1 00:00:00,480 --> 00:00:03,400 Speaker 1: Ridiculous Crime. It's a production of iHeartRadio. 2 00:00:03,600 --> 00:00:08,840 Speaker 2: Zaren Burnette. We meet again, Elizabeth Dunton. How you doing good? 3 00:00:09,360 --> 00:00:10,160 Speaker 2: So good to see you. 4 00:00:10,200 --> 00:00:12,080 Speaker 3: Interns told me you're going to be early, and I 5 00:00:12,119 --> 00:00:13,119 Speaker 3: was like, well, I'm going to be late. 6 00:00:15,760 --> 00:00:18,720 Speaker 2: You're looking sharp today in your little stress mariner's shirt. 7 00:00:19,840 --> 00:00:21,160 Speaker 3: I'm like a French mariner over here. 8 00:00:21,200 --> 00:00:22,960 Speaker 2: I love it. It's cute. I'm gonna get you a 9 00:00:23,040 --> 00:00:28,720 Speaker 2: can of sardine. Make your day quick question. Sure you 10 00:00:28,760 --> 00:00:29,680 Speaker 2: know what's ridiculous? 11 00:00:29,800 --> 00:00:30,280 Speaker 3: I do. 12 00:00:30,960 --> 00:00:31,040 Speaker 4: So. 13 00:00:31,560 --> 00:00:33,440 Speaker 3: Hearkening back to when I was telling you about the 14 00:00:33,479 --> 00:00:37,080 Speaker 3: Buddhist monks, I mentioned about Stevie Wonder going around at 15 00:00:37,080 --> 00:00:38,640 Speaker 3: the Shaolin temple and it's like, oh, he must have 16 00:00:38,640 --> 00:00:41,120 Speaker 3: been enjoying listening to the temple. If you ever heard 17 00:00:41,120 --> 00:00:43,760 Speaker 3: the theory that Stevie Wonder actually can see, I have right, 18 00:00:43,760 --> 00:00:45,479 Speaker 3: there's a lot of celebrities have talked about it. 19 00:00:45,600 --> 00:00:45,960 Speaker 2: Yeah. 20 00:00:46,000 --> 00:00:48,040 Speaker 3: So I have one here that I think is just 21 00:00:48,159 --> 00:00:50,240 Speaker 3: absolutely not proof positive. 22 00:00:49,800 --> 00:00:51,440 Speaker 2: But there's some interesting video proof. 23 00:00:51,600 --> 00:00:54,720 Speaker 3: It's interesting. Yeah. So Elton John has this evidence that 24 00:00:54,760 --> 00:00:57,000 Speaker 3: Stevie Wonder may be able to see. That I thought 25 00:00:57,080 --> 00:00:59,440 Speaker 3: was very convincing because the two of them happened to 26 00:00:59,440 --> 00:01:01,560 Speaker 3: be Colorado at the same time, and they, you know, 27 00:01:01,640 --> 00:01:03,640 Speaker 3: kind of bumped into each other. That's not the evidence 28 00:01:03,960 --> 00:01:07,520 Speaker 3: they were Basically they did a snowmobile tour. But I'll 29 00:01:07,560 --> 00:01:10,880 Speaker 3: let out and John tell the story. Quote musicians passing 30 00:01:10,880 --> 00:01:13,880 Speaker 3: through Denver or Boulder would drop by to visit. Stevie 31 00:01:13,920 --> 00:01:16,280 Speaker 3: Wonder turned up one day and took out a snowmobile, 32 00:01:16,600 --> 00:01:20,319 Speaker 3: insisting on driving it himself. Now, to preempt your question, no, 33 00:01:20,520 --> 00:01:23,480 Speaker 3: I have no idea how Stevie Wonder successfully piloted a 34 00:01:23,480 --> 00:01:26,920 Speaker 3: snowmobile through the rocky mountains of Colorado without killing himself 35 00:01:27,040 --> 00:01:30,280 Speaker 3: or indeed anyone else in the process. But he did. 36 00:01:30,800 --> 00:01:34,000 Speaker 2: And it's not like it's a Stevie's house, No, he just. 37 00:01:33,880 --> 00:01:36,679 Speaker 3: Like he doesn't know this track. He is not like, oh, 38 00:01:36,720 --> 00:01:39,920 Speaker 3: I've got this worked out. He took. Yeah, he went 39 00:01:39,920 --> 00:01:42,560 Speaker 3: out there and drove a snowmobile. Like, I don't think 40 00:01:42,600 --> 00:01:45,120 Speaker 3: I could do that that well and not run the 41 00:01:45,200 --> 00:01:49,400 Speaker 3: risk of bumping into something apparently flawless Stevie Rascal. So 42 00:01:49,440 --> 00:01:51,680 Speaker 3: I'm just saying, is there's an interesting one can. 43 00:01:51,680 --> 00:01:55,440 Speaker 2: Be like you can be like technically blind. 44 00:01:55,520 --> 00:01:59,000 Speaker 3: Right, you know, I guess varying degrees of Yeah, there's. 45 00:01:58,840 --> 00:02:01,720 Speaker 2: Different levels of blind, so it might not be completely 46 00:02:01,880 --> 00:02:02,160 Speaker 2: you know. 47 00:02:02,240 --> 00:02:05,520 Speaker 3: Yeah, so much like UFOs and UAPs. I'm keeping an 48 00:02:05,520 --> 00:02:07,840 Speaker 3: open mind about Stevie wonder whether or not. 49 00:02:09,720 --> 00:02:13,560 Speaker 2: Wow, there you go, very ridiculous, right, that is ridiculous. 50 00:02:13,800 --> 00:02:14,560 Speaker 3: John always got the. 51 00:02:14,480 --> 00:02:18,320 Speaker 2: Tea, always always. Do you want to know what else 52 00:02:18,360 --> 00:02:18,959 Speaker 2: is ridiculous? 53 00:02:19,000 --> 00:02:19,320 Speaker 3: Please? 54 00:02:19,840 --> 00:02:44,519 Speaker 2: Hacking a car? Bro This is Ridiculous Crime, A podcast 55 00:02:44,600 --> 00:02:49,519 Speaker 2: about absurd and outrageous capers. Heis and cons It's always 56 00:02:49,560 --> 00:02:53,279 Speaker 2: ninety nine percent murder free and one hundred percent ridiculous. 57 00:02:53,440 --> 00:02:54,440 Speaker 3: I know you done heard that. 58 00:02:54,720 --> 00:02:58,120 Speaker 2: I done heard it so many times. Hi, Elizabeth, Hey, 59 00:02:58,400 --> 00:03:01,680 Speaker 2: my name is Werner Brandis my voice? Is my passport? 60 00:03:02,040 --> 00:03:02,600 Speaker 2: Verify me? 61 00:03:03,440 --> 00:03:04,079 Speaker 3: Excuse me? 62 00:03:04,160 --> 00:03:05,080 Speaker 2: Do you know what that's from? 63 00:03:05,320 --> 00:03:07,400 Speaker 3: No, that's right, Zaren. 64 00:03:07,440 --> 00:03:12,480 Speaker 2: You're correct. It's one of my all time favorite movies. Sneakers. 65 00:03:12,760 --> 00:03:16,400 Speaker 2: Oh Hi, my name is Werner Brandis my voice? Is 66 00:03:16,440 --> 00:03:18,080 Speaker 2: my passport? Verify me? 67 00:03:18,280 --> 00:03:19,399 Speaker 3: Is it like a security check? 68 00:03:19,600 --> 00:03:21,959 Speaker 2: Yeah? So if you haven't seen have you seen Sneakers? 69 00:03:22,120 --> 00:03:24,760 Speaker 3: Yeah? But way back in the day, watch it again. 70 00:03:24,600 --> 00:03:27,320 Speaker 2: Because I love it so much. Yeah, it's like a 71 00:03:27,440 --> 00:03:33,600 Speaker 2: voice cod werner brandeis He's like a He's a tech guy, 72 00:03:34,160 --> 00:03:37,080 Speaker 2: uh an executive at this tech company, and so it's 73 00:03:37,080 --> 00:03:40,960 Speaker 2: a voice recognition, and so they needed to make a 74 00:03:41,040 --> 00:03:44,440 Speaker 2: recording of his voice to sneak in without him the 75 00:03:44,520 --> 00:03:49,240 Speaker 2: protagonists in this film, and anyway, they so they record him, 76 00:03:49,240 --> 00:03:51,360 Speaker 2: but they get like a honey trap. This woman has 77 00:03:51,400 --> 00:03:54,200 Speaker 2: to go and like get him to say these words 78 00:03:54,200 --> 00:03:57,720 Speaker 2: so they can piece it together on a blind date. 79 00:03:57,760 --> 00:04:00,280 Speaker 2: And so she's like, oh, you know what word, I love? 80 00:04:00,640 --> 00:04:04,520 Speaker 2: Passport And he's like, passport. So when it gets played back, 81 00:04:04,520 --> 00:04:08,240 Speaker 2: my voice is my passport. Anyway, I love that movie. 82 00:04:08,480 --> 00:04:11,040 Speaker 2: It's the story of some former and like side gig 83 00:04:11,080 --> 00:04:15,760 Speaker 2: hackers who do what's called penetration testing for tech security 84 00:04:15,760 --> 00:04:19,680 Speaker 2: at companies. White hat hackers. They use their powers for good, 85 00:04:19,720 --> 00:04:22,960 Speaker 2: although I believe they'd be gray hat hackers in some sense. 86 00:04:23,000 --> 00:04:24,000 Speaker 3: What's the distinction there? 87 00:04:24,040 --> 00:04:26,640 Speaker 2: A gray hat hacker is someone who engages in hacking 88 00:04:26,680 --> 00:04:31,160 Speaker 2: activities without permission, but their intentions are not always malicious, 89 00:04:31,200 --> 00:04:34,920 Speaker 2: and they may include reporting vulnerabilities you know, that they 90 00:04:34,960 --> 00:04:38,960 Speaker 2: find in these targeted organizations or even like to the public. 91 00:04:39,040 --> 00:04:41,040 Speaker 3: So if they break into to the Department of Defense 92 00:04:41,040 --> 00:04:43,440 Speaker 3: and then leave a note I found exactly and I 93 00:04:43,440 --> 00:04:44,279 Speaker 3: can tell you how I did. 94 00:04:44,279 --> 00:04:48,360 Speaker 2: Precisely, and they can exploit vulnerabilities for like personal gain 95 00:04:48,480 --> 00:04:51,800 Speaker 2: or demonstrate a point, you know, either way. In Sneakers, 96 00:04:51,839 --> 00:04:54,440 Speaker 2: the team which is led by Robert Redford, they go 97 00:04:54,520 --> 00:04:59,040 Speaker 2: up against Redford's old altruist college hacking buddy turned power 98 00:04:59,120 --> 00:05:02,239 Speaker 2: hungry tech villain, and there's some great hack in along 99 00:05:02,279 --> 00:05:02,560 Speaker 2: the way. 100 00:05:02,960 --> 00:05:06,560 Speaker 3: They hack it up, side it up. Oh, he's so good. 101 00:05:06,360 --> 00:05:10,479 Speaker 2: In that, Yeah, dan Ackroyd, that's right, hacking, hacking, so 102 00:05:10,640 --> 00:05:16,239 Speaker 2: much hacking, River Phoenix Hacking. I was thinking about that movie, 103 00:05:16,640 --> 00:05:20,520 Speaker 2: as I do sometimes when, and it got me thinking 104 00:05:20,560 --> 00:05:24,760 Speaker 2: about white hat hackers, those who used to hack illegally 105 00:05:25,000 --> 00:05:27,320 Speaker 2: for profit and or power, and then they go straight 106 00:05:27,680 --> 00:05:30,880 Speaker 2: and they help the authorities bust back the Yeah. I 107 00:05:31,000 --> 00:05:34,680 Speaker 2: like that idea. One of the most annoying characters on television, 108 00:05:34,920 --> 00:05:39,720 Speaker 2: Penelope on Criminal Minds, was a bad hacker. Yeah, and 109 00:05:39,760 --> 00:05:41,919 Speaker 2: then she was recruited by the FBI to hack the 110 00:05:41,960 --> 00:05:45,600 Speaker 2: world in pursuit of horrible violent criminals. And then they 111 00:05:45,640 --> 00:05:48,000 Speaker 2: also needed her to like teeter around the office in 112 00:05:48,040 --> 00:05:51,800 Speaker 2: clown costumes, Yeah, spouting out like stale slang while holding 113 00:05:51,839 --> 00:05:55,320 Speaker 2: something from the Archie McFee cap her. Oh I can't. 114 00:05:55,440 --> 00:05:57,360 Speaker 2: Like she's just running around with a rubber chicken pen 115 00:05:57,440 --> 00:05:58,560 Speaker 2: with a feather puff at the end. 116 00:05:58,680 --> 00:05:59,960 Speaker 3: What a rubber chicken? 117 00:06:00,320 --> 00:06:02,039 Speaker 2: Doesn't that sound like something she'd hash. 118 00:06:02,120 --> 00:06:03,160 Speaker 3: That's some real clan behavior. 119 00:06:03,240 --> 00:06:06,480 Speaker 2: Yeah it is. Anyway, I was poking around with the hackers, 120 00:06:06,520 --> 00:06:10,480 Speaker 2: basically hacking my way through Google's lousy search model, and 121 00:06:10,520 --> 00:06:13,800 Speaker 2: I found something. I caught a case there. I caught 122 00:06:13,839 --> 00:06:16,080 Speaker 2: a couple of cases. I think you're gonna like them. Please, 123 00:06:16,240 --> 00:06:19,320 Speaker 2: I should warn you that, just like the last time 124 00:06:19,360 --> 00:06:20,800 Speaker 2: I told you about hacking. 125 00:06:20,480 --> 00:06:22,560 Speaker 3: Crime, you got hacked. 126 00:06:23,440 --> 00:06:26,680 Speaker 2: No, I'm going to use a lot of technical language. 127 00:06:27,400 --> 00:06:29,080 Speaker 2: Much of it is going to go over your pretty 128 00:06:29,120 --> 00:06:32,560 Speaker 2: little head. Probably don't be intimidated, like some of us 129 00:06:32,600 --> 00:06:34,240 Speaker 2: are just more tech savvy and smarter. 