0:03

All right, it came good. I went to

0:05

do this. I left it really, really

0:07

tight. I was like, let's be

0:09

casual. Hence my disheveled state

0:11

today. Let's be casual

0:14

and I'll just make you go live

0:16

in 10 minutes, which is just

0:18

enough time to go and get a

0:20

coffee. And for those you wondering, like,

0:22

the way I do this. Obviously,

0:24

it's get on backyard. But I

0:27

have OBS running. And OBS uses different

0:29

input sources, of course one of them is

0:31

the camera, one of them is the big

0:34

micron I've been here. And then that streams

0:36

to YouTube, and then like in my YouTube

0:38

streaming window, I can see what is going

0:40

out and then I can see your comments

0:43

and stuff like that. And OBS looked awesome,

0:45

like the, well, as the shovel was there.

0:47

But the camera looked fine and then

0:49

in the streaming window, everything is like

0:52

super super super super over exposed. And

0:54

like the green Lambo behind me is

0:56

just like... Glaring, I look like an

0:59

oompa-loomper. It was terrible. So,

1:01

how do you fix technical

1:03

problems? You reboot. And I've

1:05

rebooted, just enough tiny, a

1:07

coffee. And we came good. So, yeah, there

1:10

you go. That's my story of

1:12

today. Hmm. Carl's here. Can I

1:14

call? Good morning. It is

1:16

morning here. What are we?

1:18

736 tomorrow from most of

1:20

you. 736 Saturday morning. It's

1:22

actually struggling a little bit to figure

1:24

out. What am I gonna... do today

1:26

like I was looking back at the

1:28

last week and even looking at my

1:31

tweets which aren't as many these days

1:33

because I don't know I guess a bunch of

1:35

people are on holidays maybe that's it

1:37

but also all the social things are

1:40

a bit weird at the moment actually

1:42

all the social things are very quiet

1:44

at the moment so yeah Karl is

1:46

there in the evening in the UK I

1:48

thought what have it done all work on

1:50

now I've been really really busy but A

1:52

lot of it is what I'm going to

1:55

talk about in the second bit around

1:57

stealing logs. I have had, I'd say

1:59

three, just... very long productive

2:01

days. And I'll talk about

2:03

those in smoke. The thing

2:06

that got me thinking at

2:08

the moment in terms

2:10

of a starting point

2:12

was this bit about

2:14

anyone having a security

2:16

contact. Now I was

2:19

thinking about that because if

2:21

you have a look at my X

2:23

timeline, I did post yesterday.

2:26

Was it yesterday? Was

2:28

it yesterday? by my clock,

2:30

looking for a security

2:32

contact at MSI. Now, MSI

2:35

is the company many

2:37

of you know from

2:39

creating graphics cars, very

2:41

gaming-centric company, Taiwanese company,

2:43

very very large company, and

2:46

I was trying to find

2:48

someone there to talk to, and

2:50

I had tried all of the usual

2:52

things. I had tried... their contact form.

2:55

And I think I actually, I

2:57

think I've been with, and incidentally,

2:59

I document all this, and I'll

3:01

give you an example one, a

3:04

wide document all. I put it all in a

3:06

safe place. It's just the communications

3:08

and the disclosure attempts and things

3:10

I've had. Gado Wayne, thank you

3:12

for joining. I do this, a

3:14

document all. But I'd also spoken

3:17

to their chatbot and the chatbot

3:19

then obviously did connect me to

3:21

a human and then the humanist

3:23

would go and email this place

3:25

so I emailed that place. I

3:27

sent D.M. to a couple of

3:30

social accounts that allowed D.M., a

3:32

couple of X accounts. And two days

3:34

later I was like nothing. So I went

3:36

out on X and asked for

3:38

contact and then suddenly I have

3:40

a contact. And this is not really the

3:42

way I want it to be because... I

3:44

know that people know that when I ask

3:46

for security contact, they get a

3:48

reasonable idea of what that means.

3:51

And I will say that I

3:53

don't do this until my confidence

3:55

level and what I'm trying to

3:57

report is pretty high as well. So,

3:59

ah. That that sucks.

