1 00:00:04,200 --> 00:00:12,080 Speaker 1: Get Technology with text stuff from Stam. Hey there, and 2 00:00:12,160 --> 00:00:15,280 Speaker 1: welcome to tex Stuff. I'm your host, Jonathan Strickland, and 3 00:00:15,400 --> 00:00:19,520 Speaker 1: today joining me virtually in the studio is a dear 4 00:00:19,600 --> 00:00:25,239 Speaker 1: friend of mine and awesome YouTuber and amazing podcaster, someone 5 00:00:25,360 --> 00:00:31,480 Speaker 1: I genuinely admire and who gives amazing hugs. Shannon Morris. 6 00:00:31,480 --> 00:00:34,040 Speaker 1: Thank you for coming back to the show. Hi. How 7 00:00:34,080 --> 00:00:37,760 Speaker 1: are you, Jonathan? I'm doing great. How are you? I'm awesome? Yeah, 8 00:00:37,800 --> 00:00:39,479 Speaker 1: thank you so much for having me on. This is 9 00:00:39,520 --> 00:00:41,400 Speaker 1: a great show and I love listening to it, so 10 00:00:41,479 --> 00:00:44,320 Speaker 1: I'm super happy to be on. Yeah. Excellent. Now this is, 11 00:00:44,360 --> 00:00:46,519 Speaker 1: of course the second time we've had you on, so 12 00:00:47,240 --> 00:00:50,520 Speaker 1: I will work very hard to to increase that number. 13 00:00:50,520 --> 00:00:52,280 Speaker 1: I want to at least get us up to double digits. 14 00:00:53,880 --> 00:00:57,000 Speaker 1: But I got Shannon on the show specifically to talk 15 00:00:57,040 --> 00:01:00,560 Speaker 1: about an area that she talks about a lot, the 16 00:01:00,600 --> 00:01:03,680 Speaker 1: realm of hacking, and specifically I wanted to do kind 17 00:01:03,680 --> 00:01:06,000 Speaker 1: of an episode about how do hacker? How do you 18 00:01:06,040 --> 00:01:09,039 Speaker 1: make money? How do you make a career out of hacking? 19 00:01:09,160 --> 00:01:11,760 Speaker 1: And uh, and really to frame this conversation, I think 20 00:01:11,800 --> 00:01:13,760 Speaker 1: one of the most important things to do is to 21 00:01:13,880 --> 00:01:16,800 Speaker 1: sort of define your terms and as it turns out, 22 00:01:16,800 --> 00:01:20,679 Speaker 1: the term hacker is actually a very broad term that 23 00:01:20,720 --> 00:01:22,759 Speaker 1: can apply to a lot of different things, and not 24 00:01:22,920 --> 00:01:28,120 Speaker 1: all of them are that nefarious, evil infiltrated system and 25 00:01:28,160 --> 00:01:31,400 Speaker 1: steal all the corporate secrets kind of approach to hacking 26 00:01:31,440 --> 00:01:36,039 Speaker 1: that Hollywood often presents right right exactly. I actually asked 27 00:01:36,040 --> 00:01:37,920 Speaker 1: this question to a lot of people, especially when I 28 00:01:37,959 --> 00:01:41,280 Speaker 1: first meet them. Since I'm so closely affiliated with a 29 00:01:41,319 --> 00:01:44,040 Speaker 1: lot of the info set community, I want to surround 30 00:01:44,080 --> 00:01:49,040 Speaker 1: myself with positive people. So you'll notice with the hacker definition, 31 00:01:49,120 --> 00:01:51,400 Speaker 1: you can either get a very negative vibe from somebody 32 00:01:51,480 --> 00:01:54,520 Speaker 1: or a very positive vibe. Oftentimes, with the negative vibe, 33 00:01:54,560 --> 00:01:56,840 Speaker 1: you'll get somebody who says, oh, that's the person who 34 00:01:56,960 --> 00:01:59,200 Speaker 1: stole my credit card data when I went to a 35 00:01:59,240 --> 00:02:02,040 Speaker 1: restaurant the other day. But on the positive side, you'll 36 00:02:02,040 --> 00:02:04,200 Speaker 1: get somebody that says, oh, they're the kind of people 37 00:02:04,320 --> 00:02:07,000 Speaker 1: that will like break something apart and then put it 38 00:02:07,040 --> 00:02:09,080 Speaker 1: back together in a way that it wasn't supposed to 39 00:02:09,240 --> 00:02:11,400 Speaker 1: be put back together to make it do something cool, 40 00:02:11,760 --> 00:02:15,960 Speaker 1: and that's a hack in in mainstream. Uh So that's 41 00:02:16,000 --> 00:02:18,000 Speaker 1: the way I see it. I see hackers as being 42 00:02:18,040 --> 00:02:22,840 Speaker 1: people who um reverse engineer different software, different hardware. It 43 00:02:22,880 --> 00:02:25,639 Speaker 1: could just be a bicycle, for example, and put it 44 00:02:25,720 --> 00:02:28,519 Speaker 1: back together in a way to make it harder, better, faster, 45 00:02:28,560 --> 00:02:33,040 Speaker 1: and stronger. Nice the old daft punk approach, of course, Yeah, 46 00:02:33,240 --> 00:02:36,920 Speaker 1: I agree entirely. Uh. The the original term hacker was 47 00:02:36,960 --> 00:02:41,760 Speaker 1: really all about people who have almost an insatiable curiosity 48 00:02:41,960 --> 00:02:46,119 Speaker 1: to learn how stuff works. Oddly enough, I share that quality, 49 00:02:46,639 --> 00:02:50,160 Speaker 1: having worked at how stuff works for a decade. Uh. 50 00:02:50,200 --> 00:02:52,560 Speaker 1: But yeah, to understand how it works, and then to 51 00:02:52,680 --> 00:02:55,880 Speaker 1: make stuff do things it wasn't necessarily intended to do. 52 00:02:56,280 --> 00:02:59,920 Speaker 1: Not for nefarious purposes necessarily, although that could clearly be 53 00:03:00,280 --> 00:03:04,600 Speaker 1: an application, but just for curiosity's sake. Can can I 54 00:03:04,680 --> 00:03:07,720 Speaker 1: take these elements that are meant to do this one 55 00:03:07,760 --> 00:03:11,160 Speaker 1: thing and do something completely transformative with it, whether it 56 00:03:11,360 --> 00:03:14,560 Speaker 1: is hardware or