130 00:06:34,400 --> 00:06:35,360 Speaker 3: No, it's very to true. 131 00:06:35,560 --> 00:06:39,000 Speaker 2: So I'm going to use terms like hacking and mainframe 132 00:06:39,800 --> 00:06:40,880 Speaker 2: and motherboard. 133 00:06:41,320 --> 00:06:43,520 Speaker 3: Are these terms like DJ's used like a motherboard? I'm 134 00:06:43,520 --> 00:06:44,279 Speaker 3: on my motherboard? 135 00:06:44,320 --> 00:06:46,800 Speaker 2: The ones and two, database and network? Have you heard 136 00:06:46,800 --> 00:06:47,320 Speaker 2: those before? 137 00:06:47,440 --> 00:06:50,920 Speaker 3: No? None of the all new to me keyboard keyboard? 138 00:06:50,920 --> 00:06:52,880 Speaker 3: Oh like oh yeah, like with the with the piano 139 00:06:53,040 --> 00:06:54,560 Speaker 3: correct correct USB drive? 140 00:06:55,480 --> 00:06:58,240 Speaker 2: Nope, Like I said, I don't want you to be intimidated. 141 00:06:58,320 --> 00:07:01,520 Speaker 2: The truth is that I has but a tenuous grasp 142 00:07:01,640 --> 00:07:05,120 Speaker 2: on all of those concepts and the items myself. So 143 00:07:05,160 --> 00:07:06,800 Speaker 2: we're on this digital journey together. 144 00:07:07,240 --> 00:07:08,920 Speaker 3: You do know, I have a bunch of friends who 145 00:07:08,920 --> 00:07:11,400 Speaker 3: are like hardcore, and then they talk to me about 146 00:07:11,440 --> 00:07:13,240 Speaker 3: stuff and I'm like, I use yellow legal pads. I 147 00:07:13,240 --> 00:07:14,360 Speaker 3: don't know what you're talking about. 148 00:07:14,480 --> 00:07:17,120 Speaker 2: No, I'm just like, you know, I'm like, why isn't 149 00:07:17,120 --> 00:07:21,800 Speaker 2: everything opening? Oh, I'm not connected to the internet. Cars, 150 00:07:22,600 --> 00:07:25,040 Speaker 2: I'm not talking about the Pixar movies there and back up, 151 00:07:25,440 --> 00:07:30,800 Speaker 2: I was like, you're going to I'm talking about the 152 00:07:30,800 --> 00:07:35,120 Speaker 2: things we drive down the street. Cars are full of 153 00:07:35,200 --> 00:07:38,960 Speaker 2: micro chips totally. And wasn't that part of the supply 154 00:07:39,040 --> 00:07:41,320 Speaker 2: chain issue during the early days of COVID, Remember there 155 00:07:41,360 --> 00:07:44,160 Speaker 2: was like the chip shortage for new cars and that's 156 00:07:44,360 --> 00:07:45,880 Speaker 2: like the cost of new cars. 157 00:07:45,880 --> 00:07:48,320 Speaker 3: And then cars they have all the screens. 158 00:07:48,360 --> 00:07:51,440 Speaker 2: Now they got like a forty inch television screen smack 159 00:07:51,480 --> 00:07:52,360 Speaker 2: in the middle of the dash. 160 00:07:53,240 --> 00:07:53,840 Speaker 3: Video games. 161 00:07:54,560 --> 00:07:56,840 Speaker 2: Yeah, you can't text and drive. That's good, but you 162 00:07:56,840 --> 00:07:59,880 Speaker 2: can have a small TV like in your lap drive. 163 00:08:00,640 --> 00:08:01,480 Speaker 3: You're making. 164 00:08:03,520 --> 00:08:07,440 Speaker 2: In some cars that'll remain nameless. It's on those screens. 165 00:08:07,520 --> 00:08:09,680 Speaker 2: We have to do stuff like adjust the AC or 166 00:08:09,720 --> 00:08:11,040 Speaker 2: like put on the turn signal. 167 00:08:11,080 --> 00:08:12,880 Speaker 3: I've heard about this, Yes, that's the wild one. 168 00:08:12,920 --> 00:08:14,560 Speaker 5: To screen. 169 00:08:14,600 --> 00:08:16,880 Speaker 2: You have to tell the car not to run over kids. 170 00:08:18,440 --> 00:08:21,840 Speaker 2: Run over fewer kids, you know, like we don't. We 171 00:08:21,880 --> 00:08:24,320 Speaker 2: don't have buttons anymore. I love buttons there, I like. 172 00:08:24,560 --> 00:08:25,720 Speaker 3: I even like knobs. 173 00:08:26,320 --> 00:08:29,360 Speaker 2: The best car I ever owned was in nineteen eighty 174 00:08:29,440 --> 00:08:32,720 Speaker 2: nine Ford Bronco. Yes, you're not a chip in sight. 175 00:08:32,960 --> 00:08:33,680 Speaker 3: No, I don't think so. 176 00:08:33,960 --> 00:08:36,120 Speaker 2: You could fix it with like a ball, peen hammer, 177 00:08:36,760 --> 00:08:40,520 Speaker 2: a butter knife and some electrical tape. Could It was perfect. 178 00:08:40,559 --> 00:08:43,720 Speaker 2: So now now I have this Subaru, right, I love it. 179 00:08:43,840 --> 00:08:44,920 Speaker 3: Yes, I've heard you talk about. 180 00:08:44,920 --> 00:08:47,480 Speaker 2: It has all sorts of not just chips and electronics, 181 00:08:47,520 --> 00:08:50,440 Speaker 2: but like online stuff. Oh really, I can lock and 182 00:08:50,559 --> 00:08:51,680 Speaker 2: unlock it with an app. 183 00:08:52,200 --> 00:08:54,000 Speaker 3: Do you use any of this? You know? 184 00:08:54,120 --> 00:08:56,320 Speaker 2: If I if I am already gone to bed and 185 00:08:56,320 --> 00:08:58,280 Speaker 2: I can't remember if I lock the car. Sometimes I just. 186 00:08:58,600 --> 00:08:59,679 Speaker 3: Check lock it. 187 00:08:59,240 --> 00:09:02,080 Speaker 2: I could start it remotely if I wanted from an app. 188 00:09:02,559 --> 00:09:04,360 Speaker 2: You can look on the app and see where it is. 189 00:09:04,480 --> 00:09:07,280 Speaker 2: It's like, oh it's in my driveway still, But like 190 00:09:07,440 --> 00:09:09,600 Speaker 2: if someone stole it, I can see where it was 191 00:09:09,640 --> 00:09:11,040 Speaker 2: and turn off the engine on them. 192 00:09:11,120 --> 00:09:13,360 Speaker 3: That's kind of fine like that, and then did would 193 00:09:13,360 --> 00:09:14,240 Speaker 3: they crash the car if you? 194 00:09:15,120 --> 00:09:17,079 Speaker 2: Yeah, Well, what do I care? I'm not in it? 195 00:09:18,600 --> 00:09:21,440 Speaker 3: Curious kind of like a good idea until you realize 196 00:09:21,480 --> 00:09:22,280 Speaker 3: what you've readen No. 197 00:09:22,280 --> 00:09:25,880 Speaker 2: I think it just boo powers down, no help, Okay, 198 00:09:25,960 --> 00:09:28,320 Speaker 2: I stole the wrong flashing lights come on and let's drive. 199 00:09:28,360 --> 00:09:30,880 Speaker 3: Other drivers know exactly. 200 00:09:31,200 --> 00:09:32,679 Speaker 2: It texts me when there's an. 201 00:09:32,640 --> 00:09:35,160 Speaker 3: Issue, used like a snarky tone. 202 00:09:35,200 --> 00:09:37,440 Speaker 2: I ran out of wiper fluid, and it kept reaching 203 00:09:37,440 --> 00:09:41,080 Speaker 2: out to me via text like a democratic fundraiser, totally 204 00:09:41,200 --> 00:09:43,360 Speaker 2: to let me know, like, hey, don't forget about me. 205 00:09:43,520 --> 00:09:45,680 Speaker 3: But is it like the duo lingo. It's kind of snarky, 206 00:09:45,720 --> 00:09:46,480 Speaker 3: like have you forgotten that? 207 00:09:46,480 --> 00:09:50,160 Speaker 2: It's very sincere and I just text back, wow, needy, 208 00:09:50,800 --> 00:09:54,600 Speaker 2: just keep going keyless entry peep peep. There was a 209 00:09:54,640 --> 00:09:57,640 Speaker 2: time recently here in Oakland where ladies were getting carjacked, 210 00:09:57,880 --> 00:10:01,080 Speaker 2: like up and down this very busy street near me, 211 00:10:01,800 --> 00:10:03,400 Speaker 2: and it seems to have calmed down, but it was 212 00:10:03,480 --> 00:10:07,640 Speaker 2: happening almost regularly for a while, like summer carjackings. Others 213 00:10:07,679 --> 00:10:09,720 Speaker 2: like guys would just run up, break the passenger window 214 00:10:09,760 --> 00:10:11,520 Speaker 2: and steal a purse on the seat. 215 00:10:11,600 --> 00:10:12,959 Speaker 3: Us like a spark plug break the window. 216 00:10:13,120 --> 00:10:16,080 Speaker 2: Yeah, and so for the carjacking. That's why I keep 217 00:10:16,080 --> 00:10:18,320 Speaker 2: my keys in my pocket when I'm driving instead of 218 00:10:18,360 --> 00:10:20,600 Speaker 2: like in my bag or like the cup holder, because 219 00:10:20,640 --> 00:10:22,439 Speaker 2: if I have my keys on me and they forced 220 00:10:22,480 --> 00:10:24,280 Speaker 2: me out, they aren't going to get very far because 221 00:10:24,280 --> 00:10:28,920 Speaker 2: you has to be close to the car to run, Sarah, 222 00:10:28,920 --> 00:10:31,120 Speaker 2: and you have to stay on the ball, keep your 223 00:10:31,160 --> 00:10:33,760 Speaker 2: head on a swivel. I don't think Subaru foresters are 224 00:10:33,760 --> 00:10:36,560 Speaker 2: like the hot Cardiff steal, but you never know. 225 00:10:38,320 --> 00:10:38,480 Speaker 6: So. 226 00:10:38,679 --> 00:10:42,199 Speaker 2: And that's another peril of the keiless entry fob is 227 00:10:42,240 --> 00:10:45,480 Speaker 2: that people can buy devices that clone keys to use. 228 00:10:45,320 --> 00:10:47,160 Speaker 3: For stealing the RFD. 229 00:10:47,480 --> 00:10:49,760 Speaker 2: Yeah, they walk by houses at night with a thing 230 00:10:49,880 --> 00:10:53,080 Speaker 2: and they can, you know, the hackens and they pick 231 00:10:53,160 --> 00:10:55,280 Speaker 2: up a signal from the keyfob and then they can 232 00:10:55,400 --> 00:10:56,520 Speaker 2: use that to start the car out. 233 00:10:56,840 --> 00:10:59,520 Speaker 3: They're buddy holding up like a wire and they're like 234 00:10:59,520 --> 00:11:01,439 Speaker 3: trying to get I would have thought it was a. 235 00:11:01,400 --> 00:11:04,680 Speaker 2: Total urban legend, but I've seen home like break camera 236 00:11:04,720 --> 00:11:07,160 Speaker 2: stuff of it, and it happened not a couple of times, 237 00:11:07,200 --> 00:11:09,160 Speaker 2: not too far from me. So you know what I do. 238 00:11:09,280 --> 00:11:11,680 Speaker 2: I put my keys in a Faraday box by the door. 239 00:11:14,480 --> 00:11:14,960 Speaker 3: I love it. 240 00:11:15,040 --> 00:11:17,600 Speaker 2: I probably overreacting, but whatever, it's a cute box. 241 00:11:17,880 --> 00:11:21,800 Speaker 3: I'm anyway, Yes, plants on it. You can override a 242 00:11:21,800 --> 00:11:22,640 Speaker 3: garden seed box. 243 00:11:22,800 --> 00:11:28,280 Speaker 2: Yes, no, it's very it's tasteful. It's brown and leathery. 244 00:11:28,280 --> 00:11:32,880 Speaker 2: There anyway. You can override the key with sentry. Other ways. 245 00:11:33,320 --> 00:11:37,000 Speaker 2: One involves a USB stick how so, but not in 246 00:11:37,040 --> 00:11:42,480 Speaker 2: the way you think, Zaren, I'm thinking nothing. It's physical hacking. 247 00:11:43,000 --> 00:11:45,559 Speaker 2: I'm sure you've heard of the Kia challenge. 248 00:11:45,679 --> 00:11:49,079 Speaker 3: Oh yes, okay, yes, this was a hacking. 249 00:11:49,160 --> 00:11:52,720 Speaker 2: I know, I totally did. It's a viral trend on TikTok. 250 00:11:52,760 --> 00:11:56,760 Speaker 2: In twenty twenty two is when it started. So people, okay, teens, 251 00:11:57,160 --> 00:11:59,160 Speaker 2: They learned how to steal certain Kia. 252 00:11:58,920 --> 00:12:01,199 Speaker 5: And Hyundai vehicle using only a. 253 00:12:01,240 --> 00:12:05,240 Speaker 2: USB cable and it started as this form of car theft, 254 00:12:05,280 --> 00:12:08,880 Speaker 2: but it quickly became a social media challenge, and like 255 00:12:09,080 --> 00:12:12,160 Speaker 2: vehicle thefts just surged across the US. 256 00:12:12,760 --> 00:12:15,000 Speaker 3: They just joy ride these cars, they don't write. 257 00:12:15,320 --> 00:12:18,560 Speaker 2: So they targeted Kias and Hyundais made between twenty ten 258 00:12:18,679 --> 00:12:19,679 Speaker 2: and twenty twenty one. 259 00:12:19,760 --> 00:12:20,240 Speaker 3: So that's a. 260 00:12:20,200 --> 00:12:24,520 Speaker 2: Pretty broad stretch. That's because they had traditional metal keys 261 00:12:24,559 --> 00:12:28,400 Speaker 2: not pushed to start, and the cars also didn't have immobilizers, 262 00:12:29,000 --> 00:12:32,079 Speaker 2: so those are like basic anti theft devices that keep 263 00:12:32,120 --> 00:12:36,160 Speaker 2: the engine from starting without the correct key. And apparently 264 00:12:36,200 --> 00:12:38,560 Speaker 2: the car alarm wouldn't go off if you broke the 265 00:12:38,600 --> 00:12:39,280 Speaker 2: back window. 