Episode: 472
Title: HPR0472: Interview with Ryan Dewhurst
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0472/hpr0472.mp3
Transcribed: 2025-10-07 21:17:52

---

music
Welcome polka out of the listeners to Hacker Public Radio. I'm your host for the show
of Phoenix and I'd like to welcome you one and all. I'm lucky enough to be joined by
another awesome guest, Ryan Jewhurst. Ryan, could you introduce yourself to the Hacker
Public Radio audience? Yes, certainly. Hello, Hacker Public Radio audience. My name is
Ryan Jewhurst. I'm an ethical hacking for computer-street student at Northumbria University.
I've worked on a few open source projects, probably the most popular one being Dambonville
Web App. I've done a little bit of open source work for Nick Tor, W3AF and another project
of mine called Screen Damb. Okay, first and foremost, Ryan, it's really, I'm really
grateful that you could top on the line with me here. I suppose the first question I have
for you is, you know, one is by you to start a project like Dambonville Web App and kind
of bolted on to that. Now, how would you best describe to the Hacker Public Radio audience
what actually is Dambonville Web App? Yeah, if before we start, would it be okay if I give
a quick disclaimer? Yeah, that would be okay. Yeah, that's fine. Go for it. Fantastic. I'd
just like to say that obviously my views are my own. They don't represent the views of
anyone else. For example, like my university's, yeah, that's all really. Okay, and carrying
on with the question. Yeah, it actually started last year. December last year, I wanted to
get started. I wanted to learn more about Web Application Security. I had the books and
everything, just not the practical knowledge. So I thought the best way to learn Web Application
Security was to actually build on myself. And in the process, I made it insecure and secure
at the same time, which would sort of taught me how to make a secure application. I think the best
way to learn is to sort of hands on practical and it also makes it legal as well. You know, you
do it on your own machine, local host, not getting into trouble at all. So basically it's, as the
name suggests, it's a Web Application that's really vulnerable. Not only that it has lots of
features in there for people to teach Web Application Security or people to learn Web Application
Security features such as we have the security level and let's go off from lower medium to high
levels. Lower being no security, medium being bad security and high being should be unhackable
in theory. Not always the case. And there's other features. It's got PHP IDS installed on there,
which can enable and disable and lots of other things as well. So really the idea of, really,
the inspiration for Damvenable Web App was something legal for you to practice your skills on.
Exactly. I think at the time I was messing around with Python, building brute force scripts,
brute force HTML forms. I had nothing to test my scripts on legally, so I'd pop Damvenable
Web App together so then I could test my tools and improve them. And then I thought, well, I
could extend this and sort of practice my SGO injection skills. So I put an SGO injection on there
and it sort of went from there. Okay. I mean, but who is Damvenable Web App aimed for?
I'm sorry, could you feed the question? Yes, sorry. Who would you say Damvenable Web App
is aimed towards them? I'd say mainly it's aimed towards the students. People want to learn
Web Application Security. It can be as easy or as hard as you want it to be with the security
levels. There's also helps and tips throughout the application. But I'd say it's definitely
for the newcomers to Web Application Security to test out their skills on and get better.
It's not so much finding the vulnerabilities, it's more the exploitation of the vulnerabilities,
maybe also combining the different vulnerabilities to, you know, to put on a box, if you will.
I mean, it's really good, it is enabling you to produce, you know, use different vulnerability
scanners per se and actually use to build your skill up using tools to find those
similar vulnerabilities that you've deployed within Damvenable Web App. Yeah, you know,
I mean, carry on, sorry. Sorry, that's the good thing about you. Not only can you practice your
skills on there, you can fire tools against it, see how they compare, see what they miss, tweak
them, see if they pick up anything better, or just to learn how the actual tool works itself.
I mean, it seems to me that almost it's an evolving project that, you know, what you started off
with by default will get bigger and bigger and bigger as more people start throwing more tools
and more ideas and more hacks at it. Am I right in thinking that? Has this project grown quite a
lot since your first start of the day? Definitely, yeah. I mean, I started off in December last
year. I'd say I kept it for myself for a few months before releasing it. I didn't think
maybe no one else would find it useful apart from myself, but I put it out there anyway and I got
loads of good feedback. So I thought, well, you know, this may be a project's worth expanding. So
I did a lot more work on it. I got to version zero, one zero four, pretty much on my own with
your suggestions. And then from one zero four, I managed to get a lot of talented people involved
as well. That's when the community really grew and we managed to get one zero five out, which is
the latest version, which is out now, which is, it's come a long way from that first better version
back in December. So you have an open source community kind of behind you and obviously you're
working with them as well. So you already have a community behind you working with you as well,
that's kind of really awesome, right? I mean, it's that it's that sort of the benefits you
were looking at by making down the available web app open. So I'm writing thinking that it's
released on the GPL version two or is it three or if I got that completely wrong?
