face value of like oh i gotta have this pretty colors pretty features especially with a plug-in um you can get
yourself some problems and and the same exists that's why we don't talk about wordpress mike you know right
friends don't let friends talk about wordpress or use it exactly i brought it up you brought it
up if i ever bring you a wordpress subscription for your birthday you know i don't like you
yeah i mean you think about too i mean there's a lot of data mining tools out there like you know on facebook there used to be those quizzes
and all that kind of stuff that they would that you would do that's all just data mining so i don't know if they still do i've been on facebook like 10
years but they still do they ask um like on the on reddits they ask general questions like
if you you know it's like kind of these weird complex philosophical questions about humanity and then a bunch of
people respond and of course all that goes into a database for probably ai decision making
yeah speaking of social media twitter
and all the all the fake accounts and the whole thing going on with elon musk i mean that's pretty
pretty interesting stuff and we were talking the other day you know off the podcast i remember
about i think the numbers are quite a bit more than what they're actually saying as far as bots go and
i mean i would say that's got to be the case i think twitter said it's less than five percent and now p
musk is pushing and saying it's more than 20 yeah i guess it's probably 40 i'd say
it's it's probably 60 40 right 60 real 40 baht um i've had people that i know um that
have lost on twitter significant amounts of followers thousands and thousands
and you know interestingly enough they were having full conversation with these npcs right these are these are these are
bots that have machine learning on the back end and they can have a
whole conversation with you and these people really thought these were real people
and come to find out that you know they had 50 000 followers and they did the bot flush and now they have 90 followers
yeah okay i got a suggestion get out of your house go meet real humans
and that is better than twitter yeah when's the last time we were around whoa whoa hold on when's the last time
we were out in the desert like running our sea buggies you know around you know i mean that sounds fun that sounds better than tweeting you know we can go
get some rc cars and tear them up in the dirt you know yeah yeah i've never been a twitter
a twitter person i just never tweeted to i've never yeah i mean i i just never
really appealed but i know there are a lot of people out there doing that but uh be interesting send us a note how
how you feel about this whole thing have you been chatting with a bot for the last three years and thought you were in
love you
a big bang episode where uh one of the characters gets caught by his wife
um playing around with a a character on a game a video game and it turns out that it's like the janitor
at the building he works at or something like that that's right
you know this is actually there is a level of i mean we joke and stuff because it's twitter whatever but there's there's a
level of seriousness to this for for a lot of people out there especially in the marketing space because you know all
these social media influencers and all that would get get paid huge money because of this
following that they had and they thought you know oh well i got you know hundreds of thousands of followers and really
it's like 50 actual human beings and the rest are bots so marketers flushing money down the toilet
to get their message out to machines yeah and yeah it's a big psyops up
exercises all the alternatives my best friend you know
yeah i i have a feeling there's a country or two that is producing most of these um
in order to uh accelerate visibility of certain
news articles and things that work in their favor and yeah and false tweets and all that kind of stuff and we've
seen that over and over but um yeah that's a whole that's a whole rabbit hole but um
i just thought that was interesting what's going on there um and i think
you know you know what i hope though is i hope it it gets people to put a little less
emphasis on social media and a little more emphasis on real life and real people um that that i think would be a
good a good thing that could come out of all this um you know go out to the go to your local
cigar lounge have a cigar meet the people or go to the park or you know go go hiking or something like that
go carry mrs smith's groceries without taking a picture of it and putting it on social media then give yourself likes
you know what i mean whoa what don't check in better don't don't check into everywhere you go
um look i'm here in my head nobody nobody wants to see what you're eating nobody wants to see what you're eating
nobody cares yep yep or drinking yeah that being said
yeah i can't tell you how many good pictures of food and i've gone to those restaurants and my picture didn't look like that pretty much like the
mcdonald's big mac on the picture of the thing doesn't look like when you get in the box so it's a sham anyway
when you spend more time photoshopping your your photo to post it on instagram than you do actually eating
the meal yeah that's a problem that's a problem
can you send this back i took too long to get the food filter on this so that it looked delicate
delicious and the person with you is already eaten and gone
trying to adjust the tint on my sushi [Laughter]
all right well that's enough for today we've ranted enough but um good stuff um thank you everybody for
listening to the cyber rants podcast again cyberrantspodcast.com is where you can find the news articles and reach out to
us we hope you enjoy these episodes always interested in your thoughts