Smashing Security #088: PayPal’s Venmo app even makes your drug purchases public

Industry veterans, chatting about computer security and online privacy.

Smashing Security #088: PayPal’s Venmo app even makes your drug purchases public

Not one of Google’s 85,000 employees has had their accounts compromised by phishing in a year.  How have they done it? Find out in this podcast.

Also, we discuss with special guest Scott Helme how websites still using HTTP are now marked as “not secure” by Google Chrome (and a way in which you can make it even more obvious), and if you’re buying drugs via PayPal’s Venmo app you should say goodbye to privacy.

All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast hosted by computer security veterans Graham Cluley and Carole Theriault.

Smashing Security #88: ‘PayPal’s Venmo app even makes your drug purchases public’

Listen on Apple Podcasts | Google Podcasts | Other… | RSS


Graham Cluley - @gcluley
Carole Theriault - @caroletheriault


Scott Helme - @Scott_Helme

Show notes:

Sponsor: LastPass

LastPass Enterprise makes password security effortless for your organization.

LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.

But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.

Go to to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses

Follow the show:

Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Tags: , , , , , , , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , , , , , , , ,

4 Responses

  1. Stephane

    August 7, 2018 at 3:22 pm #

    You might be all excited by this HTTPS thing but for ordinary people who did their own websites with limited knowledge, it’s really annoying. They must rely on free limited service like Cloudflare or pay extra cash, yearly to have this service. For example, with Global Sign, it would cost me £70 per year. There is no easy option for “ordinary people”…

    • Graham Cluley in reply to Stephane.

      August 7, 2018 at 4:05 pm #

      Someone’s ripping you off Stephane if you’re having to pay £70 for HTTPS. Maybe it’s worth you looking at an option like Cloudflare, or (if you’re a bit more geeky) Lets Encrypt.

      • Stephane in reply to Graham Cluley.

        August 7, 2018 at 6:37 pm #

        Yes, I actually decided to use Cloudflare as I’m not geeky at all but now I always fear that if there is a problem with Cloudflare’s servers that my website won’t be accessible…

        • Graham Cluley in reply to Stephane.

          August 7, 2018 at 6:58 pm #

          I wouldn’t worry too much. If Cloudflare has a problem then tens of millions of other websites will suffer the same glitch as you.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.