software. And we've seen some really cool 57 00:03:14,639 --> 00:03:16,680 Speaker 1: stuff come out of that. I mean, I would argue 58 00:03:17,160 --> 00:03:18,600 Speaker 1: that a lot of the things you see in the 59 00:03:18,600 --> 00:03:22,520 Speaker 1: cosplay world, in the steampunk world, those are all taking 60 00:03:22,560 --> 00:03:27,399 Speaker 1: elements of hacking. Maker Fair is really just a hacker's 61 00:03:27,440 --> 00:03:30,880 Speaker 1: paradise when you get down to it, especially for hardware hacks. Absolutely, 62 00:03:30,960 --> 00:03:33,119 Speaker 1: I'm kind of sad. I'm gonna miss maker Fair this year. 63 00:03:33,760 --> 00:03:35,520 Speaker 1: I haven't been to one yet. I've been to a 64 00:03:35,600 --> 00:03:39,240 Speaker 1: small one here in Atlanta, very a very modest maker Fair. 65 00:03:39,560 --> 00:03:43,960 Speaker 1: Everyone there was great and passionate and intelligent, but it was, 66 00:03:44,040 --> 00:03:46,119 Speaker 1: you know, a much smaller scale than something you would 67 00:03:46,120 --> 00:03:49,000 Speaker 1: see in the Bay Area. But but that's the kind 68 00:03:49,040 --> 00:03:51,920 Speaker 1: of thing that hacker means to me. Now that being said, 69 00:03:52,760 --> 00:03:55,240 Speaker 1: in this episode, we're really going to be focusing on 70 00:03:55,840 --> 00:03:59,000 Speaker 1: on sort of the computer oriented, really the software side 71 00:03:59,040 --> 00:04:01,560 Speaker 1: of hacking um and a large part of it's going 72 00:04:01,640 --> 00:04:05,160 Speaker 1: to be on the bad guy, the naughty bits as 73 00:04:05,160 --> 00:04:08,120 Speaker 1: I call it in our notes about hacking, simply to 74 00:04:08,160 --> 00:04:12,040 Speaker 1: talk about what are the ways that hackers cause or 75 00:04:12,200 --> 00:04:16,040 Speaker 1: the malicious hackers cause problems, how do they expect to 76 00:04:16,600 --> 00:04:20,080 Speaker 1: profit from that? And also that well, we'll look at 77 00:04:20,120 --> 00:04:23,400 Speaker 1: ways that hackers who don't follow that path, who are 78 00:04:23,520 --> 00:04:27,360 Speaker 1: looking to help people, not hurt people, how do they 79 00:04:27,360 --> 00:04:31,240 Speaker 1: make a living? Because it's one of those things where 80 00:04:31,279 --> 00:04:32,960 Speaker 1: you kind of take it for granted when you see 81 00:04:32,960 --> 00:04:35,960 Speaker 1: the Hollywood depiction of a hacker, the person sitting down, 82 00:04:36,080 --> 00:04:39,040 Speaker 1: usually they're sitting at a keyboard and for some reason, 83 00:04:39,080 --> 00:04:44,400 Speaker 1: their monitor only is monochromatic. Green. You know, they're using 84 00:04:44,400 --> 00:04:47,960 Speaker 1: the old Apple to E terminals. Terminals are actually written 85 00:04:47,960 --> 00:04:50,560 Speaker 1: and green oftentimes, but you can change the colors to 86 00:04:50,760 --> 00:04:52,920 Speaker 1: rainbow colors if you choose. That is a hack. It's 87 00:04:52,920 --> 00:04:56,240 Speaker 1: a real life hack. Yeah, Yeah, And usually you see 88 00:04:56,240 --> 00:04:59,440 Speaker 1: them sitting down and then they cause some sort of 89 00:04:59,600 --> 00:05:03,960 Speaker 1: miss you sometimes bordering on sabotage. But then you when 90 00:05:03,960 --> 00:05:06,520 Speaker 1: you think about it outside the context of that scene, 91 00:05:06,560 --> 00:05:11,400 Speaker 1: you think, how did they expect to profit from this? 92 00:05:11,720 --> 00:05:14,400 Speaker 1: So that's kind of what we're looking at. Yeah, because 93 00:05:14,760 --> 00:05:17,880 Speaker 1: it's always important to me to reiterate to that there 94 00:05:17,920 --> 00:05:20,080 Speaker 1: are always going to be two sides of a coin 95 00:05:20,160 --> 00:05:22,279 Speaker 1: to everything in life. Of course, there are going to 96 00:05:22,320 --> 00:05:25,400 Speaker 1: be bad guys in the real in the world who 97 00:05:25,440 --> 00:05:28,120 Speaker 1: do nefarious hacks, but there's also a lot of good 98 00:05:28,120 --> 00:05:31,480 Speaker 1: guys too, And personally, for me, the reason why I'm 99 00:05:31,520 --> 00:05:34,159 Speaker 1: so interested in researching this is because it has made 100 00:05:34,279 --> 00:05:37,960 Speaker 1: me a much more privacy and security guarded person. I've 101 00:05:38,000 --> 00:05:40,479 Speaker 1: gotten a lot better at my own protections online, and 102 00:05:40,520 --> 00:05:43,039 Speaker 1: I feel like if somebody else can understand what a 103 00:05:43,040 --> 00:05:45,120 Speaker 1: hacker does on the bad side as well as the 104 00:05:45,120 --> 00:05:47,400 Speaker 1: good side, they can better protect themselves too, And that's 105 00:05:47,440 --> 00:05:50,040 Speaker 1: what I've always tried to teach people. Yeah, I think 106 00:05:50,040 --> 00:05:52,400 Speaker 1: all you have to really do is attend one def 107 00:05:52,480 --> 00:05:56,000 Speaker 1: con and really have that driven home. I have not 108 00:05:56,080 --> 00:05:59,200 Speaker 1: yet gone to a def con, mostly because I don't 109 00:05:59,200 --> 00:06:01,280 Speaker 1: know that I could part with my smartphone for that 110 00:06:01,360 --> 00:06:04,760 Speaker 1: long and I certainly wouldn't take it with me. Bring 111 00:06:04,800 --> 00:06:08,280 Speaker 1: a burner phone, you'll be fine. Burn Yeah, that that's 112 00:06:08,320 --> 00:06:11,719 Speaker 1: me Jonathan, the guy which carries the burner. Uh, it 