4:01

That's not the way it's meant

4:03

to be. I had another one

4:05

Yeah, another one and I won't

4:07

name this company But there was

4:09

one that I was trying to

4:12

because it's a data breach so

4:14

I didn't have a bank. There

4:16

was one I was trying to

4:18

reach Last month and I went

4:20

through and I did the usual

4:22

customer service email thing I found

4:24

someone in a senior tech position

4:26

on LinkedIn and I contacted them

4:28

a couple days later still didn't

4:30

have anything I found two other

4:32

people in LinkedIn in senior tech

4:34

positions and messaged them as well

4:36

I tried everything possible the data

4:38

is circulating on a public hacking

4:40

forum there are multiple tweets about

4:42

it from accounts that monitor the

4:44

the dark web even it's on

4:46

the clear web but anyway and

4:48

eventually load the data and then

4:50

like yesterday or the day before

4:52

someone contacts me on the company

4:54

and they're very nice about it

4:56

too they're like hey we know

4:58

we know we do really appreciate

5:00

it sort of thing sorry to

5:02

meet under these circumstances but here's

5:04

a message dated without giving away

5:06

which one it was about a

5:08

month ago and of course I

5:10

went back and yeah sent them

5:12

the data as I always do

5:14

and had a little bit of

5:16

chat and I was like hey

5:19

just just FYI here is my

5:21

disclosure timeline timeline and it's a

5:23

bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-bam-b And I didn't realize that

5:25

one of the people on CC

5:27

was one of the first people

5:29

that I had actually reached out

5:31

to and linked in and the

5:33

guy was like, maybe I should

5:35

check my linked in a little

5:37

bit more. And I was like,

5:39

maybe you should have a security.xy

5:41

and we would have a, we'd

5:43

not be having this discussion a

5:45

month late. So here's my problem

5:47

now and I'm just looking at

5:49

the timeline of different things here

5:51

on one of my many many

5:53

many less. I need a list

5:55

to track on my list to

5:57

track on my list. But there

5:59

is a list here about breaches

6:01

that I'm processing. And I received

6:03

several yesterday, yesterday or the day

6:05

before, that combined total many many

6:07

tens of millions and I just

6:09

know for each one of these

6:11

I've not seen any discussion about

6:13

it again to be new incidents

6:15

I'm going to have to try

6:17

and find a contact at each

6:19

one I'm not going to hear

6:21

back from them you're going to

6:23

see me exing I assume that's

6:26

what they're doing now exing asking

6:28

for security contacts at each of

6:30

these and look if I'm completely

6:32

honest Even in the MSI situation,

6:34

I was thinking I'm not going

6:36

to hear back, I'll give it

6:38

another few days and then... Without

6:40

giving away exactly what happened, yeah,

6:42

but nature will take its course.

6:44

And if I'm honest, that is

6:46

often easier. It is easier than

6:48

where I'm at with a bunch

6:50

of other organizations at the moment,

6:52

which is doing the game about,

6:54

are you going to disclose, when

6:56

you're going to disclose, I need

6:58

to know, my subscribers know, that...

7:00

prolongs the process. There is one

7:02

that I suspect will go out

7:04

very early in the week. For

7:06

an organisation, it's the same sort

7:08

of thing. I've spent weeks talking

7:10

to them. And all that time,

7:12

some large number of people have

7:14

had the data just out there

7:16

floating around. It bugs me. It

7:18

just bugs me that we take

7:20

so long to deal with this.

7:22

Anyway, here's what it is what

7:24

it is what it is. Anyone

7:28

been seeing, just looking over here,

7:31

because I blew skied this message

7:33

as well. There's a lot of

7:35

information about meta in the news

7:37

at the moment, isn't there? 404

7:39

media stories. If you don't already

7:42

subscribe to 404 media, Joe Cox

7:44

and Coe. Go and subscribe, send

7:46

them some money, they're independent journalists,

7:48

doing something that that's really cool.