266 00:12:39,960 --> 00:12:42,480 Speaker 3: Oh okay to know. 267 00:12:43,160 --> 00:12:45,840 Speaker 2: Yeah, what all that means is that it was possible 268 00:12:45,840 --> 00:12:48,000 Speaker 2: to get into the car without the alarm going off, 269 00:12:48,400 --> 00:12:51,640 Speaker 2: remove the steering column cover, use a USB cable or 270 00:12:51,679 --> 00:12:54,920 Speaker 2: anything shaped like it to turn the ignition switch, and 271 00:12:54,960 --> 00:12:56,280 Speaker 2: then start the car and drive away. 272 00:12:56,600 --> 00:12:57,920 Speaker 3: Oh you didn't have to like drop it down and 273 00:12:57,920 --> 00:12:58,600 Speaker 3: pull the wires out. 274 00:12:58,600 --> 00:13:03,480 Speaker 2: Oh no key. No hacking tools required. A group calling 275 00:13:03,520 --> 00:13:08,480 Speaker 2: themselves the Kia Boys posted videos anytime you put boys 276 00:13:08,520 --> 00:13:10,360 Speaker 2: in it, it's just you just took the wind out 277 00:13:10,400 --> 00:13:11,840 Speaker 2: of yourself. You know what I mean? 278 00:13:12,000 --> 00:13:14,400 Speaker 3: Kia Boys. 279 00:13:14,640 --> 00:13:16,520 Speaker 2: Yeah, I guess that is, but like proud Boys, No, 280 00:13:16,880 --> 00:13:21,600 Speaker 2: that's scary. They posted videos on TikTok and YouTube showing 281 00:13:21,600 --> 00:13:24,480 Speaker 2: how to steal the cars, like tutorials youtubes like keep 282 00:13:24,520 --> 00:13:27,679 Speaker 2: it Up Yeah Kia Boys tutorials. Other people copied them. 283 00:13:27,679 --> 00:13:31,360 Speaker 2: They turned it into this challenge. Some filmed themselves stealing 284 00:13:31,400 --> 00:13:33,599 Speaker 2: the cars and joy writing, and then they posted the 285 00:13:33,679 --> 00:13:34,600 Speaker 2: videos online. 286 00:13:34,679 --> 00:13:36,199 Speaker 3: Not only did they take the evidence that they made 287 00:13:36,200 --> 00:13:36,840 Speaker 3: it publicly avail. 288 00:13:37,000 --> 00:13:39,280 Speaker 2: Yes, we're talking about like, oh, don't write down your 289 00:13:39,280 --> 00:13:42,040 Speaker 2: plans for these guys are like watch it in four. 290 00:13:41,920 --> 00:13:43,480 Speaker 3: Kas and they were in like the shasty mass you 291 00:13:43,520 --> 00:13:44,280 Speaker 3: can't really see who they are. 292 00:13:44,440 --> 00:13:47,480 Speaker 2: Probably, so there was this huge spike in the thefts, 293 00:13:47,520 --> 00:13:51,040 Speaker 2: like I said, Milwaukee, La, Saint Louis Mania, all of them, 294 00:13:51,320 --> 00:13:54,920 Speaker 2: like some of these places that the car thefts increased 295 00:13:54,920 --> 00:13:58,439 Speaker 2: by like more than one hundred percent, and like I said, 296 00:13:58,640 --> 00:14:02,040 Speaker 2: big with the teens, a lot of the thieves were miners. 297 00:14:02,840 --> 00:14:06,880 Speaker 2: Law enforcement and community leaders went into like overdrive trying 298 00:14:06,880 --> 00:14:09,800 Speaker 2: to respond to this. My neighbor a couple of doors up, 299 00:14:09,840 --> 00:14:13,320 Speaker 2: had her Kia stolen three times, what yeah, three times, 300 00:14:13,520 --> 00:14:15,959 Speaker 2: so the cops would recover it in like an industrial 301 00:14:16,000 --> 00:14:19,240 Speaker 2: area uptown and she'd get the ignition repaired to how 302 00:14:19,280 --> 00:14:21,040 Speaker 2: it was before and then we could stolen again. 303 00:14:21,280 --> 00:14:23,800 Speaker 3: So they weren't really wrecking the car enjoy right now. 304 00:14:23,800 --> 00:14:26,800 Speaker 2: No, They're just scooted it around running and got trashed. 305 00:14:27,360 --> 00:14:29,320 Speaker 2: But for the most part they were just like pushing 306 00:14:29,320 --> 00:14:32,920 Speaker 2: it to Yeah, so there was a fix that the 307 00:14:32,960 --> 00:14:35,280 Speaker 2: dealership could do, but there were so many that the 308 00:14:35,320 --> 00:14:38,520 Speaker 2: parts were on back order for ages. Oh wow, So 309 00:14:38,520 --> 00:14:40,920 Speaker 2: then she got a club. But then one night some 310 00:14:41,040 --> 00:14:42,880 Speaker 2: ding dong broke into the car and tried to break 311 00:14:42,880 --> 00:14:46,680 Speaker 2: the club off with a rock. What. Yeah, he wasn't successful, 312 00:14:46,720 --> 00:14:50,040 Speaker 2: but he did get away. A cop came told him 313 00:14:50,080 --> 00:14:53,720 Speaker 2: to freeze, drew his weapon. Yeah, and the guy hopped 314 00:14:53,720 --> 00:14:56,160 Speaker 2: into another car and drove away around the cop. 315 00:14:56,280 --> 00:14:58,400 Speaker 3: What was the cop doing standing there. 316 00:14:58,320 --> 00:14:59,160 Speaker 2: With his weapon on it? 317 00:14:59,240 --> 00:15:01,400 Speaker 3: Like, why didn't pull a weapon fingers? 318 00:15:01,600 --> 00:15:04,360 Speaker 2: I think that the guy realized that the cop was 319 00:15:04,440 --> 00:15:06,840 Speaker 2: he's flying solo. He didn't have a partner with them. 320 00:15:07,280 --> 00:15:09,240 Speaker 2: The CoP's not going to open fire at two in 321 00:15:09,280 --> 00:15:11,960 Speaker 2: the morning with the possibility of hitting the houses behind 322 00:15:12,000 --> 00:15:13,720 Speaker 2: her in the air. I don't know. I watched the 323 00:15:13,720 --> 00:15:17,520 Speaker 2: whole thing from my front window and it was pretty 324 00:15:18,040 --> 00:15:20,080 Speaker 2: That was That's why I was telling you this part. 325 00:15:20,440 --> 00:15:22,960 Speaker 2: It was a ridiculous crime. It was one of the 326 00:15:22,960 --> 00:15:26,760 Speaker 2: most ridiculous things I've ever seen. And yeah, he just 327 00:15:27,000 --> 00:15:29,600 Speaker 2: swerved around and the cop put his hands down and 328 00:15:29,760 --> 00:15:33,800 Speaker 2: was just like the physical representation of dejections, Like he 329 00:15:33,920 --> 00:15:38,080 Speaker 2: just looked like now, he's got to go tell all 330 00:15:38,120 --> 00:15:42,680 Speaker 2: his pals. Yeah, so wow. There were class action lawsuits 331 00:15:42,680 --> 00:15:46,840 Speaker 2: filed against Hyundai and Kia. In twenty twenty three, the 332 00:15:46,840 --> 00:15:50,800 Speaker 2: carmakers offered free software updates to add anti theft features 333 00:15:50,840 --> 00:15:55,800 Speaker 2: like the immobilizer a longer alarm sound. They also gave 334 00:15:55,800 --> 00:15:58,520 Speaker 2: out steering wheel locks through police departments, so I guess 335 00:15:58,520 --> 00:15:59,800 Speaker 2: you could go to the cops and be like, I 336 00:15:59,800 --> 00:16:03,480 Speaker 2: need to club and they eventually settled the lawsuits for 337 00:16:03,480 --> 00:16:07,120 Speaker 2: around two hundred million dollars. Still going on though earlier 338 00:16:07,160 --> 00:16:10,600 Speaker 2: this year. In February of twenty twenty five, members of 339 00:16:10,760 --> 00:16:15,640 Speaker 2: Texas's Laredo Police Department Auto Theft Task Force. They detained 340 00:16:15,680 --> 00:16:20,120 Speaker 2: four boys ranging in age from thirteen to fifteen. There 341 00:16:20,200 --> 00:16:23,160 Speaker 2: was like the string of thefts. Two Kias and three 342 00:16:23,240 --> 00:16:26,560 Speaker 2: Hundays were actually stolen, but there were eleven other cases 343 00:16:26,600 --> 00:16:30,280 Speaker 2: where these fools tried to steal the cars and weren't successful. 344 00:16:30,800 --> 00:16:32,160 Speaker 2: They didn't watch the video all. 345 00:16:32,040 --> 00:16:33,600 Speaker 3: The way through their junior high kids. 346 00:16:34,400 --> 00:16:36,640 Speaker 2: Most of the cars that they hit were already unlocked, 347 00:16:36,840 --> 00:16:38,800 Speaker 2: which like, come on, I don't want a victim blame. 348 00:16:38,840 --> 00:16:43,400 Speaker 2: But they had the steering columns broken, the ignition switch broken, off. 349 00:16:43,920 --> 00:16:47,200 Speaker 2: All four of these boys were involved in all sixteen 350 00:16:47,280 --> 00:16:50,040 Speaker 2: of the cases, both the five successful in the eleven. 351 00:16:50,640 --> 00:16:54,040 Speaker 2: So I mean they caught counts like criminal attempt so 352 00:16:54,080 --> 00:16:57,760 Speaker 2: that's a misdemeanor, but like engaging in organized criminal activity 353 00:16:57,760 --> 00:17:02,240 Speaker 2: that's a felony left the state felonies, so they get 354 00:17:02,280 --> 00:17:05,040 Speaker 2: you know, all of these adam Yeah. 355 00:17:05,080 --> 00:17:05,240 Speaker 6: Right. 356 00:17:05,440 --> 00:17:08,040 Speaker 2: Criminal conspiracy cases like this can be found all over 357 00:17:08,080 --> 00:17:12,360 Speaker 2: the country, plus Australia and Canada, even the cool places 358 00:17:12,400 --> 00:17:15,800 Speaker 2: like that. The Canada ones are interesting because Canadian law 359 00:17:15,880 --> 00:17:19,640 Speaker 2: requires immobilizers in all new vehicles sold in Canada since 360 00:17:19,720 --> 00:17:22,000 Speaker 2: two thousand and seven, so that means that the ones 361 00:17:22,000 --> 00:17:24,000 Speaker 2: that were targeted were imported from the US. 362 00:17:24,960 --> 00:17:26,760 Speaker 3: How did they do I guess they just recognized. 363 00:17:28,000 --> 00:17:32,520 Speaker 2: Listen, let's pause for some ads. Brace yourself for savings. 364 00:17:33,160 --> 00:17:35,640 Speaker 2: When we come back, we're going to boost some more rides, 365 00:17:35,680 --> 00:18:01,200 Speaker 2: but this time was software, not hardware. Saren. I want 366 00:18:01,200 --> 00:18:04,960 Speaker 2: to introduce you to two dudes, two hack attackers, two 367 00:18:05,080 --> 00:18:07,879 Speaker 2: gray hat hackers who technically broke the law in an 368 00:18:07,920 --> 00:18:11,119 Speaker 2: effort to work for the greater good. So the first 369 00:18:11,119 --> 00:18:14,119 Speaker 2: guy is Charles Alfred Miller, Charlie Miller. 370 00:18:14,640 --> 00:18:17,880 Speaker 3: He got a handle a hacker handle, No, Charlie. 371 00:18:18,119 --> 00:18:22,480 Speaker 2: He's an American. He got a bachelor's in mass magna 372 00:18:22,520 --> 00:18:26,879 Speaker 2: cum loud from Northeast Misery State just now Truman State University. 373 00:18:27,240 --> 00:18:31,960 Speaker 2: Got a PhD in math from Notre Dame. He's basically 374 00:18:32,080 --> 00:18:33,920 Speaker 2: and that was in two thousand and he got his PhD. 375 00:18:33,960 --> 00:18:36,120 Speaker 2: He was like early on the learned to code train 376 00:18:36,200 --> 00:18:38,919 Speaker 2: it seems like it. Yeah, So he started his professional 377 00:18:38,960 --> 00:18:42,439 Speaker 2: career at the NSA and he worked as a cryptographer 378 00:18:42,520 --> 00:18:44,680 Speaker 2: slash codebreaker there for five years. 379 00:18:44,840 --> 00:18:45,800 Speaker 3: That's got to be fun and challenging. 380 00:18:45,840 --> 00:18:48,800 Speaker 2: I guess, well, sometimes when I do my cryptogram puzzles, 381 00:18:49,000 --> 00:18:51,399 Speaker 2: I wonder if the NSA is watching me through the 382 00:18:51,400 --> 00:18:54,080 Speaker 2: camera on my iPhone, and then I wonder if they'll 383 00:18:54,080 --> 00:18:56,080 Speaker 2: see how good I am at these puzzles. And then 384 00:18:56,080 --> 00:18:58,399 Speaker 2: my phone will ring. It'll be them asking me to 385 00:18:58,480 --> 00:19:00,520 Speaker 2: join the NSA team to be a hacker. 386 00:19:00,720 --> 00:19:02,320 Speaker 3: We put out the puzzles and we look for some 387 00:19:02,320 --> 00:19:03,200 Speaker 3: of the best. 388 00:19:03,880 --> 00:19:06,760 Speaker 2: We'll tell me about insurance and benefits and is the 389 00:19:06,800 --> 00:19:09,440 Speaker 2: position remote, and then they'll hang up on me because 390 00:19:09,480 --> 00:19:11,959 Speaker 2: they're looking for true patriots who aren't focused on their 391 00:19:11,960 --> 00:19:12,439 Speaker 2: own comfort. 