Version three of the top of my head without having to look, I'm not too sure whether it's two or
three to be honest, but I think it's three. Yeah, that was a general idea. So get it out there,
get people contributing. They're getting, you know, their names out there because I've got their
links on damn vulnerable web app. They're getting to better their skills and, you know, it's just
great to get involved and build a community up. I mean, what was, I suppose it's kind of a hard
question to ask you, but what was the biggest lesson that you learned from starting the damn
vulnerable web app project? The biggest lesson that I learned. Let me try and think about this one.
I think I learned the best thing I learned was was the actual security itself.
So maybe PHP in itself isn't insecure, but the code is insecure. That's probably the biggest
thing that I learned. It's not PHP itself, but it's how the developers use it, which makes it
insecure. Also, in kind of like your opinion with web applications then, is it fair to say that
maybe the developers need to start testing their skills using damn vulnerable web app?
Definitely, yeah. I mean, one of the main developers apart from myself that I had
working on damn vulnerable web app is actually a web application developer himself.
So yeah, so he definitely learned a lot about security from me and I learned a lot about, you know,
developing from himself with PHP. So it's definitely developers can learn from it and learn to
secure their applications. There's a view source button where you can compare the law security,
medium and high security source code. So you can see exactly what's making the application
secure and what's making it insecure. So it's very easy to sort of, you know, see what's going on
there. I mean, I've played around with it a little bit and I've, you know, first and foremost,
I think it's a really good, good project and anyone who's interested in either learning how to
use tools like NASAs and so on and so forth should definitely download a copy of it. But I've also
sat there and thought that this would be a really good project for developers to be shown
in some ways what not to do. You know, I mean, in some ways, you know, if you were looking at doing
this, this is maybe a viable solution here. Because I'm all right in thinking that the high
security stuff is actually more to do with, you know, using any third party programs or anything
like that is to do with how the code was rewritten almost. Yeah, it's not even rewriting the code.
It's just adding code in there to make it secure. It's just sort of like sanitizing the user
input, which is a big, you know, security flow within web applications. So it's just sort of
sanitizing that input, sanitizing the output. But you can, yeah, you can use the code on there
as examples and then you can definitely use those within your own applications. I mean,
it's been tested daily by, you know, hundreds of students. So if they can get past it,
they'll let me know that I've fixed the bug. So it's probably very secure.
It's an interesting concept that what your bugs are is actually secure, is being secure. You know,
it's a great concept. I mean, if you, if you would kind of,
is there anything that you would change about how you would do the project? If you, you know,
with the experience that you've picked up now and what, what you've learned, if you were approached
and said, right, we want you to do damverable web up too. We want you to take all the lessons
that you learned from damverable web up and apply it to this project. Is there anything,
anything that screams out to you that you would do differently?
I would probably get the application more mature before releasing it to the community. I'm not sure if
from looking back, that probably would have been a benefit to me because when it matured,
that's when I got the most people involved in it. They took it more seriously.
But I'm not sure looking back, it seems like a benefit if I would have released it more mature,
but because it's the only one I've really released myself, I wouldn't be sure if that would be
a benefit or not. Yeah, I mean, I haven't found myself shooting myself in a foot because I gave
you a swerve ball there because I was interested in, and you know, it seems in some ways that it's
a young project, but it seems that it's starting to grow fast, you know, mature and learn lessons
very, very quickly. I mean, I was shocked when you told me earlier on that project itself isn't
really that old. You know, when did you say December last year?
Yep, December last year, I started it just for myself, really. And then,
I must have been, sorry, I released it in December, so I must have started it a few months before.
So yeah, still a young project. I mean, it's under a year, 12 months old. It's come along with
since then and hopefully will go a long way in the next 12 months. I'm currently taking a,
I released 105 on the third of September, so not so long ago after three months work on it.
So I'm currently taking a month away from it to get settled into university and then
I'm going to get bang into it again and get the next version out there.