7:51

A lot of stuff in here

7:53

about meta at the moment. And

7:55

with that. getting into the weeds

7:57

of what's going on there. We

7:59

seem to have all of these

8:02

social media platforms continually to align

8:04

politically and obviously X is now

8:06

much more Republican, I know these

8:08

are all American political parties, but

8:11

the ideology I think is everywhere.

8:13

You get X gets much more

8:15

sort of Republican aligned and then

8:17

you've got your blue sky which

8:20

is obviously much more left leaning

8:22

aligned. And it's just fascinating to

8:24

look at the two things next

8:26

to each other and see, while

8:28

I'm here on Blue Sky, we've

8:31

got the 404 media piece, which

8:33

I think is good, but it's

8:35

like the old Zuckuary looks kind

8:37

of weird and lizard-like, and it's

8:40

negative things about him because of

8:42

stuff that's happening inside meta, which

8:44

depending on how you look at

8:46

it is either free speech or

8:48

hate speech, or I don't even

8:51

know what it's meant to be.

8:53

And then you go to the

8:55

X side, and it's... the modern

8:57

Zuck who looks kind of cool

9:00

on Joe Rogan talking about stuff

9:02

and you just constantly like isn't

9:04

there a happy middle ground in

9:06

here something? I don't know. Anyway,

9:08

the stuff he did say on

9:11

Joe Rogan was kind of interesting.

9:13

I just saw like one of

9:15

these one minute clips pop up

9:17

on X which does become a

9:20

time suck. So I try not

9:22

to get into that because all

9:24

my time's been going under processing

9:26

stellar logs instead. Let's talk about

9:28

that because it's a little bit

9:31

less contentious. Stiller logs are logs

9:33

created by malware running on affected

9:35

machines that capture credentials entered into

9:37

websites. So let's imagine, let's imagine

9:40

you would like a cheat for

9:42

a game or you would like

9:44

that software product that's really expensive

9:46

but you don't want to pay

9:49

for it so you download a

9:51

crack or there's some... salacious rumor

9:53

going on about someone at your

9:55

work and there's a video of

9:57

it and if you download and

10:00

run this which strangely enough is

10:02

in an executable format, you will

10:04

be able to see this

10:06

information. When you run that

10:08

and you become infected with

10:11

malware and it starts watching

10:13

everything that you type into

10:15

the log-in forms of various

10:17

websites you end up with

10:19

still logs and still logs

10:21

typically have for an infected

10:24

individual usually dozens

10:27

of different entries. username,

10:29

password. And of course very often

10:32

that username is an email

10:34

address. So you might have Joe. Joe wanted

10:36

to win at a game so he

10:38

downloaded a crack, a cheat. Very

10:40

often it's from games. Downloaded this

10:42

cheat. And now Joe's gone and

10:44

logged into Netflix and his

10:47

Netflix credentials are gone

10:49

into the steal log because it

10:51

can monitor what's typed into the

10:53

browser. The host machine is fundamentally

10:56

comprised. And there's the Spotify

10:58

log-in and the Gmail log-in. Now maybe

11:00

Joe's got 2FA, which I don't believe

11:02

you can get on either Spotify or

11:05

on Netflix. Certainly, count on Gmail and

11:07

Gmail. Maybe he doesn't have 2FA,

11:09

so his credentials are out there,

11:11

and they're reusable against those accounts.

11:13

And it's not just Joe. It's like

11:15

millions of other people that end up

11:18

infected with this malware. And very often

11:20

they steal logs, then get put up for

11:22

sale via the likes of telegram channels. I

11:24

mean, one of the ones that I was

11:26

in. just as I was writing the

11:28

blog post for what I'm going to launch

11:31

in a couple of days. One of them

11:33

was in popped up and I'll give you

11:35

an idea of what's on these these

11:37

telegram channels. Are you looking for

11:39

quality logs? You need real-time

11:42

logs, maximum, five users, up to

11:44

5,000 logs per day in real-time

11:46

without delay and clipping, high valid

11:49

public request. 80% average mail verification

11:51

in real time. See attached video

11:53

for how it works. $300 for

11:56

one week, $1,000 for one month,

11:58

and then some Russia. Which probably

12:00

gives you an idea of the

12:02

source. So these things are marketed

12:04

and sold. And the real type

12:07

component of it, imagine you got

12:09

someone infected with stiller logs or

12:11

affected with malware. And the malware

12:13

is creating steel logs. And as

12:15

they're working around the internet doing

12:17

their normal things, those logs are

12:19

being captured, sent to some C2

12:21

service somewhere, and then immediately made

12:24

available by paying customers, usually through

12:26

telegram. And that's what we've got.