113 00:06:11,800 --> 00:06:13,960 Speaker 1: makes sense, I mean when you're doing something like that. So, 114 00:06:14,160 --> 00:06:16,520 Speaker 1: for those who don't know, def Con is a large 115 00:06:16,560 --> 00:06:21,200 Speaker 1: hacker based conference largely looking at the realm of information 116 00:06:21,200 --> 00:06:26,520 Speaker 1: security UM and often they will you'll have entire presentations 117 00:06:26,560 --> 00:06:30,599 Speaker 1: dedicated to showing off vulnerabilities and security. Again not necessarily 118 00:06:30,680 --> 00:06:32,960 Speaker 1: so that people can take advantage of them, but rather 119 00:06:33,000 --> 00:06:36,120 Speaker 1: to raise awareness and to kind of force the hands 120 00:06:36,720 --> 00:06:40,159 Speaker 1: of the parties that are responsible for that software to 121 00:06:40,480 --> 00:06:43,680 Speaker 1: take action and fix a problem. Right Like that was 122 00:06:43,720 --> 00:06:48,480 Speaker 1: what we saw with the hack about remotely taking control 123 00:06:48,600 --> 00:06:52,239 Speaker 1: of a person's vehicle. Uh, specifically Jeep was really having 124 00:06:52,279 --> 00:06:54,960 Speaker 1: that issue. Those one of those things where the researchers 125 00:06:54,960 --> 00:06:58,360 Speaker 1: were saying, look, we're bringing this to light, not so 126 00:06:58,440 --> 00:07:01,360 Speaker 1: that we can create an era where people are terrified 127 00:07:01,360 --> 00:07:03,599 Speaker 1: of their vehicles that someone's going to take remote control 128 00:07:03,640 --> 00:07:07,039 Speaker 1: of their car. But rather to really drive home the 129 00:07:07,080 --> 00:07:11,160 Speaker 1: fact that the information security is now, it's important everywhere. 130 00:07:11,240 --> 00:07:14,440 Speaker 1: It's not just your phone, it's not just your computer. 131 00:07:14,920 --> 00:07:19,000 Speaker 1: As the Internet of Things continues to blossom, it's everything. Yes, 132 00:07:19,080 --> 00:07:22,679 Speaker 1: I agree, And in that sense, those researchers were trying 133 00:07:22,720 --> 00:07:26,280 Speaker 1: to use something the old school term is called responsible disclosure, 134 00:07:26,600 --> 00:07:30,400 Speaker 1: where they explain some kind of vulnerability that they found 135 00:07:30,400 --> 00:07:33,360 Speaker 1: to the company in hopes that the company will fix 136 00:07:33,440 --> 00:07:36,520 Speaker 1: this problem before it becomes mainstream and before it gets 137 00:07:36,520 --> 00:07:40,520 Speaker 1: out into the wild. In the case of Jeep, I believe, 138 00:07:40,560 --> 00:07:42,880 Speaker 1: if my memory serves me right, that Jeep did not 139 00:07:43,080 --> 00:07:47,240 Speaker 1: necessarily release a patch for this vulnerability. So then the 140 00:07:47,280 --> 00:07:50,320 Speaker 1: researchers decided to go out publicly about the information that 141 00:07:50,360 --> 00:07:53,200 Speaker 1: they found, and then Jeep decided to fix it once 142 00:07:53,240 --> 00:07:56,600 Speaker 1: everybody else knew about it, right, And and sometimes that's 143 00:07:56,600 --> 00:07:59,240 Speaker 1: what it takes. And then and I've had the same 144 00:07:59,280 --> 00:08:02,760 Speaker 1: discussion offline with a mutual friend of ours, Brian Brushwood. 145 00:08:03,440 --> 00:08:05,960 Speaker 1: Brian is a stage magician. He has a show called 146 00:08:06,000 --> 00:08:08,960 Speaker 1: Scam School. It's all about social engineering. One of the 147 00:08:09,000 --> 00:08:11,760 Speaker 1: things I have talked about with Brian is that his show, 148 00:08:12,040 --> 00:08:15,280 Speaker 1: he often shows how to do certain types of scams 149 00:08:15,360 --> 00:08:19,400 Speaker 1: or tricks, but they're mostly in the bar bet world, right, Like, 150 00:08:19,520 --> 00:08:22,480 Speaker 1: not stuff that you would do to ruin someone's life, 151 00:08:22,560 --> 00:08:24,120 Speaker 1: but something that you know you might want to you 152 00:08:24,200 --> 00:08:29,480 Speaker 1: might win a free beer that way. Yeah, And he 153 00:08:29,560 --> 00:08:31,680 Speaker 1: showed off he had an episode where he showed off 154 00:08:32,280 --> 00:08:36,360 Speaker 1: this guy who had had was demonstrating a well known 155 00:08:36,480 --> 00:08:40,360 Speaker 1: vulnerability of a popular bike lock that has been off 156 00:08:40,360 --> 00:08:43,000 Speaker 1: the market for a couple of years because of this vulnerability. 157 00:08:43,480 --> 00:08:45,680 Speaker 1: But that particular vulnerability meant that you could use a 158 00:08:45,760 --> 00:08:49,200 Speaker 1: regular plastic pen, remove the pen part of the pen, 159 00:08:49,640 --> 00:08:52,600 Speaker 1: use the casing, and jam that into the lock and 160 00:08:52,720 --> 00:08:57,240 Speaker 1: pop the lock open. Right. And so people were complaining 161 00:08:57,240 --> 00:09:01,080 Speaker 1: in the comments, they were saying, you're you're you're publicizing 162 00:09:01,120 --> 00:09:03,760 Speaker 1: this vulnerability. And I said, guess what the bad guys 163 00:09:03,840 --> 00:09:07,960 Speaker 1: already know about this vulnerability. What they're doing is publicizing 164 00:09:07,960 --> 00:09:10,520 Speaker 1: it to a public that might be still vulnerable to 165 00:09:10,600 --> 00:09:14,120 Speaker 1: it so that they don't fall victim. And that to 166 00:09:14,200 --> 00:09:17,280 Speaker 1: me is a very important part of hackers across the board. 