392 00:19:12,520 --> 00:19:13,200 Speaker 3: Yeah, that's true. 393 00:19:13,240 --> 00:19:15,040 Speaker 2: I wonder about this sometimes, I. 394 00:19:14,760 --> 00:19:15,240 Speaker 3: Bet you do. 395 00:19:15,480 --> 00:19:15,879 Speaker 2: I do so. 396 00:19:15,960 --> 00:19:19,040 Speaker 3: Do you do these, by the way, on your phone? No? 397 00:19:19,119 --> 00:19:21,880 Speaker 2: I do them on paper. I can't have the government 398 00:19:21,920 --> 00:19:23,760 Speaker 2: seeing how good I am at cryptograms. 399 00:19:24,840 --> 00:19:26,520 Speaker 3: They would draft you in automatically. 400 00:19:26,680 --> 00:19:30,240 Speaker 2: I need my privacy. When he was in the NSA, 401 00:19:30,880 --> 00:19:36,920 Speaker 2: Miller conducted offensive computer security research. Offensive like on the offense, 402 00:19:37,040 --> 00:19:44,240 Speaker 2: not like oh god, gross, yeah, but his specific operations confidential, 403 00:19:44,560 --> 00:19:48,840 Speaker 2: of course, from my eyes only. He left the NSA 404 00:19:49,760 --> 00:19:52,400 Speaker 2: and then he served as a lead analyst at Independent 405 00:19:52,480 --> 00:19:53,680 Speaker 2: Security Evaluators. 406 00:19:53,800 --> 00:19:56,200 Speaker 3: Love those times, those companies and names like that, You're like, okay, 407 00:19:56,240 --> 00:19:57,120 Speaker 3: what yeah? 408 00:19:57,160 --> 00:19:59,240 Speaker 2: And then he later he worked for like he worked 409 00:19:59,280 --> 00:20:03,160 Speaker 2: for Twitter for while contributing to the information security team. 410 00:20:03,280 --> 00:20:06,000 Speaker 3: Like for like the NSA. Background. Who knows he's like 411 00:20:07,200 --> 00:20:07,840 Speaker 3: my former age. 412 00:20:08,000 --> 00:20:11,760 Speaker 2: Listen to this. He's a four time winner of the 413 00:20:12,000 --> 00:20:17,880 Speaker 2: pone to Own security competition. It's p wn numeral two. 414 00:20:18,160 --> 00:20:19,000 Speaker 6: O w N. 415 00:20:19,840 --> 00:20:21,080 Speaker 3: Do you know what I had to do? 416 00:20:21,080 --> 00:20:21,919 Speaker 5: You know what I had to do? 417 00:20:22,000 --> 00:20:24,639 Speaker 2: I went on Google. I hacked in to the Google 418 00:20:24,800 --> 00:20:29,440 Speaker 2: mainframe and I typed in, how do you pronounce p wn? 419 00:20:31,480 --> 00:20:33,040 Speaker 2: I was like, I want to say it right. 420 00:20:33,560 --> 00:20:34,359 Speaker 3: I appreciate your. 421 00:20:34,480 --> 00:20:40,040 Speaker 2: Thorough phone to own. Okay, that's known as hacking super Bowl. 422 00:20:40,960 --> 00:20:44,040 Speaker 2: So for that, he hacked a MacBook Air in under 423 00:20:44,040 --> 00:20:46,639 Speaker 2: two minutes. In two thousand and eight, he was the 424 00:20:46,680 --> 00:20:50,800 Speaker 2: first to remotely exploit an iPhone and that's like break 425 00:20:50,840 --> 00:20:55,160 Speaker 2: in hacking style, not like exploit it, like publish pictures 426 00:20:55,160 --> 00:21:00,400 Speaker 2: of it that should be published via malicious SMS message 427 00:21:00,480 --> 00:21:01,199 Speaker 2: in two thousand and. 428 00:21:01,200 --> 00:21:03,200 Speaker 3: Seven, so he sent a text message to the phone 429 00:21:03,240 --> 00:21:03,919 Speaker 3: and then gave him. 430 00:21:04,960 --> 00:21:07,679 Speaker 2: Yeah, he was the first to hack an Android device 431 00:21:07,760 --> 00:21:11,040 Speaker 2: on its launch day, and he exped He exploited the 432 00:21:11,080 --> 00:21:12,920 Speaker 2: vulnerabilities there via web kit. 433 00:21:13,800 --> 00:21:14,399 Speaker 5: What that is? 434 00:21:15,200 --> 00:21:18,960 Speaker 3: Yeah, I know that they use often things like oh, 435 00:21:19,000 --> 00:21:22,199 Speaker 3: we'll use your calendar or like this phone is like 436 00:21:22,320 --> 00:21:24,480 Speaker 3: you don't think about right. 437 00:21:24,400 --> 00:21:28,240 Speaker 2: That's and that's basically what he does. So he has 438 00:21:28,280 --> 00:21:34,800 Speaker 2: published the iOS Hackers Handbook, the Mac Hackers Handbook, Fuzzing 439 00:21:34,880 --> 00:21:39,200 Speaker 2: for Software Security Testing and Quality Assurance. Like basically is there. 440 00:21:39,320 --> 00:21:40,480 Speaker 2: This guy's a real pan. 441 00:21:41,440 --> 00:21:42,720 Speaker 3: He wrote the books on these things. 442 00:21:42,840 --> 00:21:47,320 Speaker 2: He literally wrote the books. Foreign Policy described him as 443 00:21:47,359 --> 00:21:50,679 Speaker 2: quote one of the most technically proficient hackers on Earth. 444 00:21:52,280 --> 00:21:53,320 Speaker 3: Foreign Policy given him. 445 00:21:53,240 --> 00:21:54,840 Speaker 5: The Star Buddy. 446 00:21:54,880 --> 00:21:56,879 Speaker 2: Okay, so then we have Chris. 447 00:21:56,760 --> 00:21:59,480 Speaker 3: Thallasek Okay, so not like the pile. 448 00:22:00,160 --> 00:22:02,280 Speaker 2: It's Vallisek. That's another one. 449 00:22:02,920 --> 00:22:04,360 Speaker 5: He was born in eighty. 450 00:22:04,080 --> 00:22:07,159 Speaker 2: Two in Pennsylvania. He got a BS in computer science 451 00:22:07,160 --> 00:22:09,280 Speaker 2: from University of Pittsburgh coding. 452 00:22:09,440 --> 00:22:11,440 Speaker 3: So another early com era guy. 453 00:22:11,560 --> 00:22:16,240 Speaker 2: Yeah. He built his reputation through research into Microsoft Windows. 454 00:22:16,640 --> 00:22:17,840 Speaker 2: Heap exploitation. 455 00:22:18,400 --> 00:22:20,359 Speaker 3: Sure sounds such a simple term. 456 00:22:20,400 --> 00:22:23,439 Speaker 2: And I know you know what I'm talking about Windows. 457 00:22:25,760 --> 00:22:29,920 Speaker 2: I got a window in my room. Heap exploitation. Hap. 458 00:22:31,200 --> 00:22:31,400 Speaker 4: There. 459 00:22:32,240 --> 00:22:34,920 Speaker 2: Think of a heap as a chunk of memory your 460 00:22:34,960 --> 00:22:38,040 Speaker 2: computer uses to keep track of things a program creates 461 00:22:38,040 --> 00:22:41,000 Speaker 2: while it's running. Okay, Like when a program goes like, 462 00:22:41,080 --> 00:22:43,399 Speaker 2: hey man, I need more memory to store this new 463 00:22:44,320 --> 00:22:47,359 Speaker 2: the heap. The heap gives it space. The heap is 464 00:22:47,400 --> 00:22:51,880 Speaker 2: not alive. The heap cannot hurt you. The heap absorbs. 465 00:22:52,680 --> 00:22:56,000 Speaker 2: The heap enjoys a good cheese steak. The heap vacations 466 00:22:56,000 --> 00:23:00,560 Speaker 2: in Daytona beach. All right. So, heap exploitation is when 467 00:23:00,560 --> 00:23:04,199 Speaker 2: a hacker takes advantage of mistakes in how memory is 468 00:23:04,280 --> 00:23:07,199 Speaker 2: managed in it. So they do that in order to 469 00:23:07,280 --> 00:23:10,919 Speaker 2: corrupt data, crash program take control of a computer. Do 470 00:23:10,960 --> 00:23:12,320 Speaker 2: you understand what I just said? 471 00:23:12,520 --> 00:23:14,600 Speaker 3: Some of it, like taking control of a computer. 472 00:23:14,640 --> 00:23:17,399 Speaker 2: Man, Do I understand what I just said? Absolutely not. 473 00:23:17,680 --> 00:23:19,520 Speaker 3: I had a friend who used to you be on 474 00:23:19,560 --> 00:23:21,480 Speaker 3: your computer, and he would get on your computer from 475 00:23:21,640 --> 00:23:25,320 Speaker 3: his computer like at his house, start moving the cursor around. Yeah. 476 00:23:25,359 --> 00:23:26,919 Speaker 3: I was like, I hate this, I hate all of this. 477 00:23:27,040 --> 00:23:28,800 Speaker 2: I guys do that and it's like, what do I 478 00:23:28,840 --> 00:23:29,680 Speaker 2: have open right now? 479 00:23:29,800 --> 00:23:31,400 Speaker 3: Exactly? And he was like, oh, I got in through 480 00:23:31,440 --> 00:23:33,000 Speaker 3: this exploit. And I'm like, I swear to God, I'm 481 00:23:33,000 --> 00:23:34,199 Speaker 3: gonna come over to your house and beat you up. 482 00:23:34,640 --> 00:23:36,560 Speaker 2: They're like, you're really good at spider solitary. 483 00:23:36,920 --> 00:23:38,640 Speaker 3: Can you hack my fists? How about that? 484 00:23:40,000 --> 00:23:44,440 Speaker 2: So Valasek he became an expert in both the exploitation 485 00:23:44,640 --> 00:23:48,399 Speaker 2: of heaps and the protection of heaps. And remember, the 486 00:23:48,440 --> 00:23:49,399 Speaker 2: heap cannot hurt you. 487 00:23:49,400 --> 00:23:50,439 Speaker 3: You know, I don't want to tear It. 488 00:23:51,280 --> 00:23:54,600 Speaker 2: Can hear your thoughts, and it knows your darkest intentions, 489 00:23:54,640 --> 00:23:55,639 Speaker 2: but it cannot hurt you. 490 00:23:55,800 --> 00:23:57,800 Speaker 3: Saren, Okay, I have to trust the heap. 491 00:23:57,840 --> 00:24:00,640 Speaker 2: So this guy, he had a two thousand and nine 492 00:24:00,640 --> 00:24:04,760 Speaker 2: Black Hat presentation titled Practical Windows XP two thousand and 493 00:24:04,760 --> 00:24:07,879 Speaker 2: three Heap Exploitation, and then he did a paper in 494 00:24:07,920 --> 00:24:12,159 Speaker 2: twenty ten on Windows low fragmentation heap, good stuff. I 495 00:24:12,200 --> 00:24:14,720 Speaker 2: find myself going back to my well worn copies and 496 00:24:14,800 --> 00:24:16,119 Speaker 2: just like reading them over and over. 497 00:24:16,000 --> 00:24:18,200 Speaker 3: There low frag heap. I love that. 498 00:24:18,080 --> 00:24:20,160 Speaker 2: Each time I read them, I discover something new. 499 00:24:20,280 --> 00:24:22,200 Speaker 3: I bet you do, a little, Colonel, you'd overlooked before. 500 00:24:22,440 --> 00:24:22,600 Speaker 6: Huh. 501 00:24:22,720 --> 00:24:25,479 Speaker 2: Basically, Vallisek is like a super hacker. 502 00:24:25,760 --> 00:24:28,600 Speaker 3: He sounds like sound chair right. 503 00:24:28,840 --> 00:24:30,080 Speaker 2: He shared Summer Con. 504 00:24:30,359 --> 00:24:30,560 Speaker 3: Huh. 505 00:24:30,680 --> 00:24:33,920 Speaker 2: This is one of the US's longest running hacker conferences, 506 00:24:33,960 --> 00:24:36,640 Speaker 2: and he's been their chairman Emeritis since two thousand and three. 507 00:24:36,720 --> 00:24:38,520 Speaker 3: Do you think they have good music at the Summer Con? Oh? 508 00:24:38,640 --> 00:24:41,680 Speaker 2: You know it like hot jams. They hack into all 509 00:24:41,720 --> 00:24:46,560 Speaker 2: the music mainframes and the motherboard, Sarah. When you look 510 00:24:46,600 --> 00:24:48,680 Speaker 2: online for videos about him so you can get a 511 00:24:48,720 --> 00:24:51,879 Speaker 2: sense of how to pronounce his name, you'll find yourself 512 00:24:51,960 --> 00:24:55,480 Speaker 2: waist deep in Ted talks, like this guy is like 513 00:24:55,640 --> 00:24:59,080 Speaker 2: sixty percent Ted talk. His body is six and in 514 00:24:59,240 --> 00:25:02,600 Speaker 2: all the videos he doesn't introduce himself, I imagine because 515 00:25:02,600 --> 00:25:03,880 Speaker 2: someone has already done it before. 516 00:25:03,720 --> 00:25:04,600 Speaker 3: The recording starts. 517 00:25:04,680 --> 00:25:04,760 Speaker 6: Right. 518 00:25:05,320 --> 00:25:07,800 Speaker 2: So I watched a lot of clips of him walking 519 00:25:07,880 --> 00:25:11,000 Speaker 2: onto a stage like polite applause and one of those 520 00:25:11,080 --> 00:25:13,879 Speaker 2: nude colored mics attached to his face, like lifts up 521 00:25:13,880 --> 00:25:16,959 Speaker 2: a clicker to introduce the first slide of a PowerPoint. 522 00:25:16,480 --> 00:25:18,520 Speaker 3: And you're hoping he says his name, and he doesn't. 523 00:25:18,600 --> 00:25:20,639 Speaker 2: Yep, And I'm gonna tell you I noped out of 524 00:25:20,640 --> 00:25:23,560 Speaker 2: those so fast. I just can't. I love myself too 525 00:25:23,640 --> 00:25:24,959 Speaker 2: much to do that to myself. 