12:28

Now very often you end up

12:30

with security researchers, other more reputable

12:32

folks, they gather up all this

12:34

data, they bundle it, and they

12:36

send it to me, and then

12:38

I've got to figure out what

12:41

to do with it. Now, on

12:43

the one hand, this is very

12:45

clearly data rich territory. We've got

12:47

personal information spread across the internet.

12:49

Let's whack it in, have I

12:51

been paying to make it searchable.

12:53

Each sum I've done this, but

12:55

the problem I've then had is

12:58

people will go. Does

13:01

this mean I've got malware? Okay,

13:03

this regional question. Also, what are

13:05

the passwords? Also, what are the

13:07

websites that I've been using? Like,

13:09

how do I... I think a

13:11

lot of the time people are

13:13

just sort of a little bit

13:15

shocked. And of course, just by

13:18

virtue being in the stealer log

13:20

is not any sort of ironclad

13:22

guarantee that you were infected with

13:24

the malware either. I mean, how

13:26

much trust do we put in

13:28

the people who are running criminal

13:30

enterprises and then selling their dirty

13:33

deeds. So there's a lot of

13:35

ambiguity around it. And I've had

13:37

a couple of really large corpses

13:39

of data sent recently. So one

13:41

whilst we're away in Europe that

13:43

is sort of 70 million plus

13:45

unique email addresses. This is what

13:47

I'm going to see going to

13:50

have I been paying next week.

13:52

And this is where my time's

13:54

gone. I'll talk about that more

13:56

in a moment. Another one that

13:58

is more in the realm of

14:00

10 terabytes. I just literally finished

14:02

downloading it this week. The idea

14:04

of even beginning to process that

14:07

is frankly a little bit scary,

14:09

but I'll tick that away in

14:11

the background. And maybe that's one

14:13

of these things where it's like

14:15

next month. Anyway, so for the

14:17

stuff last week, I've been looking

14:19

at this and I've spoken often

14:22

on this video and with other

14:24

folks and with Stefan as well

14:26

about how we can do something

14:28

useful with this. And where I

14:30

think we do have some value

14:32

is... we can extract the passwords

14:34

and we can put them in

14:36

power and passwords and I've just

14:39

sent Stefan yesterday it was tens

14:41

of gigabytes of text file worth

14:43

of passwords I've got to actually

14:45

do the numbers on how many

14:47

unique passwords they were if you

14:49

listen to this Stefan I'm going

14:51

to crunch those numbers and figure

14:54

it out. I had to restart

14:56

my computer I've lost all my

14:58

context let's just say it's a

15:00

lot. where we spend a bunch

15:02

of time in the last few

15:04

days is looking at what can

15:06

we do with the URLs against

15:08

the email addresses in the still

15:11

log. So when Joe is there

15:13

logging onto Netflix and Spotify and

15:15

Gmail, can we at least tell

15:17

Joe that he's logged on to

15:19

Netflix and Spotify and Gmail and

15:21

that's what's in the still log?

15:23

That gets you much further to

15:25

the position where the person wants

15:28

to get, which is ultimately understanding

15:30

do I have malware on my

15:32

machine. and which credentials have been

15:34

stolen. I'm still absolutely adamant we're

15:36

not going to give credential peers,

15:38

we're not going to say, hey

15:40

Joe, when you logged on to

15:43

Netflix this is the password you

15:45

use because that's just an absolute

15:47

honeypot goldmine of usable credential information

15:49

which I don't want to be

15:51

sitting on and have a pen.