167 00:09:17,320 --> 00:09:21,079 Speaker 1: They they serve very important purpose to alert folks to 168 00:09:21,240 --> 00:09:26,920 Speaker 1: potential dangers before it gets too late. Yeah. Absolutely, And 169 00:09:26,920 --> 00:09:31,120 Speaker 1: and you're those hackers are the people that are generally 170 00:09:31,240 --> 00:09:34,320 Speaker 1: working to make a better world for consumers, a better 171 00:09:34,640 --> 00:09:38,360 Speaker 1: a better private and secure world for consumers. But then, 172 00:09:38,480 --> 00:09:41,200 Speaker 1: of course, on the other hand, are the batties. Yeah, 173 00:09:41,320 --> 00:09:43,840 Speaker 1: let's talk about some of them. So I kind of 174 00:09:43,880 --> 00:09:46,720 Speaker 1: gave some weird little titles for this when I was 175 00:09:46,760 --> 00:09:49,079 Speaker 1: typing it up, because in the middle of a week, 176 00:09:49,120 --> 00:09:51,640 Speaker 1: I get bored. Shannon has to be honest, and so 177 00:09:51,679 --> 00:09:53,760 Speaker 1: when I was making an outline kind of for us 178 00:09:53,760 --> 00:09:56,559 Speaker 1: to work from, I started coming up with goofy subtitles. 179 00:09:56,559 --> 00:10:00,280 Speaker 1: So this whole section is titled the Naughty Bits in 180 00:10:00,320 --> 00:10:03,800 Speaker 1: our Notes, And the first one is malware moo law, 181 00:10:03,960 --> 00:10:08,160 Speaker 1: as in people who make money through the development or 182 00:10:08,200 --> 00:10:11,560 Speaker 1: distribution of malware and malware. As I've said on this 183 00:10:11,600 --> 00:10:14,360 Speaker 1: show many times in order to define it, it's really 184 00:10:14,760 --> 00:10:17,640 Speaker 1: software that is intended to do something that is ultimately 185 00:10:17,720 --> 00:10:20,679 Speaker 1: harmful to the person who runs that software on their machine. 186 00:10:21,280 --> 00:10:27,040 Speaker 1: It covers a wide array of different subcategories like, uh, 187 00:10:27,080 --> 00:10:29,000 Speaker 1: you know, this is the sort of term that we 188 00:10:29,120 --> 00:10:30,839 Speaker 1: normally would have in the old days just called a 189 00:10:30,880 --> 00:10:34,360 Speaker 1: computer virus, but computer virus is a very specific thing, 190 00:10:34,480 --> 00:10:38,920 Speaker 1: and malware covers more stuff than just viruses, also worms 191 00:10:38,960 --> 00:10:41,920 Speaker 1: and all sorts of stuff. Yeah, there's there's malware for 192 00:10:42,040 --> 00:10:44,800 Speaker 1: Java and Flash. If you still have Flash installed, I 193 00:10:44,880 --> 00:10:47,280 Speaker 1: highly recommend that you uninstall it if you don't need it. 194 00:10:47,679 --> 00:10:51,400 Speaker 1: There's malware for browsers. There's malware for advertisements online for 195 00:10:51,480 --> 00:10:54,960 Speaker 1: sponsors that you'll see like on on different websites. That 196 00:10:55,080 --> 00:10:57,160 Speaker 1: was a very recent problem that a lot of news 197 00:10:57,160 --> 00:11:01,080 Speaker 1: publications had with Yeah, big name news public Yeah, so 198 00:11:01,160 --> 00:11:03,280 Speaker 1: that was a big one. But you'll see maw. We're 199 00:11:03,520 --> 00:11:06,800 Speaker 1: all over the place. And luckily we do have anti 200 00:11:06,840 --> 00:11:09,680 Speaker 1: mauware software that we can use to protect our computers 201 00:11:09,720 --> 00:11:12,040 Speaker 1: from it, and we can also block certain ports on 202 00:11:12,080 --> 00:11:14,640 Speaker 1: the routers that can hopefully protect you from MAUER. But 203 00:11:15,440 --> 00:11:19,080 Speaker 1: there's also a lot of cases where maure is distributed 204 00:11:19,240 --> 00:11:23,160 Speaker 1: and built so quickly that a lot of those anti 205 00:11:23,280 --> 00:11:26,880 Speaker 1: Mauer software are not updated quick enough. So in that case, 206 00:11:26,920 --> 00:11:28,240 Speaker 1: we need to do the best that we can to 207 00:11:28,320 --> 00:11:31,920 Speaker 1: protect ourselves and keep MAUER from getting out from the 208 00:11:32,000 --> 00:11:35,040 Speaker 1: deep web. Yeah. You know, it used to be, uh 209 00:11:35,080 --> 00:11:38,560 Speaker 1: that you really all you needed to worry about was 210 00:11:38,679 --> 00:11:41,760 Speaker 1: just don't go to the more seedy elements of the web, 211 00:11:41,800 --> 00:11:44,439 Speaker 1: and you were generally all right, right, Yeah, it's kind 212 00:11:44,440 --> 00:11:48,360 Speaker 1: of like avoiding a bad neighborhood. Like, obviously, if you 213 00:11:48,520 --> 00:11:50,959 Speaker 1: don't want to get robbed, there's certain neighborhoods that you 214 00:11:51,000 --> 00:11:54,120 Speaker 1: should probably shouldn't walk around in by yourself at night. 