526 00:25:25,000 --> 00:25:26,360 Speaker 3: Yeah, don't pone yourself like that. 527 00:25:26,760 --> 00:25:31,120 Speaker 2: I will give George Santos sixty bucks to entertain listeners, 528 00:25:31,160 --> 00:25:34,119 Speaker 2: but I won't subject myself to ted talks, especially when 529 00:25:34,119 --> 00:25:36,800 Speaker 2: they're not even six minutes, especially when they're about computers. 530 00:25:37,320 --> 00:25:41,080 Speaker 2: So Valasek, He's on video a lot. He's a recognized 531 00:25:41,119 --> 00:25:45,919 Speaker 2: speaker at all these INFOSEC conferences, Black at USA, def Con, 532 00:25:46,440 --> 00:25:47,600 Speaker 2: def Comedy. 533 00:25:47,320 --> 00:25:49,680 Speaker 3: Jam, I'm just about ask Warp Tour. 534 00:25:50,600 --> 00:25:54,000 Speaker 2: He's also widely cited in media coverage for like all 535 00:25:54,040 --> 00:25:59,120 Speaker 2: these pioneering contributions that he has to automotive cybersecurity research. 536 00:26:00,280 --> 00:26:04,200 Speaker 2: Here's a quote. Quote please, when I secure cars, now, 537 00:26:04,280 --> 00:26:06,680 Speaker 2: the first thing I look at is things that communicate 538 00:26:06,720 --> 00:26:07,959 Speaker 2: with the outside world. 539 00:26:08,640 --> 00:26:10,560 Speaker 3: So he said, I just buy old cars so people 540 00:26:10,600 --> 00:26:12,760 Speaker 3: can't do any of this stuff exactly. Pretty soon, I'm 541 00:26:12,760 --> 00:26:16,400 Speaker 3: just gonna be riding around on a penny farthing wearing clothing. 542 00:26:17,760 --> 00:26:22,360 Speaker 2: So like cars, you say, Chris and Charlie they pioneered 543 00:26:22,359 --> 00:26:27,640 Speaker 2: research together into vehicle cybersecurity. So they first demonstrated that 544 00:26:28,480 --> 00:26:31,520 Speaker 2: they got physical access to both a Ford Escape and 545 00:26:31,560 --> 00:26:34,800 Speaker 2: at Toyota Prius and were able to control their systems. 546 00:26:35,240 --> 00:26:37,400 Speaker 2: So like, once they got in physically, they could get 547 00:26:37,440 --> 00:26:41,399 Speaker 2: in through the can bus c an bus, which is 548 00:26:41,440 --> 00:26:44,919 Speaker 2: the controller area network bus. Sure, but not like a 549 00:26:45,000 --> 00:26:47,680 Speaker 2: real bus, like wheels on the bus go round and round. 550 00:26:47,800 --> 00:26:50,040 Speaker 3: Take the thing that like routes traffic for the computer. 551 00:26:50,160 --> 00:26:53,320 Speaker 2: Yeah, it's an internal communication network that lets all the 552 00:26:53,359 --> 00:26:55,639 Speaker 2: systems talk to each other. Do you have any idea 553 00:26:55,680 --> 00:26:58,120 Speaker 2: how long it took me to like condense it down 554 00:26:58,160 --> 00:27:01,359 Speaker 2: into that sentence, because I would start reading things like 555 00:27:01,520 --> 00:27:02,560 Speaker 2: I think I'm having a stroke. 556 00:27:02,840 --> 00:27:04,040 Speaker 3: Look on face gives me a hint. 557 00:27:04,200 --> 00:27:07,000 Speaker 2: Yeah, can bus, which then I'm just like, now I 558 00:27:07,080 --> 00:27:07,800 Speaker 2: sound crazy. 559 00:27:07,920 --> 00:27:11,280 Speaker 3: Can bus, the bus, cannabus, canna bus. 560 00:27:12,119 --> 00:27:15,879 Speaker 2: By twenty fifteen automakers, they're just like putting more and 561 00:27:15,960 --> 00:27:19,679 Speaker 2: more stuff with internet connectivity and like what they call 562 00:27:19,800 --> 00:27:23,800 Speaker 2: infotainment systems. Oh yes, into the car. Yeah, they want 563 00:27:23,840 --> 00:27:27,159 Speaker 2: to improve the user convenience, but then it also just 564 00:27:27,240 --> 00:27:28,520 Speaker 2: opens it up to attack. 565 00:27:28,640 --> 00:27:30,280 Speaker 3: Plenty of exploits, so many. 566 00:27:30,080 --> 00:27:32,960 Speaker 2: Weak spots for the hackers and all the hackens. 567 00:27:33,160 --> 00:27:35,400 Speaker 3: It's like a smog was just Swiss cheese belly. It's 568 00:27:35,400 --> 00:27:38,600 Speaker 3: just all these spots. You just one spot. Now he's 569 00:27:38,600 --> 00:27:39,240 Speaker 3: got tough. 570 00:27:39,320 --> 00:27:43,840 Speaker 2: All the Pokey's Fiat Chrysler Automobiles, it was one of 571 00:27:44,000 --> 00:27:48,560 Speaker 2: a bunch of manufacturers integrating you Connect, which was a 572 00:27:48,640 --> 00:27:54,359 Speaker 2: proprietary infotainment system into the cars. It had like navigation, 573 00:27:54,640 --> 00:27:58,960 Speaker 2: a Wi Fi hotspot, remote start, voice command capabilities. I 574 00:27:58,960 --> 00:28:00,480 Speaker 2: think that's basically what I got down. 575 00:28:00,720 --> 00:28:01,359 Speaker 3: That's what sounds like. 576 00:28:02,760 --> 00:28:07,160 Speaker 2: Some models also had Sprint cellular connectivity that would allow 577 00:28:07,280 --> 00:28:09,200 Speaker 2: remote access and updates. 578 00:28:08,960 --> 00:28:12,240 Speaker 3: So you like play from your phone whatever your yeah 579 00:28:12,440 --> 00:28:13,560 Speaker 3: to actually connected with the OX. 580 00:28:14,400 --> 00:28:18,520 Speaker 2: Yeah. Super futuristic and great, but also making the car 581 00:28:19,040 --> 00:28:22,720 Speaker 2: super vulnerable. It's not properly secured totally. So Miller and 582 00:28:22,840 --> 00:28:24,840 Speaker 2: vallisec right. Yeah. 583 00:28:25,240 --> 00:28:27,840 Speaker 3: I had a quick question, do they make essentially like 584 00:28:27,880 --> 00:28:30,840 Speaker 3: a Faraday skin for a car? They got into that level. 585 00:28:30,920 --> 00:28:33,440 Speaker 2: That's a really good idea. Guy's got a lead line carduse, 586 00:28:33,520 --> 00:28:35,320 Speaker 2: you know, like when they do the ad wraps on 587 00:28:35,359 --> 00:28:38,320 Speaker 2: the car. But it's just like with like a with 588 00:28:38,400 --> 00:28:40,800 Speaker 2: a guy making a mean face, like don't you dare 589 00:28:41,160 --> 00:28:43,240 Speaker 2: waving his face, buddy. 590 00:28:43,560 --> 00:28:45,680 Speaker 3: The graph the crime dog on the hood of your car. 591 00:28:47,440 --> 00:28:50,480 Speaker 2: So our guys. They made it their goal to find 592 00:28:50,520 --> 00:28:54,840 Speaker 2: a remote attack vector that wouldn't require physical access to 593 00:28:54,920 --> 00:28:57,280 Speaker 2: the vehicle like they need to before. So over the 594 00:28:57,280 --> 00:29:00,080 Speaker 2: course of twenty fourteen and twenty fifteen, they set the 595 00:29:00,240 --> 00:29:05,280 Speaker 2: sites on Fiat Chrysler's U Connect system, particularly the twenty 596 00:29:05,360 --> 00:29:09,520 Speaker 2: fourteen Jeep Cherokee. So they figured, like, okay, we can 597 00:29:09,560 --> 00:29:13,560 Speaker 2: get into you connect through that Sprint cellular connection. So 598 00:29:13,600 --> 00:29:17,880 Speaker 2: they reverse engineered the firmware, discovered open ports on the 599 00:29:17,960 --> 00:29:22,000 Speaker 2: vehicle's Internet facing IP address, and found a way to 600 00:29:22,160 --> 00:29:27,440 Speaker 2: rewrite firmware on the infotainment chip like sarahen, I sound 601 00:29:27,480 --> 00:29:28,760 Speaker 2: like I work for geek Squad. 602 00:29:28,880 --> 00:29:30,840 Speaker 3: I know you're over here. I'm like, can you fix 603 00:29:30,880 --> 00:29:31,360 Speaker 3: my laptop? 604 00:29:31,560 --> 00:29:36,360 Speaker 2: Right? And like totally, I just step on it. Are done. 605 00:29:36,720 --> 00:29:40,720 Speaker 2: Using a showdowan, which is a search engine for Internet 606 00:29:40,760 --> 00:29:47,120 Speaker 2: connected devices, Sure whatever, buddy, they identified thousands of vehicles 607 00:29:47,200 --> 00:29:50,520 Speaker 2: that could be exposed through their cellular modems and they 608 00:29:50,560 --> 00:29:53,720 Speaker 2: found this chain of exploits they I mean, they could 609 00:29:53,720 --> 00:29:57,560 Speaker 2: get into all these crazy things critical vehicle systems, and 610 00:29:57,600 --> 00:30:00,080 Speaker 2: they were eventually able to bridge the gap between the 611 00:30:00,120 --> 00:30:02,560 Speaker 2: infotainment system and the. 612 00:30:02,560 --> 00:30:04,000 Speaker 3: Can bus boom. 613 00:30:04,000 --> 00:30:09,120 Speaker 2: They got in, like I want in on that can. 614 00:30:09,440 --> 00:30:11,760 Speaker 2: This means that once they were inside, they can send 615 00:30:11,800 --> 00:30:15,360 Speaker 2: commands to like key vehicle functions like the gas, pedal, 616 00:30:15,440 --> 00:30:19,200 Speaker 2: air conditioning, and radio. They could put fake images on 617 00:30:19,240 --> 00:30:23,120 Speaker 2: a dashboard. They can control the windshield wipers, they could disable. 618 00:30:22,720 --> 00:30:26,440 Speaker 3: The brakes, disable the brakes. 619 00:30:25,440 --> 00:30:29,080 Speaker 2: The steering, misnipulate steering. And they set out to do 620 00:30:29,320 --> 00:30:33,160 Speaker 2: a very dangerous and most likely illegal demonstration of this. 621 00:30:33,360 --> 00:30:34,800 Speaker 3: Yeah, I would imagine. 622 00:30:34,440 --> 00:30:43,320 Speaker 2: Zerin close your eyes. I want you to picture it. 623 00:30:43,320 --> 00:30:46,360 Speaker 2: It's July of twenty fifteen. You are sitting in a 624 00:30:46,440 --> 00:30:50,840 Speaker 2: twenty fourteen jeep Cherokee driving down the highway in Saint Louis. 625 00:30:51,400 --> 00:30:51,680 Speaker 5: There. 626 00:30:51,760 --> 00:30:55,120 Speaker 2: You are cruising along. It's seventy miles an hour. Then 627 00:30:55,160 --> 00:30:58,440 Speaker 2: suddenly the air conditioner roars to life, blasting the car 628 00:30:58,560 --> 00:31:02,680 Speaker 2: with arctic air. Haven't touched a thing. Immediately after that, 629 00:31:02,720 --> 00:31:05,840 Speaker 2: the radio comes on. What had been a silent ride 630 00:31:05,960 --> 00:31:08,760 Speaker 2: is now one with booming hip hop at top volume. 631 00:31:09,160 --> 00:31:12,280 Speaker 2: The speakers in the back rumble. You turn the volume 632 00:31:12,360 --> 00:31:15,280 Speaker 2: knob to silence the stereo system, but nothing happens. The 633 00:31:15,280 --> 00:31:20,000 Speaker 2: song is still blaring the knob. She needs nothing. Suddenly, 634 00:31:20,080 --> 00:31:22,800 Speaker 2: the windshield wipers come on. You didn't touch those either. 635 00:31:23,200 --> 00:31:24,760 Speaker 2: Wiper fluid sprays. 636 00:31:24,400 --> 00:31:26,880 Speaker 5: The windshield while you speed down the highway. You can't 637 00:31:26,880 --> 00:31:27,800 Speaker 5: get them to stop. 638 00:31:28,480 --> 00:31:31,320 Speaker 2: Just then, an image appears on the car's digital display. 639 00:31:31,680 --> 00:31:35,320 Speaker 2: It's a photo of two guys in matching tracksuits. You 640 00:31:35,360 --> 00:31:37,680 Speaker 2: take a deep breath and try to stay calm. The 641 00:31:37,800 --> 00:31:41,880 Speaker 2: radio cuts out. That's relief, but then so does the accelerator. 642 00:31:42,160 --> 00:31:45,080 Speaker 2: The transmission is dead. You pump on the gas pedal, 643 00:31:45,160 --> 00:31:49,520 Speaker 2: but nothing. The jeep quickly loses speed, moving slower and slower. 644 00:31:50,080 --> 00:31:52,640 Speaker 2: You'd pull over onto the shoulder, but you can't because 645 00:31:52,640 --> 00:31:55,400 Speaker 2: you just got to an overpass. There's no shoulder, and 646 00:31:55,440 --> 00:31:58,720 Speaker 2: you're starting to go uphill. The cars behind you slam 647 00:31:58,760 --> 00:32:00,640 Speaker 2: on their brakes and lean on the lawrence is a 648 00:32:00,680 --> 00:32:03,080 Speaker 2: swerve around you. You look in the rear view mirror 649 00:32:03,120 --> 00:32:06,440 Speaker 2: and you see a semi truck approaching. The radio comes. 