15:53

As far as I'm concerned if

15:55

Joe finds he's in this dialogue,

15:57

goes to phone passwords, checks that

16:00

stupid password he's used everywhere. And

16:02

I'll tell you what looking at

16:04

the passwords in the steel logs

16:06

remember the steel logs get the

16:08

passwords on entry if you're using

16:10

a password manager and you're creating

16:12

some absolute rip a beautiful password

16:15

we will still see it in

16:17

plain text in the still log.

16:19

It will never get cracked from

16:21

the B Creek hash that it's

16:23

stored in in Netflix for our

16:25

own sake, but we will still

16:27

see it on entry. The passwords

16:29

are shit. This is not going

16:32

to be news to anyone. They're

16:34

absolute shit. I will read some

16:36

out for you, just for fun.

16:38

Where did I put this? as

16:40

part of processing this 10 terabytes

16:42

of data the other day I

16:44

was rapidly running around looking for

16:46

hard disks like where do I

16:49

find not just enough space to

16:51

put in the 10 terabytes worth

16:53

the hard disks or data but

16:55

it's about I think it's about

16:57

seven terabytes or something compressed so

16:59

I need to basically at least

17:01

double the space. Anyway, ubiquity had

17:04

sent me a very nice UNAS,

17:06

ubiquity NAS device, with enough disk

17:08

to cover about 16 terabytes with

17:10

the data, and then I got

17:12

a whole bunch of other storage

17:14

space on my Synology rack station

17:16

as well, my rack-mounted device. So

17:18

it looks like I actually have

17:21

a place where I can store

17:23

this data. Where do I put

17:25

these passwords, Stephen? Even just like...

17:27

cleaning up after, oh you go,

17:29

it was in this out folder,

17:31

wasn't it? Cleaning up after processing

17:33

something this large is a bit

17:36

of a nightmare. All right, let's

17:38

pick, what do we have here?

17:40

We end up with 392 text

17:42

files of passwords. Each individual text

17:44

file has a distinct list of

17:46

passwords and prevalence counter at 12.7

17:48

gig. That'll come down a bit

17:50

for the distinct number because there'll

17:53

be some crossover between these individual

17:55

files, but let's have a local

17:57

sort of password to people using

17:59

here. Two Bear 11.

18:01

Yeah, good one mate. Like

18:04

that's capital P, I guess.

18:06

Capital P. All the other

18:08

letters are lower case. And

18:10

there's two numbers. What's not

18:12

to love about that? Taylor

18:14

Bean, 08. World Cup 2.

18:17

Exclamation mark. It's the exclamation

18:19

mark that makes it. What's

18:21

that one? Indian or Jones?

18:23

That flicked through too quickly.

18:26

But you know, like this

18:28

is... Let's just go and

18:30

pick the biggest file here

18:33

just as an example. Biggest

18:35

file has 415 megabytes. There

18:38

are on this file 849,000

18:40

unique passwords, which is nuts.

18:42

Jessica, true 468,

18:45

exclamation mark. If this

18:47

person's not using a

18:49

password man, you know, like

18:51

this is... This is kind

18:53

of crazy. But again, there

18:56

are some entries here. Leonado,

18:59

2003, 1004,000, that's still shit.

19:01

There are some entries

19:03

here which are either good passwords

19:05

or parsing errors. I don't know.

19:07

Now there will be some data

19:10

within here when we put this

19:12

into poem passwords, which will not

19:14

be a valid password. It will

19:16

be as a result of a

19:18

parsing error or something. It will

19:20

be a very small number. Oh,

19:23

seven is here evening. password one,

19:25

which is always a solid one.

19:27

I'm sure that is in here.

