Smashing Security podcast #456: How to lose friends and DDoS people

When the mysterious operator of an internet archiving-service decided to silence a curious Finnish blogger, they didn’t just send a stroppy email – they allegedly weaponised their own CAPTCHA page to launch a DDoS attack, threatened to invent an entirely new genre of AI porn, and tampered with parts of their own archive to smear the blogger’s name.

In this episode, we unravel how a website designed to preserve history may have trashed its own credibility – and how Wikipedia responded when trust went out the window.

Plus a ransomware gang shoots itself in the foot with a classic case of buffoonery, accidentally corrupting the very keys victims would need to decrypt their data. When even the criminals can’t unlock your files, what happens next?

All this, a surprisingly zen Pick of the Week, and a gloriously splenetic rant against web forms, on episode 456 of the award-winning “Smashing Security” podcast, with cybersecurity veteran Graham Cluley and special guest Paul Ducklin.