Now, we can, we're can people, we're, we're going to have to probably radio guys go and find
down vulnerable web out of them. Yeah, we have it. We're, has it's on on website, which is,
which is quite new, I released it about a month ago. It's a dvwa.co.uk or you can go on the source,
source for projects page, which is, here's ttps, sourceforge.net,
projects, for us, dvwa. And on there, you can, you can get the sbn and download the
unstable version, you know, the production version. On the website, we've got forums on there,
we've got blogs and getting involved in the community and so maybe give feedback ideas and
stuff like that. Talking about that, I mean, as, as well documented, my love for the
open source community and the, the, the, the great things that can be achieved by the, the,
letting something free and letting, letting people run with ideas. How can people, how can,
see the average show listening to us today? How can they get involved with the
downloadable web app project? Yeah, I mean, anyone's welcome to getting involved, no matter
what your, your skillset or your knowledge is. The best way really is just to download it.
I have a player with it, if you have any suggestions, maybe some features you'd like
add in, maybe you've found a, a bug that shouldn't be a bug in there. What you can do is,
you can go on the dvda.co.uk forums, put a post in there, let us know about it. And if,
if you're serious, you want to contribute lots of code to the project, we'll give you SBN access.
And you can, and you can start contributing code to it as well.
Sorry, Bala. The, is, is, is the scope for people who, maybe not so technical in nature,
but, you know, maybe much let myself where, where, you know, be happy to sit down and work
with the downloadable web app and maybe produce documentation, like how two guides and set up guides
and stuff like that is, have you got lots of documentation there, or are you needing hunts
with that as well? Definitely, yeah, I mean, at dvda.co.uk a young project, the documentation,
we have had some people do bits and bobs here in there, but we don't have a definite sort of
documentation guide put together at the moment. So yes, if there's anyone out there, you know,
who wants to put some documentation together, maybe document the different vulnerabilities,
how they work, how to exploit them, and stuff like that, that, yeah, that would be great.
You'll get past, do you know something from the community?
Yeah, definitely something we need to look into, yeah.
I've often said this before, and as I suppose I know that the authors of projects tend to shy away
when you call them developers and chief developers and so on and so forth, because they're parts of
teams and they don't want to take, they don't want to take cute or so away from other people as well,
but a question that I've often thought and I've said quite a lot as I've talked to people about how
they can contribute to open source projects before, and one of the things I've said to my kind of
friends that speak lots of different languages, new languages, not their first given language,
they're actually translating an open source project's documentation into another language,
it's probably a great asset because what enables you to say you had your project translated
into Russian or Polish or something like that, that you'd be able to get those developers
and those people interested who are able to read your document involved in that community and
bring in their experience and their ideas and what's your thought? Definitely.
I mean definitely, I mean the part of it being open source is that it's not restricted
to the UK where it was built for anyone around the world can contribute with so many different
types of expertise or knowledge. Surprisingly enough we do have a big
Asian following from China, Japan we get a lot of downloads from there, not so much feedback or
contributions but there seems to download it quite often, so you have to get them involved and
writing documentation or giving it some feedback will definitely be a benefit to the project.
Awesome. So as far as downloadable web art is concerned, download it.
Now I've heard you say this before and I know you've been echo it right now,
do not install this on an internet facing machine.
Definitely. And last you've been drinking tequila and want to shoot yourself in the head afterwards.
Yeah, exactly. Yeah, it's surprising. I mean I've put warnings wherever a warning will fit
on the application to warn people not to put it on an internet facing. You've been surprised
how often it does happen. Some people even email me that they're IP address with
downloadable web art installed on it. It's probably not the brightest thing in the world to do.
Just in case listeners don't get what we're saying is that this is an incredibly vulnerable web
application. If you put it on internet facing, this is a good likelihood that you'll coin the
term here. Your box is going to get popped. Definitely. I mean it's a certainty. It's not even a
maybe or could be. It's going to get hacked. You leave this up on, even if you've got it up for
half an hour an hour, I wouldn't advise it at all. Just don't do it. It's got, I've taken some
measures to stop people doing that. Obviously some people do take those measures out for whatever.
That's really reasons they have. It's a very responsible approach there, I mean. It's probably
friend a lot of other developers in that kind of area would go up at the wardings up and if you're
stupid enough not to read the warnings, then you're thus you should get what you deserve. It seems
like you've appreciated that that's a real life problem. Sometimes we have to take ownership
ourselves to ensure that this doesn't happen. My recommendations, I know your recommendations
to use is the XAMP. Great recommendation. Definitely. I use XAMP. I miss self. I stuck it in a
virtual box and I used a program from there's an organization called Turnkey Linux and they do
a very nice Ubuntu based lamp server. It's like 120 meg or something like that. It stores really
fast. I stock that into a virtual box and then put your application on it and then I can snapshot
it and then whatever happens then doesn't matter. Obviously the same with XAMP as well is the
theory. If you put it on a real life web server, you may have to pay the price at some point
to the fiddler that's for sure. Definitely. One thing we have been considering is put in
DVWA on a live CD anyway. So as well as having the raw PHP code and download and setting up
the web server itself, having a live CD with a web server already set up and DVWA already installed.