215 00:11:54,320 --> 00:11:56,920 Speaker 1: And this is kind of similar in that case where 216 00:11:56,960 --> 00:11:59,520 Speaker 1: you avoid the deep web unless you really want to 217 00:11:59,520 --> 00:12:03,040 Speaker 1: be on somebody's like hit list or something like that. Yeah. Yeah, 218 00:12:03,080 --> 00:12:04,840 Speaker 1: if you're if you suddenly think that you want to 219 00:12:04,840 --> 00:12:06,840 Speaker 1: come across as a big shot, look if you're not 220 00:12:06,920 --> 00:12:09,800 Speaker 1: a big shot, don't do that. It's kind of like 221 00:12:09,920 --> 00:12:11,760 Speaker 1: kind of like walking up to someone who works in 222 00:12:11,800 --> 00:12:14,320 Speaker 1: a carnival and claiming that you're with it and for it. 223 00:12:14,360 --> 00:12:15,920 Speaker 1: If you don't know what that means, you do not 224 00:12:16,040 --> 00:12:19,360 Speaker 1: say that. Okay, I think I just gave terrible advice 225 00:12:19,400 --> 00:12:23,760 Speaker 1: to an entire population of listeners. Um, don't don't. Don't 226 00:12:23,760 --> 00:12:27,319 Speaker 1: talk to Carney's unless you are one, alright, so uh 227 00:12:27,320 --> 00:12:30,040 Speaker 1: and I love you Carney's. I love you all. So. 228 00:12:30,280 --> 00:12:33,440 Speaker 1: The the thing that we're getting across, though, is that 229 00:12:33,600 --> 00:12:36,719 Speaker 1: today that's not as big a guarantee as it used 230 00:12:36,720 --> 00:12:39,680 Speaker 1: to be right, like ten years ago, you'd say, look, 231 00:12:39,800 --> 00:12:43,800 Speaker 1: just be careful. Don't download unusual files, don't don't run 232 00:12:43,960 --> 00:12:48,320 Speaker 1: a file that's linked in your email without checking it 233 00:12:48,320 --> 00:12:51,360 Speaker 1: out first. Don't don't you know, be careful opening up 234 00:12:51,360 --> 00:12:54,480 Speaker 1: emails from things that you don't recognize. Be careful with 235 00:12:54,559 --> 00:12:59,400 Speaker 1: PDF files. Be careful with stuff that especially unsolicited stuff 236 00:12:59,440 --> 00:13:03,400 Speaker 1: that has com to you, because that raises the chances 237 00:13:03,400 --> 00:13:06,199 Speaker 1: that something hinky is going on. It doesn't necessarily mean 238 00:13:06,240 --> 00:13:10,760 Speaker 1: it's definitely a problem, but it's potentially a problem, and 239 00:13:10,800 --> 00:13:13,560 Speaker 1: it's better to be safe than sorry. Make sure you 240 00:13:13,600 --> 00:13:16,520 Speaker 1: have good and uh anti virus software on your computer. 241 00:13:16,920 --> 00:13:19,080 Speaker 1: Make sure you have a nice strong firewall. All of 242 00:13:19,080 --> 00:13:22,000 Speaker 1: these kind of things. Those used to be pretty good 243 00:13:22,520 --> 00:13:26,320 Speaker 1: at keeping of the malware away from you, if you 244 00:13:26,360 --> 00:13:31,920 Speaker 1: were being a fairly responsible Nedicin these days, they definitely help. 245 00:13:32,160 --> 00:13:35,199 Speaker 1: These days, these days, the attacks are are sometimes getting 246 00:13:35,240 --> 00:13:38,280 Speaker 1: like in the case of the advertisements on news sites. 247 00:13:38,880 --> 00:13:42,480 Speaker 1: These are attacks that are going through avenues that you 248 00:13:42,520 --> 00:13:45,960 Speaker 1: want at one point would have considered perfectly safe. Not 249 00:13:46,080 --> 00:13:48,280 Speaker 1: that it's happening all the time, but the fact that 250 00:13:48,320 --> 00:13:52,960 Speaker 1: it can happen tells you that it requires an extra 251 00:13:53,080 --> 00:13:56,400 Speaker 1: level of vigilance beyond what we used to say was 252 00:13:56,400 --> 00:14:00,280 Speaker 1: was sufficient. Yeah. Absolutely, a data collection for a lot 253 00:14:00,280 --> 00:14:04,880 Speaker 1: of this malware is extremely Uh, it's high sensitive in 254 00:14:04,920 --> 00:14:09,720 Speaker 1: the fact that a user's data can get so much 255 00:14:09,720 --> 00:14:13,080 Speaker 1: money on the on the deep web, so much money really, 256 00:14:13,120 --> 00:14:16,840 Speaker 1: particularly a collection of user data. That's where the big 257 00:14:16,880 --> 00:14:20,240 Speaker 1: money is, right. I did an episode once where we 258 00:14:20,360 --> 00:14:23,400 Speaker 1: tried to break down how much is your personal information worth? 259 00:14:23,440 --> 00:14:27,880 Speaker 1: And yeah, it really depends. It depends upon what information 260 00:14:27,920 --> 00:14:30,640 Speaker 1: you're talking about, Like how extensive is that profile on 261 00:14:30,680 --> 00:14:34,080 Speaker 1: a person? But yeah, it's not much in the grand 262 00:14:34,120 --> 00:14:36,120 Speaker 1: scheme of things. Like to you, it's worth a lot, 263 00:14:36,280 --> 00:14:38,720 Speaker 1: right you as a person, Shannon, You as a person, 264 00:14:38,800 --> 00:14:41,240 Speaker 1: that information is worth a lot of money to you 265 00:14:41,960 --> 00:14:45,200 Speaker 1: because it's who you are. To someone else, it's worth 266 00:14:45,600 --> 00:14:48,560 Speaker 1: pennies on the dollar really, depending upon depending upon the 267 00:14:48,600 --> 00:14:53,560 Speaker 1: amount of information. But the smellware often is giving hackers 268 00:14:53,640 --> 00:14:58,040 Speaker 1: access to massive amounts of info about a huge number 269 00:14:58,040 --> 00:15:01,680 Speaker 1: of people, and a number is there is more value 270 00:15:01,840 --> 00:15:04,680 Speaker 1: and that's where they will sell that. Sometimes they sell 271 00:15:04,720 --> 00:15:08,440 Speaker 1: it to companies that are just interested in getting information 272 00:15:08,480 --> 00:15:12,040 Speaker 1: so that they can do targeted advertising. So it might 273 00:15:12,120 --> 00:15:16,680 Speaker 1: be that the ultimate use of your information isn't as 274 00:15:16,800 --> 00:15:18,920 Speaker 1: bad as it could be. It just means you're going 275 00:15:18,960 --> 00:15:22,520 Speaker 1: to get some adsum but still not fun to think 276 00:15:22,560 --> 00:15:25,080 Speaker 1: about and to think that you know, now these companies 277 00:15:25,120 --> 