650 00:32:06,200 --> 00:32:07,760 Speaker 5: Alive again with more hip hop. 651 00:32:08,000 --> 00:32:09,880 Speaker 2: Please please please let me survive this. 652 00:32:10,000 --> 00:32:12,360 Speaker 5: You think you fubble for your phone and you make 653 00:32:12,400 --> 00:32:12,760 Speaker 5: a call. 654 00:32:13,160 --> 00:32:15,560 Speaker 2: You aren't calling the highway patrol or the cops, or 655 00:32:15,560 --> 00:32:19,240 Speaker 2: state troopers or even Triple A. You are calling Charlie 656 00:32:19,280 --> 00:32:24,840 Speaker 2: Miller and Chris Vallasek. See you are Andy Greenberg, award 657 00:32:24,840 --> 00:32:28,640 Speaker 2: winning journalist and writer for Wired magazine, and you've agreed 658 00:32:28,680 --> 00:32:31,080 Speaker 2: to be their guinea pigs. They set out to prove 659 00:32:31,240 --> 00:32:34,000 Speaker 2: just how easy it is to do bad with cars 660 00:32:34,080 --> 00:32:37,080 Speaker 2: in this current system. You beg them to stop, to 661 00:32:37,160 --> 00:32:39,600 Speaker 2: give you back control of the car. You manage to 662 00:32:39,680 --> 00:32:41,840 Speaker 2: roll the jeep to an exit ramp, turn the car 663 00:32:41,840 --> 00:32:44,560 Speaker 2: off and then on again, basically rebooting it, and then 664 00:32:44,600 --> 00:32:47,760 Speaker 2: you get to an empty lot where your experiment can continue. 665 00:32:48,440 --> 00:32:50,280 Speaker 3: Now, why did they get on the road. Why didn't 666 00:32:50,320 --> 00:32:52,080 Speaker 3: he to go to like a Walmart parking lot to 667 00:32:52,200 --> 00:32:52,520 Speaker 3: do this? 668 00:32:53,760 --> 00:32:59,600 Speaker 2: No, I got so nervous, and they told him before 669 00:32:59,600 --> 00:33:03,320 Speaker 2: he got the like, don't whatever happens, don't panic. Now 670 00:33:03,320 --> 00:33:06,240 Speaker 2: here's the thing, So Greenberg he gets the jeep to 671 00:33:06,320 --> 00:33:09,600 Speaker 2: safety and they all continue their work. The guys were 672 00:33:09,600 --> 00:33:12,800 Speaker 2: at Miller's house ten miles away, so they don't have 673 00:33:12,880 --> 00:33:16,920 Speaker 2: eyes on him. From Greenberg's Wired article quote Miller and 674 00:33:17,040 --> 00:33:21,320 Speaker 2: Vallisex full arsenal includes functions that at lower speeds fully 675 00:33:21,400 --> 00:33:25,480 Speaker 2: kill the engine, abruptly engage the brakes, or disable them altogether. 676 00:33:25,960 --> 00:33:29,080 Speaker 2: The most disturbing maneuver came when they cut the jeep's brakes, 677 00:33:29,400 --> 00:33:32,440 Speaker 2: leaving me frantically pumping the pedal as the two ton 678 00:33:32,600 --> 00:33:36,880 Speaker 2: suv slid uncontrollably into a ditch. The researchers say they're 679 00:33:36,920 --> 00:33:39,920 Speaker 2: working on perfecting their steering control. For now, they can 680 00:33:39,960 --> 00:33:42,280 Speaker 2: only hijack the wheel when the jeep is in reverse. 681 00:33:42,720 --> 00:33:46,240 Speaker 2: Their hack enables surveillance too. They can track a targeted 682 00:33:46,280 --> 00:33:50,000 Speaker 2: jeep's GPS coordinates, measure its speed, and even drop pins 683 00:33:50,040 --> 00:33:53,840 Speaker 2: on a map to trace its route. Unbelievable, So, of course, 684 00:33:53,880 --> 00:33:57,000 Speaker 2: the whole thing was done with Greenberg's consent, sure as 685 00:33:57,040 --> 00:33:59,480 Speaker 2: a way to publicize the danger of you connect and 686 00:33:59,520 --> 00:34:02,400 Speaker 2: get the Endo street to respond, let's take a break. 687 00:34:02,520 --> 00:34:05,840 Speaker 2: When we get back from this ad venture, I'll tell 688 00:34:05,920 --> 00:34:07,600 Speaker 2: you just how they responded. 689 00:34:27,920 --> 00:34:29,960 Speaker 3: Zarin, Oh, Elizabeth, we're back. 690 00:34:30,000 --> 00:34:31,960 Speaker 2: We're back in the twenty fourteen cheap. 691 00:34:31,800 --> 00:34:32,799 Speaker 3: I had to shake that one off. 692 00:34:32,880 --> 00:34:35,000 Speaker 2: I know that was a nightmare, as a total daymare. 693 00:34:35,520 --> 00:34:36,799 Speaker 3: I thought it was bad and if someone took over 694 00:34:36,840 --> 00:34:39,000 Speaker 3: my computer but being in the car they're taking over 695 00:34:39,040 --> 00:34:40,360 Speaker 3: and then like I gotta trust them. Oh yeah, I 696 00:34:40,360 --> 00:34:41,600 Speaker 3: don't worry. I'll art it all back. 697 00:34:42,080 --> 00:34:44,560 Speaker 2: Very maximum overdrive. And I don't like it one bit. 698 00:34:44,760 --> 00:34:46,640 Speaker 3: And there's not enough of Meia the West of US 699 00:34:46,640 --> 00:34:47,680 Speaker 3: in that for me I feel safe. 700 00:34:47,960 --> 00:34:51,160 Speaker 2: Yeah, there needs a whole lot more so. After that 701 00:34:51,239 --> 00:34:56,279 Speaker 2: Wired article, Fiat Chrysler, they took swift action. July twenty fourth, 702 00:34:56,360 --> 00:35:00,359 Speaker 2: twenty fifteen, they issued a voluntary safety recall for one 703 00:35:00,440 --> 00:35:04,279 Speaker 2: point four million vehicles in the US in order to 704 00:35:04,320 --> 00:35:08,319 Speaker 2: fix those software vulnerabilities. And so that was models from 705 00:35:08,320 --> 00:35:11,200 Speaker 2: twenty thirteen to twenty fifteen that had eight point four 706 00:35:11,280 --> 00:35:16,200 Speaker 2: inch touchscreen. So twenty fourteen, twenty fifteen Jeep, Cherokee, twenty 707 00:35:16,239 --> 00:35:19,000 Speaker 2: fifteen Dodge Challenger, which like, I don't want one of 708 00:35:19,040 --> 00:35:22,440 Speaker 2: those self possessed rubbing down the road, twenty fifteen, Chrysler 709 00:35:22,440 --> 00:35:25,880 Speaker 2: two hundred and others. Chrysler dodged Jeep and Ram lines. 710 00:35:27,120 --> 00:35:30,719 Speaker 2: Fiat Chrysler sent out a USB drive by mail to 711 00:35:30,800 --> 00:35:35,640 Speaker 2: affected owners with the patch like diy, I guess steal 712 00:35:35,640 --> 00:35:39,279 Speaker 2: a Kia drive that around instead the owners They could 713 00:35:39,280 --> 00:35:42,400 Speaker 2: also go to a dealership for installation if they weren't hackers, 714 00:35:42,960 --> 00:35:48,320 Speaker 2: you know. In addition, Sprint closed the open cellular ports 715 00:35:48,400 --> 00:35:50,960 Speaker 2: that the hackers had used, which like, why didn't you 716 00:35:51,000 --> 00:35:52,160 Speaker 2: do that originally? 717 00:35:52,200 --> 00:35:53,640 Speaker 3: Yeah? Did they cost a penny to do? 718 00:35:53,840 --> 00:35:57,080 Speaker 2: Now, the National Highway Traffic Safety Administration they opened an 719 00:35:57,080 --> 00:36:01,000 Speaker 2: investigation and then they find Fiat Chrysler one hundred and 720 00:36:01,040 --> 00:36:02,240 Speaker 2: five million dollars. 721 00:36:02,560 --> 00:36:06,400 Speaker 3: Why did they find them for just being. 722 00:36:05,880 --> 00:36:09,520 Speaker 2: A production They're flying too close to the sun, Like 723 00:36:09,600 --> 00:36:12,959 Speaker 2: you thought you were so special, arrogance. Well, it wasn't 724 00:36:13,000 --> 00:36:14,960 Speaker 2: just for the Jeep vulnerability, but there were like a 725 00:36:15,000 --> 00:36:17,640 Speaker 2: series of recalls that were kind of mishandled leading up 726 00:36:17,680 --> 00:36:21,120 Speaker 2: to me. So like, you guys are bungling everything one 727 00:36:21,200 --> 00:36:26,520 Speaker 2: hundred and five million, but the Jeep incident was like yeah, yeah, 728 00:36:26,560 --> 00:36:30,880 Speaker 2: so the hack that had lasting implications far beyond Fiat Chrysler. 729 00:36:32,080 --> 00:36:36,239 Speaker 2: Senators Edward Markey of Massachusetts and Richard Blumenthal of Connecticut 730 00:36:36,640 --> 00:36:40,080 Speaker 2: they introduced the Security and Privacy in Your Car Act, 731 00:36:40,600 --> 00:36:41,800 Speaker 2: the Spy. 732 00:36:41,440 --> 00:36:44,040 Speaker 3: Car Act right. 733 00:36:44,400 --> 00:36:49,600 Speaker 2: The bill would require cybersecurity standards for vehicles, isolation of 734 00:36:49,680 --> 00:36:54,359 Speaker 2: critical software systems, real time hacking detection systems, and then 735 00:36:54,400 --> 00:36:57,920 Speaker 2: transparency on how car companies collect and share driver data. 736 00:36:58,200 --> 00:36:58,959 Speaker 2: It's a great bill. 737 00:36:59,360 --> 00:37:01,960 Speaker 3: Sounds like didn't pass, Oh my goodness. 738 00:37:01,560 --> 00:37:04,440 Speaker 2: Of course, not my feeling. I'm thinking the sticking point 739 00:37:04,520 --> 00:37:07,319 Speaker 2: was the transparency on how car companies collect and share 740 00:37:07,360 --> 00:37:11,000 Speaker 2: driver data, probably because that's like, you know, that's a 741 00:37:11,080 --> 00:37:11,839 Speaker 2: commodity and. 742 00:37:11,760 --> 00:37:14,400 Speaker 3: They generally avoid that for either that's our data. 743 00:37:14,239 --> 00:37:17,680 Speaker 2: Yeah, the customer like spending and travel, and then also 744 00:37:17,960 --> 00:37:20,200 Speaker 2: like how you connect to like insurance companies. 745 00:37:20,600 --> 00:37:23,640 Speaker 3: Yeah, that they didn't want like a trade secrets, like 746 00:37:23,760 --> 00:37:24,440 Speaker 3: we're selling everything. 747 00:37:24,880 --> 00:37:27,239 Speaker 2: Was just like this driver like yeah, they speed all 748 00:37:27,280 --> 00:37:30,520 Speaker 2: the time, increase their rates. Oh, they wouldn't know otherwise. 749 00:37:30,560 --> 00:37:31,560 Speaker 2: I don't know, that's my guess. 750 00:37:31,600 --> 00:37:33,120 Speaker 3: I was thinking that they were already doing that. They're 751 00:37:33,200 --> 00:37:34,920 Speaker 3: killing the insurance company for a price. 752 00:37:34,960 --> 00:37:37,160 Speaker 2: They already do. But I'm just saying like that was 753 00:37:37,280 --> 00:37:39,480 Speaker 2: that's I think that, like this is something that car 754 00:37:39,520 --> 00:37:41,800 Speaker 2: companies would kill because it's going to cost him money 755 00:37:42,800 --> 00:37:45,080 Speaker 2: beyond just like changing the tech. 756 00:37:45,080 --> 00:37:48,200 Speaker 3: It's something valuable to them. Yeah, data that is. 757 00:37:48,680 --> 00:37:49,640 Speaker 2: That's just me guessing. 758 00:37:49,920 --> 00:37:52,320 Speaker 3: I'm speculating to the BUIL didn't. 759 00:37:52,080 --> 00:37:55,680 Speaker 2: Pass, but it like spurred all these discussions about automotive 760 00:37:55,680 --> 00:38:00,960 Speaker 2: cybersecurity standards. In twenty sixteen, the Automotive Information Sharing an 761 00:38:01,000 --> 00:38:07,160 Speaker 2: Analysis Center, they released their best practices for cybersecurity, and 762 00:38:07,560 --> 00:38:10,480 Speaker 2: you know, most of the major manufacturers of automobiles they 763 00:38:10,600 --> 00:38:14,600 Speaker 2: picked that up. The gpack made it super clear infotainment 764 00:38:14,680 --> 00:38:18,560 Speaker 2: systems have to be segregated out from like the critical 765 00:38:18,640 --> 00:38:21,479 Speaker 2: vehicle control stuff. You can't have it all just riding 766 00:38:21,680 --> 00:38:26,399 Speaker 2: us together, exactly, And so Miller and Vallisek they later 767 00:38:26,440 --> 00:38:29,600 Speaker 2: got hired by Uber's Advanced Technology Center to work on 768 00:38:29,640 --> 00:38:32,919 Speaker 2: their self driving car security, and then they both worked 769 00:38:32,920 --> 00:38:37,160 Speaker 2: as principal autonomous vehicle security architects at Cruse Automation, which 770 00:38:37,200 --> 00:38:43,280 Speaker 2: was GM's self driving cars. The latest and more visible 771 00:38:43,360 --> 00:38:45,880 Speaker 2: victim of hackings is, of course Tesla. 772 00:38:49,400 --> 00:38:49,560 Speaker 4: Yeah. 773 00:38:49,640 --> 00:38:53,160 Speaker 2: Well, I should note that Tesla has a bug bounty program. 