As a signal I have a damn vulnerable web app already set up on a straight up onto lamp server,
nothing else and Turnkey gives you the ability to turn that into a live CD. So I could probably
talk to you after this call and see if we can jittery poke and make a live CD because like I say,
I think you're right, if you put it onto a live CD. It's much more secure for the user as well.
Any, so as a quick crash course, wouldn't be your recommendation to a new user wanting to play
with your application and learn a little bit, you know, I mean by that, you know, what sort of tools
would you recommend that they use and try? Yeah, well, it's damn vulnerable web app is,
it doesn't require any prior knowledge, basically. It's there to teach you. So we're not expecting
you. We've made it as easy as possible for the beginner to use. On each vulnerability page,
you'll notice if, whenever on anyone downloads it, there's more info at the bottom with links
to give more information on those vulnerabilities. I mean, that's probably enough for anyone to get
a test to install, exploiting these vulnerabilities. But what I would really recommend is a book called
the, what's it called? The web application hackers handbook. I don't know if you've read that
yourself. It's an amazing book. It covers lots of stuff in there. It's easy to read and
it's like my Bible for web application security. It's got the pride place on the bookshelf. Awesome.
And now I think we've talked about the project. I'm also incredibly desperate to speak to you
about your university degree as some of the HPR listeners will know and some of them won't know.
I also have studied an ethical hacking degree at another part in the UK and
Ryan and myself, where we're part of this new breed of British academic organizations
realising that there's an absolute need for degree qualified ethical hackers to be placed into
the workplace. So I'd love to pick your brains about that for a little bit, if that's okay with
your body. Yes, certainly, yeah. So what I'm doing is I'm doing ethical hacking for computer security.
It's a bachelor of science degree on his degree at Northumbria University in Newcastle.
Basically it's a four-year course, a sandwich course, so you do two years of a classroom learning
as you would in any university, 30 years of placement. So you go out and actively find work,
get a job in the industry, get a valuable experience, and then you come back for the final year
and finish off your university degree. So what we learn is we do computer system fundamentals.
Which is your processor, your memory, how all that works. We do databases, we start up with
Oracle and we learn SQL. We did a computer crime investigation, network technology,
programming in C, and obviously ethical hacking. We also do consultancy projects with companies
outside the university to give us real-world experience as well. So yes, it's definitely a great
course and if you're interested in security and you want to make it into a career, I definitely
recommend going for an ethical hacking degree. And Northumbria is not the only place in the
UK, as you said, you was, I can never remember the name of the place, Aberdeen show, was it? Aberdeen,
if you're in the UK, bearing in mind that in the UK, we're not a list of universities and we
can't tell you where all of them are, but my understanding is that there is the University of
Aberdeen on D, which is University of Northumbria. Northumbria in Newcastle. I believe
Coventry University as well is doing an ethical hacking course. I think there's also
Sunderland, I think that it's not live yet, but they're starting to, which looks quite interesting.
And there's a few here in there popping up all the time, I think now it's catching on, really catching up.
University of Aberdeen on D as well, although I'm not at the university anymore, they've also
started a master's in ethical hacking and security as well because of how popular it's been
and the master's, I believe, is into its second GNL and numbers up and up and up and up.
ethical hacking at Aberdeen is just numbers keep on doubling each year. Imagine your lecturers,
your university are pretty much saying the same thing to you as well, that it's not a down to.
Yeah, definitely. We were the first students to ever do ethical hacking at Northumbria University,
so I only have the this year's students compared to and it's definitely doubled
from last year to this year. And so it looks very popular of course.
What was your favourite module then? I mean, I know you're going to say ethical hacking because
what other ethical students are not going to say that, but what did you start doing that
that you thought you made, you know, that you didn't think you'd like and you thought,
Jesus Christ, actually, I really did like this. There's any particular module that you
went in there thinking, this isn't for me, and life they're going, I really learned something
interesting now. I think I found networking that the hardest, I've always, I've never had the
chance with not being at university to play around with, you know, enterprise hardware.