00:15:28,320 Speaker 1: have access to information about you that you probably would 278 00:15:28,400 --> 00:15:32,560 Speaker 1: rather they not have, particularly in targeted advertising. The famous 279 00:15:32,600 --> 00:15:36,280 Speaker 1: story about Target when they started sending ads to a 280 00:15:36,280 --> 00:15:39,800 Speaker 1: young lady that were related to pregnancy, and then her 281 00:15:39,920 --> 00:15:42,160 Speaker 1: dad got really really ticked off about it. But it 282 00:15:42,200 --> 00:15:45,280 Speaker 1: turned out that little girl was pregnant, yeah, and that 283 00:15:45,440 --> 00:15:48,120 Speaker 1: it was it was because the algorithms had picked up 284 00:15:48,320 --> 00:15:51,360 Speaker 1: through her search habits that she was pregnant based upon 285 00:15:51,480 --> 00:15:53,960 Speaker 1: the search terms she was putting in, and so they 286 00:15:54,000 --> 00:15:58,240 Speaker 1: proactively sent her some coupons for pregnancy related items. The 287 00:15:58,320 --> 00:16:00,760 Speaker 1: dad got very upset. Then the dad ended up apologizing 288 00:16:00,760 --> 00:16:03,200 Speaker 1: to Target, saying that he was unaware at the time 289 00:16:03,280 --> 00:16:05,960 Speaker 1: of the full situation. Well, in that case, it was 290 00:16:06,400 --> 00:16:10,120 Speaker 1: search algorithms. It wasn't a hacker who had gained access 291 00:16:10,120 --> 00:16:12,240 Speaker 1: to stuff and then sold it. But there are other 292 00:16:12,280 --> 00:16:15,760 Speaker 1: cases where that does happen, where you know, just a 293 00:16:15,840 --> 00:16:18,640 Speaker 1: database of info, and a lot of times they will 294 00:16:18,760 --> 00:16:22,040 Speaker 1: release this malware in something that's called an exploit kit. 295 00:16:22,560 --> 00:16:25,640 Speaker 1: So generally, these exploit kits are like a batch of 296 00:16:26,000 --> 00:16:29,600 Speaker 1: similar malware that will work across several different platforms, so 297 00:16:29,640 --> 00:16:32,560 Speaker 1: that whether that's several different types of software like job 298 00:16:32,640 --> 00:16:35,640 Speaker 1: and flash, or several different browsers, it could be several 299 00:16:35,640 --> 00:16:38,920 Speaker 1: different operating systems too, So you might see an exploit 300 00:16:39,000 --> 00:16:43,720 Speaker 1: kit that works on Linux four four but also works 301 00:16:43,760 --> 00:16:48,120 Speaker 1: on Windows XP up through eight or something like that. Right, 302 00:16:48,600 --> 00:16:50,680 Speaker 1: And what's crazy is that when you start looking at 303 00:16:51,440 --> 00:16:53,200 Speaker 1: I mean, this is one of the things that hackers do, right, 304 00:16:53,200 --> 00:16:55,680 Speaker 1: They'll look at operating systems and what the market penetration 305 00:16:55,760 --> 00:16:58,160 Speaker 1: is for those systems because that that's that shows you 306 00:16:58,160 --> 00:17:00,680 Speaker 1: where your target rich environment is. Right, So if you 307 00:17:00,720 --> 00:17:06,040 Speaker 1: have Windows seven, guess what you are prime target for 308 00:17:06,280 --> 00:17:10,640 Speaker 1: for malware because that is by far the largest UM 309 00:17:10,720 --> 00:17:13,840 Speaker 1: that that has the greatest market share of any operating 310 00:17:13,840 --> 00:17:20,480 Speaker 1: system right now, Windows XP still it's number three, number three, 311 00:17:20,560 --> 00:17:23,119 Speaker 1: and it has not been supported by Window formed by 312 00:17:23,160 --> 00:17:27,800 Speaker 1: Microsoft for two years. This, by the way, bad thing. 313 00:17:27,880 --> 00:17:30,280 Speaker 1: If you want to be really secure with your your 314 00:17:30,320 --> 00:17:32,440 Speaker 1: computer information, you don't want to be using and operate 315 00:17:32,480 --> 00:17:34,960 Speaker 1: system that no longer gets support from the company that 316 00:17:35,040 --> 00:17:38,800 Speaker 1: made it. UM because because that means no vulnerabilities will 317 00:17:38,840 --> 00:17:41,119 Speaker 1: be patched. From that moment forward, you're pretty much on 318 00:17:41,160 --> 00:17:43,720 Speaker 1: your own. You have gone into the dark forest, and 319 00:17:43,760 --> 00:17:48,199 Speaker 1: you forgot to bring your flashlight. It's pretty dangerous. Um. 320 00:17:48,320 --> 00:17:50,560 Speaker 1: One of the things that you kind of uh that 321 00:17:50,560 --> 00:17:53,040 Speaker 1: that I think leads in from what you were saying 322 00:17:53,080 --> 00:17:56,360 Speaker 1: before with these exploit kits. One of the most terrifying 323 00:17:56,560 --> 00:18:00,280 Speaker 1: aspects of this type of malware and and the fact 324 00:18:00,320 --> 00:18:03,639 Speaker 1: that that people can use it for nefarious purposes and 325 00:18:03,720 --> 00:18:07,639 Speaker 1: monetary gain, is that you also have a population of 326 00:18:07,720 --> 00:18:10,639 Speaker 1: people who don't even understand how the malware works. They 327 00:18:10,680 --> 00:18:14,959 Speaker 1: don't even Script kitties is what I'm getting at. Script kitties, 328 00:18:15,040 --> 00:18:19,400 Speaker 1: that's the term we use for people who are, uh, 329 00:18:19,440 --> 00:18:23,600 Speaker 1: they're benefiting from the the work that hackers have done. 330 00:18:23,640 --> 00:18:26,720 Speaker 1: Hackers are the ones who are actually putting together the software. 