19:29

I'm sure it's in here. Stephen,

19:31

I was just saying there's about

19:33

12.7 gigabytes worth of text files,

19:35

which I sent you last night,

19:38

to go into phone passwords. I

19:40

am going to just run over

19:42

those and get a distinct count

19:44

of passwords, just so we know how

19:46

many in total. And I'm not sure

19:48

when you load this, if you have the

19:50

ability to see. How many are

19:53

pre-existing? Either that, or I'll just

19:55

take a hundred thousand random

19:57

ones, throw that against

19:59

poem. passwords, see if it's

20:01

been in there or not, and

20:03

then we can just basically go,

20:06

yeah, it's like 20% of these

20:08

had never been seen before and

20:10

the other 80% of their prevalence

20:12

changes. Change. So anyway, we'll get

20:14

to the point where Joe, infected

20:16

with malware guy, will be able

20:18

to see that he's been in

20:20

this latest set of Stiller logs,

20:23

see the websites that the Stiller

20:25

logs have exposed against his name.

20:27

Check the passwords against Pone passwords.

20:29

Now, if he is using that

20:31

Indiana Jones password and he sees

20:33

it in the logs, well, maybe

20:35

that came from next to his

20:37

name because he used it on

20:40

Netflix, maybe it came from someone

20:42

else and he's just got the

20:44

same. It's a bad password Joe.

20:46

Stop doing that. Like this is

20:48

the reminder to go and use

20:50

something else. The bit that this

20:52

still won't answer... And frankly, I

20:54

don't think even having the raw

20:57

password next to the email address

20:59

in the website, it's not going

21:01

to emphatically answer it either. Is

21:03

he actually infected with malware? How

21:05

long ago was it? Is it

21:07

still active? That's something he's going

21:09

to have to work out for

21:11

himself. But at least it's giving

21:14

them a lot more information. James

21:16

is thinking we just had a

21:18

number and a special character and

21:20

you've got a winner? Yep. That's

21:22

pretty much the way it's looked

21:24

at so All right, so anyway,

21:26

that'll be a big thing I

21:28

think I think we're gonna have

21:31

an absolutely huge week I've written

21:33

up the blog post my goal

21:35

is to try and get this

21:37

because there are some new features

21:39

and new API into this as

21:41

well I've tested it a bit

21:43

it seems good. I will test

21:45

it more definitely before we push

21:48

it out I'm thinking Tuesday morning

21:50

my time so I was about

21:52

72 hours from now We should

21:54

have all of this out. And

21:56

then we will see how crazy

21:58

a week gets. Because there are...

22:00

I didn't tell you this different,

22:02

but we've got a... hundred thousand

22:04

of our subscribers in there and

22:07

I have a feeling I'll check

22:09

the number again I think we've

22:11

got so a hundred thousand of

22:13

our individual subscribers I think we've

22:15

got about 40,000 people monitoring domains

22:17

in there as well and we

22:19

will be giving people who own

22:21

domains the ability to see which

22:24

aliases on their domain are in

22:26

these incidents and which websites they're

22:28

against. without

22:30

giving too much away I

22:32

pulled the name of a

22:34

very big organization I know

22:36

very well that's not Microsoft

22:38

I pulled their domain name

22:40

and it is fascinating how

22:42

many email addresses are against

22:44

that now they've always been

22:46

able to see that if

22:48

I loaded a still log

22:50

in the past but also

22:52

now to see which websites

22:54

they're against and the question

22:56

that I would have if

22:58

I was the... see so

23:00

or equivalent in that organization

23:02

is when someone using the

23:04

corporate email address is in

23:06

a stealer log against porn

23:08

half and other things actually

23:10

I have a lot of

23:12

questions it wouldn't just be

23:14

one question A are they

23:16

doing this on the work

23:18

machine or the home machine

23:20

B why are you doing

23:22

this with your corporate account?

23:24

See, assuming that this is

23:26

a still log that's come

23:28

from malware, where's the malware?