And I've always set up networks, you know, just just the home network. So I've found networking
the most difficult at first until I got into it and I find that I learned the most from
from that module and I thoroughly enjoy it. That's definitely my favourite module at the moment
as well as ethical hacking of course. Unfortunately, the anticlimax that I went in,
expecting databases to be done and surprise, surprise, that's exactly what they were.
I didn't have to answer that either to be honest. Sorry for all your database people out there,
I mean, I'm sure that stuff just rocks your world, but yeah, as an ethical hacker, it's,
we just want to, as long as I can inject it. All we want to do is export the table or drop it
one over to, you know, we don't really, we're not really interested in much more.
What kind of modules of you, all you're going into your third year next year aren't you?
So you're going out on work placement, is that correct, yeah? I am, yeah. And if you, I am,
I'm still looking for a placement. So if there's any, any listeners wanting to take me on,
or if they're interested, if you can get in contact with me, that'd be brilliant.
So if there's anyone from the HPR audience in Newcastle area, isn't that,
because you're obviously not wanting to travel to America to do a newcastle preferably, yeah.
Newcastle or Vegas either or, yeah. Newcastle, so if you, any HPR listener in the Newcastle,
or know someone in the, the absolutely, you still there, buddy?
Yeah, I'm still here. It's just echoing a little bit.
All right. Anyone in Newcastle area or know someone in the Newcastle area that, you know,
can think that they can help right now do drop them a line.
The, you know, I've talked to people about this before, you can't ask for anything more than a
tamed geek apart from a tamed geek, ethical hacker. So, you know, definitely a great asset to have
for your business for a year. So I suppose the next question I want to speak to because, you know,
we share similar stories in a lot of ways around. Yeah. I was never part of kind of the,
the UK hacking scene. I was, I was a web developer that got, I was a self-taught web developer who
experienced the hacking event and that pushed me and drove me forward and one day I ended up,
going on to ethical hacking and from there on in which never looked back.
So I was never part of almost that Yahoo chat generation of hackers.
But, I mean, what do you think that the hacking scene in the UK is like at the moment?
I mean, it's obviously not as big as the American one. It's still, in my opinion anyway,
it's still maturing, which is great because it means that there's plenty of opportunity out there
within the community. So, yeah, I mean, there are conferences popping up here and there.
Some good conferences down in London. I think they get the Black Hat Europe, is that in London?
Oh, I'm not too sure. I know that I have the Europe, I feel the Europe one might have been in Amsterdam.
I had Infosac in London recently. Yeah. That's, I'll rest say, I think they have as well.
Yeah. I mean, my views are, with the university courses, what we're fighting as cities are now,
you know, where they aren't, where they may have still had the same number of hackers.
They're now quite happily to be able to say, oh, I'm a university studying ethical hacking.
And they're coming out of the woodwork. Yeah, the terms being bounded about more
and people are starting to understand. As an ethical hacking student, I'm going to ask you this
question and I almost know the answer. When you first meet someone, how do you tell them what
course you were on? Because whenever I first ever met someone and they said to me, oh, what are you
doing at university? I said, oh, I'm doing ethical hacking and countermeasures. And they look at you
and you have to repeat yourself again because they didn't understand what you said the first time.
And then do you get asked this question straight on the back of it? How could you be ethical?
Exactly. What I know, what I know only say is I've taken the ethical hacking out of it when
people ask me, I just say computer security. Yeah, I had the pleasure of showing potential
first years around the university every year and I used to explain the story to them. I always
used to grab me within about eight weeks of university and say, yeah, I tell everyone I do a
computer security course. And what I've started to do is at the end of the day, my art course
has slightly different titles. It was this ethical hacking and computer security. I might as well
have the hacking and countermeasures. Whenever I started to get asked, but how can ethical hacking
be ethical? And you say, well, it's actually more. But you've chosen to look at the first two words
of a three-line statement. Exactly. We're actually here for. I mean, I think, I think hacking
only has the bad stigma because of the media in the first place anyway. So it's just a perception
that people have and they just don't really understand the term itself. Yeah, I mean, I think what
people maybe don't understand is that how actually widespread hacking is. I don't think people
realize that it's happening every single day in front of them and they don't realize it's a
clear and present danger every single day out there. And we do need to produce
good quality computer graduates with a firm understanding of security. But upon that as well,
we need to produce good quality developers with a firm understanding of security concepts.