331 00:18:26,720 --> 00:18:29,720 Speaker 1: They're the ones who have identified the vulnerability and then 332 00:18:29,800 --> 00:18:32,600 Speaker 1: exploited it in some way. Script kitties are the ones 333 00:18:32,640 --> 00:18:36,320 Speaker 1: who essentially they're given a set of skeleton keys, and 334 00:18:36,400 --> 00:18:40,520 Speaker 1: they didn't make the skeleton keys, they're just using them. UM. 335 00:18:40,560 --> 00:18:43,920 Speaker 1: And it's scary because you don't need a level of expertise. 336 00:18:44,080 --> 00:18:46,280 Speaker 1: You might think, oh, well, I'm kind of safe from 337 00:18:46,320 --> 00:18:49,120 Speaker 1: hackers because how many people are actually hackers? How many 338 00:18:49,119 --> 00:18:53,119 Speaker 1: people really know how this system works. Well, you don't 339 00:18:53,160 --> 00:18:55,000 Speaker 1: have to really know how the system works if you 340 00:18:55,040 --> 00:18:58,240 Speaker 1: have a tool that exploits a vulnerability. Oh absolutely. Although 341 00:18:58,240 --> 00:19:01,080 Speaker 1: I really hate the words of Katie, I will put 342 00:19:01,080 --> 00:19:04,080 Speaker 1: it out there because I feel like if you're interested 343 00:19:04,240 --> 00:19:08,240 Speaker 1: in information security, and if you're interested in becoming a 344 00:19:08,240 --> 00:19:11,960 Speaker 1: good hacker, then you do start somewhere, and everybody is 345 00:19:12,000 --> 00:19:14,120 Speaker 1: going to start with the easy tools that are out 346 00:19:14,119 --> 00:19:17,040 Speaker 1: there and that are available for free. For example, one 347 00:19:17,080 --> 00:19:19,200 Speaker 1: thing that I learned how to use a couple of 348 00:19:19,240 --> 00:19:22,240 Speaker 1: years back was this tool called wire shark. It easily 349 00:19:22,359 --> 00:19:25,479 Speaker 1: lets you see everything that's happening on your wireless network, 350 00:19:25,560 --> 00:19:28,840 Speaker 1: or you can use it for um, any computers that 351 00:19:28,880 --> 00:19:31,280 Speaker 1: are on your on your network, like behind your router, 352 00:19:31,600 --> 00:19:33,639 Speaker 1: so you can see everything that's going on and you 353 00:19:33,680 --> 00:19:38,439 Speaker 1: don't necessarily have to learn or understand what's going on 354 00:19:38,480 --> 00:19:41,560 Speaker 1: behind it to be able to read what's on your 355 00:19:41,600 --> 00:19:44,560 Speaker 1: screen happening right in front of you. I think it's 356 00:19:44,600 --> 00:19:48,840 Speaker 1: really important though, for people who might be called script 357 00:19:48,880 --> 00:19:53,080 Speaker 1: kitties to look at as being beneficial and that they 358 00:19:53,200 --> 00:19:56,240 Speaker 1: can grow from that process. They can start from being 359 00:19:56,280 --> 00:19:59,000 Speaker 1: a beginner and say, okay, well I need to understand 360 00:19:59,040 --> 00:20:01,280 Speaker 1: the theory. Now I can move on from being a 361 00:20:01,280 --> 00:20:04,760 Speaker 1: script kittie quote unquote to becoming somebody who is an 362 00:20:04,800 --> 00:20:09,240 Speaker 1: expert in some kind of information security out there. Yeah. 363 00:20:09,280 --> 00:20:11,600 Speaker 1: I when I think of the term script kitty, in 364 00:20:11,640 --> 00:20:13,720 Speaker 1: my mind, it's a very it's a subset of the 365 00:20:13,720 --> 00:20:17,800 Speaker 1: people that typically get labeled as such. That subset being 366 00:20:18,280 --> 00:20:20,880 Speaker 1: people who have little to no interest in actually learning 367 00:20:20,960 --> 00:20:25,280 Speaker 1: how to hack or program. Uh, people who want a 368 00:20:25,400 --> 00:20:30,560 Speaker 1: very very fast track way to gain either a reputation 369 00:20:31,240 --> 00:20:34,280 Speaker 1: by being the person who took down a system by 370 00:20:34,359 --> 00:20:37,840 Speaker 1: whatever means, or by making a whole lot of money 371 00:20:37,880 --> 00:20:41,640 Speaker 1: really fast for relatively little effort. Those are the ones 372 00:20:41,720 --> 00:20:44,000 Speaker 1: I specifically think of when I think of script kitty. 373 00:20:44,040 --> 00:20:46,600 Speaker 1: But you are absolutely right, you have to start somewhere 374 00:20:46,720 --> 00:20:49,119 Speaker 1: if you're interested in this is I'm kind of defensive 375 00:20:49,160 --> 00:20:51,400 Speaker 1: with that because I I was called a script kitty 376 00:20:51,440 --> 00:20:54,920 Speaker 1: when I first started up started off learning about hacking 377 00:20:54,920 --> 00:20:58,520 Speaker 1: and information security. People would be like, Oh, she's just 378 00:20:58,560 --> 00:21:00,760 Speaker 1: a script kitty, and I'd be like, I actually want 379 00:21:00,760 --> 00:21:02,840 Speaker 1: to understand the theory. I want to learn how to program. 