774 00:38:53,440 --> 00:38:55,839 Speaker 2: So if you can hack them and then show them how, 775 00:38:56,320 --> 00:38:59,880 Speaker 2: they'll give you cars or money or something. Of the 776 00:39:00,040 --> 00:39:02,600 Speaker 2: cyber trucks. It doesn't they can't sell you know, here 777 00:39:02,680 --> 00:39:04,600 Speaker 2: have one, you have five? Yeah, and I'm just like, 778 00:39:04,640 --> 00:39:06,440 Speaker 2: I hacked you guys. They're like, you no need to 779 00:39:06,440 --> 00:39:12,960 Speaker 2: have proof. Take a cyber's your problem now. Some of 780 00:39:13,000 --> 00:39:15,880 Speaker 2: that bacon from the diner. The whole thing, though, the 781 00:39:15,920 --> 00:39:18,920 Speaker 2: Tesla is like one big computer and the cars are 782 00:39:18,920 --> 00:39:22,000 Speaker 2: all about like connectivity and such and like you know, 783 00:39:22,800 --> 00:39:25,640 Speaker 2: things like watching YouTube while you pretend to drive while 784 00:39:25,680 --> 00:39:28,040 Speaker 2: autopilot's on and you're facetiming your buddy. 785 00:39:28,160 --> 00:39:29,720 Speaker 3: Sure important thing, yeah exactly. 786 00:39:30,080 --> 00:39:33,800 Speaker 2: In twenty sixteen, researchers from Keen Security Lab they found 787 00:39:34,120 --> 00:39:38,080 Speaker 2: multiple vulnerabilities in the Tesla model S that allowed remote 788 00:39:38,080 --> 00:39:41,000 Speaker 2: control of the car from up to twelve miles away 789 00:39:41,920 --> 00:39:45,520 Speaker 2: via the Wi Fi or cellular connection. So that's okay, 790 00:39:45,640 --> 00:39:49,200 Speaker 2: one year after this jeep thing, you know, someone's on 791 00:39:49,239 --> 00:39:53,640 Speaker 2: like an Atari sixty four driving your Tesla around. So 792 00:39:53,680 --> 00:39:57,359 Speaker 2: they found vulnerabilities in the infotainment system once again that 793 00:39:57,600 --> 00:40:03,120 Speaker 2: darned can bus access to the browser autopilot braking functions, 794 00:40:03,440 --> 00:40:05,520 Speaker 2: so they were able to like open the sun roof, 795 00:40:05,960 --> 00:40:10,360 Speaker 2: move the seats, control side mirrors, turn on the turn signal, 796 00:40:10,560 --> 00:40:12,719 Speaker 2: and then like slam on the brakes remotely while the 797 00:40:12,760 --> 00:40:13,120 Speaker 2: car was. 798 00:40:13,040 --> 00:40:16,560 Speaker 3: In so still operating like the car itself, not just the. 799 00:40:16,520 --> 00:40:19,160 Speaker 2: Features, yeah, but then like oh and the break ps 800 00:40:19,280 --> 00:40:22,760 Speaker 2: the brakes. Tesla saw this and then pushed an over 801 00:40:22,800 --> 00:40:26,960 Speaker 2: the air software update within ten days of the disclosure, 802 00:40:27,400 --> 00:40:30,200 Speaker 2: and then they also improved isolation between the systems like 803 00:40:30,239 --> 00:40:33,280 Speaker 2: we you know, infotatement and critical components. 804 00:40:32,880 --> 00:40:34,320 Speaker 3: Separated firewall that stuff. 805 00:40:34,400 --> 00:40:38,120 Speaker 2: Yes, talk, I love that, that's firewall. 806 00:40:38,400 --> 00:40:39,200 Speaker 3: That's good, thank you. 807 00:40:39,400 --> 00:40:43,440 Speaker 2: I just learned that one myself. In twenty twenty, fluoro 808 00:40:43,480 --> 00:40:44,520 Speaker 2: Acetate struck. 809 00:40:45,640 --> 00:40:46,200 Speaker 3: That's a hacker. 810 00:40:46,280 --> 00:40:50,080 Speaker 2: It's a well known security research team. So they share 811 00:40:50,160 --> 00:40:55,000 Speaker 2: a call sign Richard Zoo and amacamma. They were at 812 00:40:55,200 --> 00:40:59,279 Speaker 2: pone to own once again Vancouver hacking. Remember, yeah, the 813 00:40:59,280 --> 00:41:02,200 Speaker 2: super Bowl hack exactly, And that's where they exploited a 814 00:41:02,280 --> 00:41:07,000 Speaker 2: vulnerability in the Tesla Model threes infotainment system using a 815 00:41:07,480 --> 00:41:14,280 Speaker 2: JavaScript jit just in time jure in the WebKit engine. 816 00:41:14,280 --> 00:41:18,439 Speaker 2: We're back with webkits. The exploit allowed them to gain 817 00:41:18,520 --> 00:41:21,759 Speaker 2: control of the system when the driver visited a specially 818 00:41:21,840 --> 00:41:25,880 Speaker 2: crafted web page, so like if you're browsing around, you 819 00:41:25,960 --> 00:41:28,160 Speaker 2: have to put the web page into the giant screen 820 00:41:28,200 --> 00:41:31,600 Speaker 2: inside the car. And it gave them access to display messages. 821 00:41:32,080 --> 00:41:35,120 Speaker 2: They could control infotainment features like I'm going to put 822 00:41:35,160 --> 00:41:40,960 Speaker 2: on a different channel, interact with subsystems connected via the can, 823 00:41:41,120 --> 00:41:44,600 Speaker 2: but they couldn't directly control the driving, so. 824 00:41:44,560 --> 00:41:46,759 Speaker 3: They can make you watch criminal minds against your will. 825 00:41:47,760 --> 00:41:50,480 Speaker 2: Hundred percent, and so that was like purely infotainment. They 826 00:41:50,520 --> 00:41:54,160 Speaker 2: couldn't direct the actual car. But this was part of 827 00:41:54,200 --> 00:41:56,640 Speaker 2: a challenge at the competition, not a rogue mission to 828 00:41:56,680 --> 00:42:00,880 Speaker 2: embarrass Tesla. So Tesla awarded the hackers a Tesla Model 829 00:42:00,920 --> 00:42:03,320 Speaker 2: three and forty thousand dollars in prize money. 830 00:42:03,360 --> 00:42:05,200 Speaker 3: So it was like a sponsored hackophone. 831 00:42:04,960 --> 00:42:07,200 Speaker 2: Sponsored hackaphone. And then they patched that. 832 00:42:07,200 --> 00:42:09,080 Speaker 3: Vulnerability quickly they should. 833 00:42:08,880 --> 00:42:10,920 Speaker 2: You know, be via a software update. 834 00:42:11,000 --> 00:42:13,160 Speaker 3: So this is like their version of beta testing, is like, hey, 835 00:42:13,160 --> 00:42:14,759 Speaker 3: we're going to put the car out, then you find 836 00:42:14,800 --> 00:42:16,680 Speaker 3: the flaws and we'll fix those exactly. 837 00:42:17,120 --> 00:42:19,880 Speaker 2: Yeah, it's sort of like self check out. Suddenly I 838 00:42:20,000 --> 00:42:23,480 Speaker 2: work for the supermarket. Yeah, suddenly you work for Tesla. 839 00:42:24,080 --> 00:42:26,000 Speaker 2: So like, hold on, do you have Bluetooth in your 840 00:42:26,000 --> 00:42:27,520 Speaker 2: carp Yeah? See I do. 841 00:42:27,760 --> 00:42:30,320 Speaker 3: Yeah, I wasn't kidding about I buy older cars. 842 00:42:30,400 --> 00:42:33,840 Speaker 2: One time I let someone, someone who's a co host 843 00:42:33,960 --> 00:42:37,920 Speaker 2: of a murder free true crime podcast, connect his bluetooth 844 00:42:37,920 --> 00:42:42,600 Speaker 2: in my car. Yes, and now I know this fellow connected. 845 00:42:42,680 --> 00:42:45,440 Speaker 2: If I'm near you and your phone, you connect to 846 00:42:45,480 --> 00:42:47,799 Speaker 2: my car. So like you'll be in the parking lot 847 00:42:47,840 --> 00:42:51,080 Speaker 2: at headquarters on a phone call. I'm parked near you. 848 00:42:51,200 --> 00:42:53,640 Speaker 2: I go to start my car and suddenly your call 849 00:42:53,840 --> 00:42:54,240 Speaker 2: is in. 850 00:42:54,120 --> 00:42:55,960 Speaker 3: My bluetoth You're talking to my mother. 851 00:42:55,920 --> 00:42:59,560 Speaker 2: And I've got someone saying hello, Hello, or I'm suddenly 852 00:42:59,560 --> 00:43:02,759 Speaker 2: listening to the serious XM Radio Classics episode that you've 853 00:43:02,760 --> 00:43:04,120 Speaker 2: got playing on the radio Classic. 854 00:43:04,160 --> 00:43:06,560 Speaker 3: Oh yeah, you like Jack Benny. I hope you do. 855 00:43:06,239 --> 00:43:09,640 Speaker 2: What I'm saying is that I think my car likes 856 00:43:09,640 --> 00:43:11,560 Speaker 2: you better, which doesn't seem fair. 857 00:43:11,680 --> 00:43:14,239 Speaker 3: So your your phone doesn't connect to the bluetooth, it. 858 00:43:14,200 --> 00:43:18,440 Speaker 2: Gets kicked off by yours. Like you've basically hacked me. 859 00:43:19,080 --> 00:43:23,000 Speaker 2: You're a hacker, now hack Yeah, anyway, This dude, Leonard 860 00:43:23,040 --> 00:43:28,040 Speaker 2: Wooters is a security research at ku Leuvin University in Belgium. 861 00:43:28,280 --> 00:43:33,359 Speaker 2: June twenty twenty two, he exploited vulnerabilities in Tesla's Bluetooth 862 00:43:33,960 --> 00:43:37,880 Speaker 2: low energy keyless entry system. So we've gone through all 863 00:43:37,920 --> 00:43:40,480 Speaker 2: these other ways in now we got Bluetooth. So he 864 00:43:40,520 --> 00:43:43,160 Speaker 2: had like what's called a relay attack. He could unlock 865 00:43:43,239 --> 00:43:46,200 Speaker 2: and start a Tesla both model three and Model y 866 00:43:46,960 --> 00:43:49,880 Speaker 2: by relaying signals from the owner's phone or key card. 867 00:43:50,440 --> 00:43:53,120 Speaker 2: And he could do this even if it was inside 868 00:43:53,120 --> 00:43:56,000 Speaker 2: a nearby building. Obviously not in a fair date box. 869 00:43:57,239 --> 00:44:01,880 Speaker 2: So the bl systems there intercepted using cheap off the 870 00:44:01,880 --> 00:44:05,080 Speaker 2: shelf hard where like the Oakland car thieves use. And 871 00:44:05,320 --> 00:44:07,440 Speaker 2: it's basically the same thing. You get there, you pick 872 00:44:07,520 --> 00:44:10,080 Speaker 2: up the signal, you clone it. So he's unlocking doors, 873 00:44:10,080 --> 00:44:13,520 Speaker 2: you start in the car driving away. Tesla, though, didn't 874 00:44:13,560 --> 00:44:17,800 Speaker 2: consider it a flaw in its system, because the ble 875 00:44:18,040 --> 00:44:21,360 Speaker 2: relay attacks are a known risk with passive entry systems. 876 00:44:21,400 --> 00:44:25,440 Speaker 2: They're like, it's not just us all through the Oakland Hills. 877 00:44:26,400 --> 00:44:29,200 Speaker 2: So he was like, this guy, this hacker recommended that 878 00:44:29,200 --> 00:44:32,360 Speaker 2: people turn off passive entry or use in a Tesla 879 00:44:32,520 --> 00:44:36,440 Speaker 2: pin to drive like a personal identification number, requiring a 880 00:44:36,480 --> 00:44:37,480 Speaker 2: code to be able to drive. 881 00:44:37,600 --> 00:44:39,799 Speaker 3: I need like two factor authentication to get into my car. 882 00:44:40,000 --> 00:44:43,760 Speaker 2: Is such a hassle to get in the car. Nobody 883 00:44:43,800 --> 00:44:46,319 Speaker 2: listened to this guy. Everyone's like, whatever, I. 884 00:44:46,320 --> 00:44:48,360 Speaker 3: Will leave websites if I have to get on my iPad. 885 00:44:48,400 --> 00:44:50,279 Speaker 3: I'm like, Daily Beast, why are you making me go 886 00:44:50,320 --> 00:44:51,000 Speaker 3: to my iPad? 887 00:44:51,040 --> 00:44:53,319 Speaker 2: No, big, nope, how about do. 888 00:44:53,280 --> 00:44:55,680 Speaker 3: I want to read this story to own? They're back 889 00:44:55,760 --> 00:44:56,720 Speaker 3: the super Bowl of hacks. 890 00:44:57,040 --> 00:45:00,480 Speaker 2: They went after Tesla again in twenty twenty five. The 891 00:45:00,880 --> 00:45:07,080 Speaker 2: Sinactive team, that's Thomas Imbert, Vincent Dehores, David Barrard. They 892 00:45:07,120 --> 00:45:13,719 Speaker 2: targeted Tesla's vehicle control system Electronic controller VC secure. It's 893 00:45:13,760 --> 00:45:17,040 Speaker 2: a critical module in the Tesla Model three that's responsible 894 00:45:17,080 --> 00:45:21,680 Speaker 2: for security functions like immobilization, door locking and then handling 895 00:45:21,800 --> 00:45:24,240 Speaker 2: data from the tire pressure monitoring system. 896 00:45:24,360 --> 00:45:29,400 Speaker 3: So they turned the security specialist into the vulnerability. Yes, interesting, And. 897 00:45:29,400 --> 00:45:32,080 Speaker 2: They did that at pone to Own Automotive twenty twenty 898 00:45:32,080 --> 00:45:33,280 Speaker 2: five in Tokyo. 