23:30

Is it on the corporate

23:32

account? Like there is no

23:34

outcome from this, assuming that

23:36

this person does genuinely have

23:38

an account, I should check

23:40

some of these. I should

23:42

go and check via an

23:44

enumeration vector. Yeah, that's what

23:46

I'm going to do. And

23:48

I'll add that to the

23:50

blog post. Because my suspicion,

23:52

when I'm looking at this

23:54

particular... corporate is that when

23:56

we see Joe at company

23:58

name.com working for a four

24:00

100 company doing important things,

24:02

100500 hours big company. And

24:05

then Joe's in a stealer log

24:07

and porn hubs listed next

24:09

to it. That's going to get

24:11

awkward for Joe. And we haven't

24:13

had that visibility before. And there's

24:15

this is sort of the, when

24:18

I talk about this in a

24:20

week from now, I'll talk more about it,

24:22

but that is, I think that's

24:24

just going to be absolutely fascinating.

24:27

And it will suck to be Joe.

24:30

All right, something less sucky to

24:32

start rounding out today's video

24:34

on. Last week I spoke with

24:36

Sinology, disc station, my, what was

24:38

it, DS 1512 plus that had

24:40

lasted 12 years, was basically cactus.

24:43

I could not resurrect it. Trying all

24:45

of the things, the only thing I

24:47

didn't try that many people had

24:50

suggested was like soldering a

24:52

resistor across a couple of

24:54

points on the circuit board

24:56

because hopefully that I'm not going to...

24:58

This is an important device. Once you

25:00

get to the point, we're rather than

25:02

spending 900 Ozzy dollars, which is less

25:05

and less American dollars at the moment,

25:07

because we're weakening a lot against the

25:09

US, which is great when you pretty

25:11

much just earned US dollars. Where was

25:14

it? Yeah, for something that's like 900

25:16

Ozzy dollars and it's just lasted 12

25:18

years, I'm not going to go there

25:20

soldering resistors and things across hoping that

25:22

it's going to resurrect it's going to

25:24

resurrect it and stay resurrected. 3 5

25:26

plus. It's a four bay drive instead

25:28

of the five bay like the last

25:31

one, didn't matter, I had four drives

25:33

in the last one. I opened it

25:35

up, I plugged it in, I started

25:37

up, and I go into the

25:39

web interface and it's like, hey

25:41

you're migrating from a DS 1512 to a

25:43

DS 935 plus, would you like to bring

25:45

all the drives over? Like yeah I would,

25:47

it'd be really nice, thank you. And it just

25:50

worked. Like straight over the box, bam,

25:52

straight away, it worked. And the

25:54

only thing that was a bit

25:56

clunky. was getting my plex darter

25:58

across. Plex didn't come across. cleanly,

26:00

but I still had all of the

26:02

plex data and I just had to

26:04

do a little bit of manual copy

26:07

and paste and figure out what directories

26:09

things were meant to go to. But

26:11

all the plex media is there, all

26:13

of my play history and my album

26:15

covers and everything else are there. So

26:18

like shout out to synology, that was

26:20

so good. That was such a smooth,

26:22

smooth process. I have four different synology

26:24

nazas now as well as the plus

26:26

the old outgoing outgoing one. They're awesome.

26:28

And the reason I have four is

26:31

I use, I rotate a couple of

26:33

them off-site that act as backup devices

26:35

for the other ones. And over the

26:37

course of years I've had to gradually

26:39

up-to-day drives as I get more and

26:42

more data. The only issue I think

26:44

of real note is that they can

26:46

be a bit picky about which drives

26:48

they think are compatible. And sometimes you

26:50

can chuck in a non-competitive one and

26:53

it's fine. In fact, I bought two

26:55

20 terabytes the other day and one

26:57

of them went into the rack-mounted unit

26:59

and it's like, yep, fine, good to

27:01

go, not compatible, but it works and

27:03

the other one was like, ah, it

27:06

works. So now I have an extraneous

27:08

20 terabyte drive sitting around. Anyway, shout

27:10

out of this analogy, they're absolutely sticking

27:12

with them. They're doing really, really cool

27:14

stuff. Okay, I'm going to go and

27:17

move on. Stefan I'll ping you later.

27:19

Another data breach I have to load

27:21

today because it's just hit the news.

27:23

So I'm going to go and do

27:25

that and we'll talk about that next

27:27

week as well Okay, folks, have a

27:30

good weekend