I don't want to pick on developers, but if between the ethical hackers and the developers,
if we work together, we could probably secure an awful lot of the internet.
Definitely, yeah. I agree. I mean, I think the third question I get asked right after
what course do you do is can you hack my boyfriend's email address?
That's not me, the next question that comes out right now. I mean, you're just a legend in my
lifetime because whenever I tell a girl I'm doing ethical hacking, I never see her again.
I mean, this is the whole bunch of male ethical hacking students out there that whenever a girl asks
them what they're doing, yeah, I'm a firefighter.
In the interest of trying to keep the show short and not to monopolize too much of your time,
what is your advice for someone wanting to get into ethical hacking?
I mean, what? I'm bearing in mind that the hacker public radio is a widespread audience and
sometimes going to university isn't an answer that if you want to get into something and not
about to jump into university, of course, tomorrow is to do it. What would be your advice for someone
who just wants to play an understanding ethical hacking and wants to just experience it a little
bit more? What would your suggestions be to them?
I mean, as you said, everyone is in a different stage in the life so university might not be the
best option for them as it was for me and you at the time. So, I mean, the first thing I'd say is
you've got to just read lots, get books, go online, meet online, listen to it to podcasts,
just get involved in the community and learn as much as you can, just never stop learning and I think
if you don't love security or ethical hacking then don't do it. If you don't have a passion for it,
then just don't even start. I mean, I have to echo exactly what you're saying there. I mean,
if you don't love this game, then don't play it. No, it's not for you. It's something that I love,
I have a passion for. I can't wait to get home and read what's the latest going on in the community,
what's the latest hack and the newest vulnerability. It's something that I love and I think if you don't
share that passion, it'd be very hard for you to learn definitely. So, I mean, for me, you touched
on some great points there. For me, the greatest skill that you need before you even consider
going into ethical hacking is the ability to research, is the ability to learn sometimes on your
own steam and sometimes by just using something like Google or whichever search engine you use.
I think you're just taking the initiative yourself to try out the things obviously in a legal way
on your local network. Just try things, see what happens, see what the responses are,
and the best way is to practice and read and just definitely the way forward.
Okay, this is, we're getting to this point in every podcast where we say, what's the shameless plug?
Is there something that you want to promote or something that you want to share with people?
Now's the time to jump in and go for it. Is there anything you want to tell the
radio audience? Yeah, there's a couple of things. I think I mentioned before that I'm looking for
a placement for next year. So, preferably Newcastle area, Northeastern area, but I am willing to
consider the anywhere in the UK. Another thing where, if you've downloaded that one,
or whatever, 105, you would have seen the image on there saying that we're looking for a sponsor.
So, if you'd like to sponsor that one, and have your logo on there, if you're getting contact
with me and we can arrange that. Awesome. Now, Ryan, how can people, if you've got a blog address that
we can give to people? Yep, it's www.ethicalhacker.co.uk. The last E is a 3. So, ethical hacker,
with the last E is a 3.co.uk, or you can find me on Twitter. I'm a regular
Twitter. You can find me on Twitter.com forward slash ethical hacker again. The last E is a 3.
If you want to learn more about the downloadable web app, it's dvwa.co.uk.
Okay, so that's ethical hacker and it's K3R, the last bit. That's correct. Awesome.
And you can be found it. Also, your project can be found on sourcewatch. Also on dvwa.co.uk.
Yeah. What's left for me to do now is to, once again, thank my guest, Ryan Duhurst, for taking the
time to come and talk about his project and on the show. It's absolutely awesome. Thank you
very much, Ryan. You're welcome. It's been a pleasure to come on the show and talk to you.
And your audience. So, all that's really left for me to do is to thank the Hacker Public Radio
audience. You guys are home for listening to us. Before I go, if you like to make a podcast and
be part of the Hacker Public Radio production team almost to say, it couldn't really be any easier.
You can record a show on anything that you want. We've had shows on lots of different
things from quitting smoking to brewing beer to hacking web applications. But if there's
anything that you want to share, if there's a project that you want to talk about or
how to guide that you want to produce an audio version of, then really get a recording done
and contact HPR and we can help you get that show out. HPR is all about people taking the time
and recording shows and making them available for everyone to download. HPR can't do a show every day
if people don't make shows for us. So, please, if you do have the time and you want to get involved,
that's a great way to help Hacker Public Radio and you can find the contact details on the Hacker
Public Radio site for that. All that's left for me to do is once again thank my guest, thank the
listeners and I look forward to speaking to you all again sometime soon. Thank you very much.