899 00:45:32,920 --> 00:45:33,640 Speaker 3: Twenty twenty five. 900 00:45:34,520 --> 00:45:36,400 Speaker 2: This is recent, this is earlier this year. So just 901 00:45:36,440 --> 00:45:39,000 Speaker 2: like in the other cases, they used Bluetooth, they got 902 00:45:39,040 --> 00:45:40,640 Speaker 2: into the can. 903 00:45:40,360 --> 00:45:41,840 Speaker 3: But got that can bus. 904 00:45:42,160 --> 00:45:45,200 Speaker 2: Get all on the bus. Maybe if they'd had some 905 00:45:45,360 --> 00:45:48,000 Speaker 2: heap exploitation going on, we wouldn't be in this situation. 906 00:45:48,040 --> 00:45:48,920 Speaker 3: Yeah, that's what I'm thinking. 907 00:45:49,719 --> 00:45:52,920 Speaker 2: If you can access the ratchet router with the VPN 908 00:45:53,040 --> 00:45:57,319 Speaker 2: card and so on, case closed. So now there was 909 00:45:57,360 --> 00:46:00,360 Speaker 2: also a time that Tesla itself, not the cars, got ACKed. 910 00:46:00,880 --> 00:46:04,800 Speaker 2: Two former Tesla employees who were unnamed in public filings. 911 00:46:04,800 --> 00:46:08,480 Speaker 2: They leaked over one hundred gigabytes of internal data to 912 00:46:08,560 --> 00:46:11,399 Speaker 2: a German media outlet, and that all came to light 913 00:46:11,400 --> 00:46:13,680 Speaker 2: in August of twenty twenty three, but the breach had 914 00:46:13,719 --> 00:46:14,839 Speaker 2: occurred earlier that year. 915 00:46:14,880 --> 00:46:16,480 Speaker 3: Did they use a car to hack Tesla? 916 00:46:16,640 --> 00:46:18,360 Speaker 2: They hacked Tesla with a Tesla? 917 00:46:18,680 --> 00:46:18,960 Speaker 3: Wow? 918 00:46:19,080 --> 00:46:23,040 Speaker 2: No, I don't know. Anyway, they got into the Tesla servers. 919 00:46:23,680 --> 00:46:30,600 Speaker 2: They leaked autopilot system secrets. Oh, good for them, customer secrets, 920 00:46:31,000 --> 00:46:38,080 Speaker 2: customer personally identifiable information. That's bad, employee records that's not good. 921 00:46:38,520 --> 00:46:41,640 Speaker 2: And then some of the leaked documents allegedly detailed quote 922 00:46:41,680 --> 00:46:46,400 Speaker 2: Tesla crash reports, I'm happier with that internal discussions on 923 00:46:46,520 --> 00:46:51,960 Speaker 2: auto pilot related accident. No, the internal discussions about them. 924 00:46:52,000 --> 00:46:54,120 Speaker 2: So they're like whatever, They could look like a loser anyway, 925 00:46:54,160 --> 00:46:56,319 Speaker 2: you know what I mean, Like I'm guessing. I don't know. 926 00:46:57,200 --> 00:47:00,759 Speaker 2: So Tesla immediately took legal action. They four the ex 927 00:47:00,760 --> 00:47:04,960 Speaker 2: employees to surrender devices and data, and they notified affected 928 00:47:05,000 --> 00:47:07,600 Speaker 2: individuals of the breach. I mean, this isn't like a 929 00:47:07,600 --> 00:47:11,680 Speaker 2: traditional software hack, but it exposed highly sensitive vehicle systems 930 00:47:11,680 --> 00:47:17,440 Speaker 2: and customer data, major insider cybersecurity threat Sounds like it's 931 00:47:17,520 --> 00:47:22,000 Speaker 2: like our cars are now rolling cybersecurity threats, Like we 932 00:47:22,120 --> 00:47:23,880 Speaker 2: basically drive around in big computers. 933 00:47:23,960 --> 00:47:26,680 Speaker 3: Yours are. Yeah, I'm over here in a seventy eight 934 00:47:26,680 --> 00:47:27,480 Speaker 3: catalyg I know. 935 00:47:27,440 --> 00:47:30,240 Speaker 2: It's You're so lucky. It's not just the physical actions 936 00:47:30,280 --> 00:47:32,360 Speaker 2: of the car that's vulnerable. Like we have all this 937 00:47:32,480 --> 00:47:35,440 Speaker 2: personal information. Look at me, I'm getting text messages. 938 00:47:36,160 --> 00:47:37,040 Speaker 3: Text with your car. 939 00:47:37,640 --> 00:47:39,759 Speaker 2: I think that's wild to me. Yeah, I think that's 940 00:47:39,760 --> 00:47:42,800 Speaker 2: where the Democratic Party keeps getting my information to text 941 00:47:42,800 --> 00:47:49,080 Speaker 2: mealy anytime anything happens. So cars they collect GPS, location history, 942 00:47:49,160 --> 00:47:51,880 Speaker 2: call logs, contacts. You know, you can load your contacts 943 00:47:51,880 --> 00:47:54,040 Speaker 2: from your phone into your car, so your car can 944 00:47:54,120 --> 00:47:56,160 Speaker 2: call I guess voice recordings. 945 00:47:56,280 --> 00:47:57,960 Speaker 5: They can log your behavior and give. 946 00:47:57,840 --> 00:47:59,280 Speaker 2: It to insurance companies. 947 00:47:59,480 --> 00:47:59,719 Speaker 3: Wow. 948 00:48:00,320 --> 00:48:02,319 Speaker 2: The biggest thread of this, I think is having your 949 00:48:02,320 --> 00:48:04,680 Speaker 2: information sold to marketers and corporations. 950 00:48:04,719 --> 00:48:05,680 Speaker 3: Sure, that too. 951 00:48:06,400 --> 00:48:08,880 Speaker 2: Ripe for criminal tinkering, of course, but it could go 952 00:48:08,960 --> 00:48:11,960 Speaker 2: beyond street crime because think about it, like nation state 953 00:48:12,000 --> 00:48:14,880 Speaker 2: actors could target infrastructure like fleet vehicles. 954 00:48:15,000 --> 00:48:17,480 Speaker 3: Oh yeah, I're also like the partner of somebody who 955 00:48:17,480 --> 00:48:19,520 Speaker 3: works for the government, and then they can just be 956 00:48:19,600 --> 00:48:21,880 Speaker 3: in the car talking on their phone making safe and 957 00:48:21,920 --> 00:48:23,040 Speaker 3: all of a sudden, other cars. 958 00:48:22,840 --> 00:48:26,200 Speaker 2: Listening to Oh yeah, terrorists could hijack cars for sabotage. 959 00:48:26,680 --> 00:48:28,759 Speaker 2: What I'm trying to say is that we need to 960 00:48:28,800 --> 00:48:31,440 Speaker 2: go back to an agrarian society and all ride bikes. 961 00:48:32,000 --> 00:48:32,480 Speaker 3: I love that. 962 00:48:32,680 --> 00:48:34,560 Speaker 2: Make it stop, everyone on a bike. I don't want 963 00:48:34,560 --> 00:48:36,279 Speaker 2: to do this anymore. That's what I'm trying to say. 964 00:48:37,160 --> 00:48:39,040 Speaker 2: And with that, I'm going to go get into my car, 965 00:48:39,560 --> 00:48:42,640 Speaker 2: listen to satellite radio, call my mom via bluetooth on 966 00:48:42,719 --> 00:48:45,680 Speaker 2: the stereosystem unless you hijacket, and then I'm going to 967 00:48:45,800 --> 00:48:47,840 Speaker 2: use my GPS to go do crimes in the woods. 968 00:48:48,160 --> 00:48:51,520 Speaker 2: So just take the edge off, Zarin. What's your ridiculous takeaway? 969 00:48:52,000 --> 00:48:54,400 Speaker 3: You know, as I've complained about it often exact to 970 00:48:54,440 --> 00:48:57,359 Speaker 3: deal with them. Both of my parents are Luddites, right. 971 00:48:57,480 --> 00:49:00,400 Speaker 3: They neither one has an iPhone or any Android. They 972 00:49:00,440 --> 00:49:02,920 Speaker 3: both have flip phones. They won't do email. My mother 973 00:49:03,040 --> 00:49:06,200 Speaker 3: still has an Aol account, like you know, their total 974 00:49:06,280 --> 00:49:08,759 Speaker 3: bloods with the fact that they have computers is like 975 00:49:08,840 --> 00:49:14,759 Speaker 3: a major step and unfortunately I think they're right well 976 00:49:15,280 --> 00:49:18,800 Speaker 3: kills me right. Yeah, she pays like whatever, fifty dollars 977 00:49:18,840 --> 00:49:21,239 Speaker 3: a month to do like four things or whatever. I'm like, 978 00:49:21,400 --> 00:49:24,160 Speaker 3: what is wrong with you? What is your ridiculous take away? Elizabeth? 979 00:49:24,239 --> 00:49:27,880 Speaker 2: Where did this takeaway? Is that computers bad that I 980 00:49:28,000 --> 00:49:31,600 Speaker 2: need them. We all do, so, Dave, can I please 981 00:49:31,680 --> 00:49:32,439 Speaker 2: have a talk back? 982 00:49:32,719 --> 00:49:35,960 Speaker 3: Oh yeah, oh. 983 00:49:37,960 --> 00:49:42,879 Speaker 4: My god, I love get. 984 00:49:47,080 --> 00:49:50,000 Speaker 6: Hi Elizabeth Saron and producer d This is Ali from 985 00:49:50,040 --> 00:49:53,759 Speaker 6: South Carolina. I have loved the show for years now 986 00:49:53,840 --> 00:49:57,520 Speaker 6: and I just listened to the wig jacking episode and 987 00:49:58,520 --> 00:50:01,600 Speaker 6: then about a day later, happy to come across an 988 00:50:01,680 --> 00:50:04,920 Speaker 6: image of the painting a Sundae on lagrange jat or 989 00:50:04,960 --> 00:50:07,920 Speaker 6: however you pronounce it. Who knows who cares? And as 990 00:50:07,960 --> 00:50:10,920 Speaker 6: I'm sure you know, in the bottom corner of that painting, 991 00:50:11,320 --> 00:50:14,320 Speaker 6: there is a little monkey on a leash and a 992 00:50:14,480 --> 00:50:18,600 Speaker 6: small dog staring out. And all I could think about 993 00:50:18,880 --> 00:50:21,480 Speaker 6: from that little monkey and little dog is that they 994 00:50:21,840 --> 00:50:24,880 Speaker 6: were scoping out the scene looking for their next heist 995 00:50:25,040 --> 00:50:27,120 Speaker 6: because they'd had to move on from. 996 00:50:27,000 --> 00:50:27,759 Speaker 2: Their wig work. 997 00:50:27,880 --> 00:50:31,040 Speaker 6: So maybe they were on hat stealing or just there 998 00:50:31,160 --> 00:50:33,880 Speaker 6: to cause general ruckus. I don't know, but I support 999 00:50:33,920 --> 00:50:37,399 Speaker 6: them either way. Anyways, Love you guys, love your show. 1000 00:50:37,520 --> 00:50:39,880 Speaker 6: Thanks so much for all you do, and see you 1001 00:50:39,920 --> 00:50:40,800 Speaker 6: again next crime. 1002 00:50:42,840 --> 00:50:43,600 Speaker 3: I love that. 1003 00:50:43,800 --> 00:50:46,040 Speaker 2: This is this is what the power of good art 1004 00:50:46,200 --> 00:50:50,160 Speaker 2: right that tells you this story And I love this. 1005 00:50:50,400 --> 00:50:52,680 Speaker 2: I love your your so perceptive picking up all the 1006 00:50:52,719 --> 00:50:58,720 Speaker 2: little bits and bobs and the sool. That's it for today. 1007 00:50:59,239 --> 00:51:01,839 Speaker 2: You can find us online at ridiculous Crime dot com. 1008 00:51:02,160 --> 00:51:02,840 Speaker 5: This just in. 1009 00:51:03,800 --> 00:51:08,040 Speaker 2: The website won the Hollywood Foreign Press Hackproof Award. They 1010 00:51:08,120 --> 00:51:12,239 Speaker 2: have declared our website hackproof. Nice I know, good job team. 1011 00:51:12,760 --> 00:51:16,000 Speaker 2: We're also at Ridiculous Crime on both Blue Sky Instagram. 1012 00:51:16,120 --> 00:51:19,640 Speaker 2: We're on YouTube at Ridiculous Crime Pod. You can email 1013 00:51:19,760 --> 00:51:22,160 Speaker 2: us at ridiculous Crime at gmail dot com, leave a 1014 00:51:22,239 --> 00:51:31,279 Speaker 2: talkback on the iHeart app reach out. Ridiculous Crime is 1015 00:51:31,320 --> 00:51:34,560 Speaker 2: hosted by Elizabeth Dutton and Zaren Burnett, produced and edited 1016 00:51:34,600 --> 00:51:39,640 Speaker 2: by HackMaster Dave Cousten, starring Analys Rutger. This Judith research 1017 00:51:39,760 --> 00:51:43,759 Speaker 2: is by aftermarket Penny Farthing Bluetooth installer Marissa Brown. The 1018 00:51:43,880 --> 00:51:47,040 Speaker 2: theme song is by hacking duo The Bongo Boys aka 1019 00:51:47,280 --> 00:51:50,600 Speaker 2: Thomas Lee and Travis Dutton. Post wardrobe is provided by 1020 00:51:50,680 --> 00:51:54,239 Speaker 2: Botany five hundred guest here and makeup by Sparkleshot and 1021 00:51:54,560 --> 00:51:59,800 Speaker 2: Mister Audrey. Executive producers are Exhausted Tesla Legal Team, Ben Bowen. 1022 00:52:00,080 --> 00:52:11,600 Speaker 4: That's Old Brad, Ridicous Crime, Say it one more Timequeous Crime. 1023 00:52:12,640 --> 00:52:15,960 Speaker 1: Ridiculous Crime is a production of iHeartRadio four more podcasts 1024 00:52:15,960 --> 00:52:19,040 Speaker 1: from my heart Radio. Visit the iHeartRadio app, Apple Podcasts, 1025 00:52:19,160 --> 00:52:20,920 Speaker 1: or wherever you listen to your favorite shows.