What your Oura ring won't tell you
Smashing Security
Graham Cluley
4.7 • 579 Ratings
🗓️ 27 May 2026
⏱️ 53 minutes
🧾️ Download transcript
Summary
CISA, the US government agency whose entire job is keeping America's critical infrastructure safe from hackers, has had a contractor publish dozens of plain-text credentials to a public GitHub profile.
Meanwhile, your Oura ring is quietly transmitting some of its data unencrypted - and when one journalist asked the company how often it hands user data to law enforcement, the answer was quite telling.
Plus don't miss our featured interview with OPSWAT's Benny Czarny about his new book "Cybersecurity Upside Down."
All this and more in episode 469 of the "Smashing Security" podcast with cybersecurity expert and keynote speaker Graham Cluley, and special guest Lesley Carhart.
EPISODE LINKS:
- Canadian man arrested by international authorities, charged with administrating KimWolf DDoS botnet - US Dept of Justice.
- 700+ education and tech websites hijacked in huge ClickFix malware campaign - Malwarebytes.
- Leaked Documents Reveal Russian ‘Cognitive Strikes’ Against the West - Including Islamophobic ‘Pig Head’ Attacks in Paris - OCCRP.
- Lawmakers Demand Answers as CISA Tries to Contain Data Leak - Krebs On Security.
- US cybersecurity agency CISA reportedly in dire shape amid Trump cuts and layoffs - TechCrunch.
- Oura says it gets government demands for user data. Will it share how many? - This Week In Security.
- Privacy and transparency of fitness tracking devices - Whyli.
- Upfest - Europe’s largest street-art festival.
- Magnets Are Bad For Hardware Again - Hackaday.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
SPONSORS:
- Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- XBOW - The autonomous offensive security platform that helps security teams scale. Start a pentest today.
- OPSWAT - Read Benny Czarny's book, "Cybersecurity Upside Down", to rethink how you protect your organization from file-based threats, including those powered by AI.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!
FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Privacy & Opt-Out: https://redcircle.com/privacy
Transcript
Click on a timestamp to play from that location
| 0:00.0 | cronyism does nothing for cybersecurity politics do nothing for cyber security and we're playing a very real game of defending our infrastructure against hostile countries and criminal organizations and terrorist organizations and it's not the time to be playing favorites and letting people go because you're angry at how they look or something or what their politics are. |
| 0:21.6 | We need this organization. The whole world needs this organization to be competent. |
| 0:35.9 | Smashing Security, Episode 469. what your aura ring won't tell you, with Graham Cluley and special guest Leslie Carhart. |
| 0:45.9 | Hello, hello, welcome to Smashing Security episode 469. My name's Graham Cluley. |
| 0:50.5 | And I'm Leslie Carhart, and I'm so chuffed to be back. |
| 0:53.4 | It's lovely to have you back, Leslie. |
| 0:55.5 | And of course, we know you from the world of cybersecurity, but you're much more than that, aren't you? |
| 0:59.4 | Because one of the things, I don't know how many people know this, but you are actively into martial arts. |
| 1:04.5 | I am. Obviously, moving to another country has set me back quite a lot. |
| 1:08.6 | My joy is teaching kids. I love teaching middle schoolers to |
| 1:12.5 | primary students and I was very fortunate to find a place that would take me to teach in Australia. |
| 1:18.6 | So getting back into their style of teaching and hopefully on to new and interesting competitions |
| 1:24.5 | and challenges and gradings. And the particular martial arts you're into taekwondo, isn't it? |
| 1:29.8 | Or is there more than that? |
| 1:31.1 | I have a black belt in taekwondo as one who wants to make any kind of income |
| 1:36.7 | doing martial arts has to. |
| 1:38.8 | And my love is Tang Sudo and Tang Situ Tao, the older Korean martial art. |
| 2:04.1 | Ah, this is a complete mystery to me, I must admit. So I don't know if it's really crass of me to suggest you're not just a keyboard ninja then. Is it ninjas who do those martial arts? I don't know. You see, I'm just embarrassing myself now. And just have their own martial art, actually. I don't know if it's a real martial art, but I don't want to get in that argument with anybody. |
| 2:01.6 | No. embarrassing myself now. And just have their own martial art, actually. I don't know if it's a real martial art, but I don't want to get in that argument with anybody. So we're going to just say |
| 2:05.9 | it's a real martial art called ninjitsu, and they do their own thing. And no, I will never be |
| 2:11.4 | a fantastic action hero fighting the bad guys with my fists. But I do love teaching kids and coaching kids. |
| 2:18.7 | It gives me a lot of joy in life to teach little people how to hit things and yell loudly. |
... |
Transcript will be available on the free plan in 21 days. Upgrade to see the full transcript now.
Disclaimer: The podcast and artwork embedded on this page are from Graham Cluley, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Graham Cluley and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.