380 00:21:02,840 --> 00:21:04,760 Speaker 1: I want to learn how to code. I'm no longer 381 00:21:04,840 --> 00:21:07,720 Speaker 1: called that because I have learned how to write certain 382 00:21:07,800 --> 00:21:10,040 Speaker 1: kinds of code. I have learned how to program. I 383 00:21:10,080 --> 00:21:12,640 Speaker 1: can make my r doin no, do whatever I want. 384 00:21:12,960 --> 00:21:16,000 Speaker 1: So at this point in my stage, I've surpassed that 385 00:21:16,040 --> 00:21:18,960 Speaker 1: moment of being a nube and I've gone on to 386 00:21:19,760 --> 00:21:24,520 Speaker 1: learning things and being able to understand specific tests and 387 00:21:24,560 --> 00:21:25,919 Speaker 1: get them to do what I want them to do 388 00:21:26,000 --> 00:21:29,119 Speaker 1: without finding tutorials online. Yea, so now I make my 389 00:21:29,160 --> 00:21:32,480 Speaker 1: own tutorials. Seeing Now that's nice because when I started 390 00:21:32,480 --> 00:21:34,960 Speaker 1: at how Stuff Works, they call me that weird bald guy, 391 00:21:35,400 --> 00:21:39,439 Speaker 1: and today they still do. So some labels just stick, 392 00:21:39,880 --> 00:21:42,160 Speaker 1: is what I'm saying. So yeah, So, so that kind 393 00:21:42,160 --> 00:21:46,400 Speaker 1: of covers the malware approach. People can make money through malware, 394 00:21:46,400 --> 00:21:50,280 Speaker 1: either by selling your information UM, they might do so 395 00:21:50,520 --> 00:21:54,960 Speaker 1: by another method, which kind of leads into this idea 396 00:21:55,000 --> 00:21:57,840 Speaker 1: of ransomware. So this would be malware specific type of 397 00:21:57,840 --> 00:22:02,280 Speaker 1: malware that UM locks down your machine in some way 398 00:22:02,320 --> 00:22:04,560 Speaker 1: so that you can no longer access it, and then 399 00:22:04,600 --> 00:22:06,640 Speaker 1: you essentially get a message saying, hey, if you want, 400 00:22:06,720 --> 00:22:08,840 Speaker 1: if you want your data back, if you want access 401 00:22:08,880 --> 00:22:10,919 Speaker 1: to your data. If you want to be able to 402 00:22:11,200 --> 00:22:13,160 Speaker 1: do all this stuff and you want our hands out 403 00:22:13,200 --> 00:22:15,280 Speaker 1: of your business, then you've got to pay us some 404 00:22:15,560 --> 00:22:20,760 Speaker 1: moolah money. Yeah. So basically what happens with ransomware is, uh, 405 00:22:21,080 --> 00:22:22,840 Speaker 1: it is just like you said, a type of aware 406 00:22:22,880 --> 00:22:26,840 Speaker 1: that gets distributed in one way, shape or form onto 407 00:22:26,880 --> 00:22:30,280 Speaker 1: somebody's computer and it ends up encrypting their data. It 408 00:22:30,280 --> 00:22:31,879 Speaker 1: could be a whole hard drive, it could be a 409 00:22:31,880 --> 00:22:34,880 Speaker 1: folder of data. It's some kind of important data that 410 00:22:35,040 --> 00:22:38,680 Speaker 1: they have sitting on their computer. Uh. And in many cases, 411 00:22:39,280 --> 00:22:42,760 Speaker 1: a thief the hacker will ask them in an email 412 00:22:42,840 --> 00:22:46,920 Speaker 1: or maybe an encrypted text document that's now surreptitiously on 413 00:22:46,960 --> 00:22:50,560 Speaker 1: their computer out of nowhere, to send them a certain 414 00:22:50,600 --> 00:22:52,680 Speaker 1: amount of bitcoins, and they tell them how to set 415 00:22:52,720 --> 00:22:54,560 Speaker 1: up a bitcoin wallets so that they can send the 416 00:22:54,560 --> 00:22:57,359 Speaker 1: bitcoins to them for them to get a pass code 417 00:22:57,359 --> 00:23:00,919 Speaker 1: to unlock their encrypted data. Now, the weird part is 418 00:23:01,320 --> 00:23:03,800 Speaker 1: they already owned this data. It's on their own hard drive. 419 00:23:03,840 --> 00:23:06,440 Speaker 1: It could be anything from like kids photos, it could 420 00:23:06,440 --> 00:23:08,800 Speaker 1: be tax documents. But in any case, it's going to 421 00:23:08,840 --> 00:23:11,400 Speaker 1: be some kind of important information that people don't want 422 00:23:11,400 --> 00:23:14,159 Speaker 1: to lose because it might be years and years of 423 00:23:14,240 --> 00:23:17,600 Speaker 1: information that's just on that computer. So of course people 424 00:23:17,600 --> 00:23:20,640 Speaker 1: are going to send them bitcoins, and I think last 425 00:23:20,680 --> 00:23:22,840 Speaker 1: I checked, a bitcoin was a few hundred bucks, so 426 00:23:22,920 --> 00:23:24,520 Speaker 1: it ends up being quite a bit of money that 427 00:23:24,560 --> 00:23:27,880 Speaker 1: they have to send to get their information unlocked. Yeah, 428 00:23:27,880 --> 00:23:30,040 Speaker 1: and this is this is the type of malware. When 429 00:23:30,119 --> 00:23:34,560 Speaker 1: we were talking about the the advertising that was targeting 430 00:23:34,600 --> 00:23:37,760 Speaker 1: people through massive news sites. If I'm not mistaken, it 431 00:23:37,840 --> 00:23:40,520 Speaker 1: was specifically ransomware. It was the kind of stuff that 432 00:23:40,560 --> 00:23:44,960 Speaker 1: was encrypting users. Uh yeah, yeah, so it wasn't just malware. 433 00:23:45,000 --> 00:23:48,439 Speaker 1: It was ransomware that was infecting computers. Because malaware can 434 00:23:48,440 --> 00:23:50,479 Speaker 1: do other stuff too, right, it can It can create 435 00:23:50,560 --> 00:23:55,960 Speaker 1: something like a backdoor access. So yeah, hackers can take 436 00:23:56,000 --> 00:23:58,400 Speaker 1: control of your machine or just monitor what you're doing. 437 00:23:58,480 --> 00:24:00,480 Speaker 1: Even if they don't want to take control, they can 438 00:24:00,520 --> 00:24:02,560 Speaker 1: put in key loggers so they can see what all 439 00:24:02,600 --> 00:24:05,360 Speaker 1: your passwords are. Um, so you might want to think 440 00:24:05,359 --> 00:24:09,400 Speaker 1: about using things like a really good password manager. UM 441 00:24:09,440 --> 00:24:13,760 Speaker 1: that's what I use and and I love mine. Uh yeah, 442 00:24:13,920 --> 00:24:16,800 Speaker 1: So the things where you don't have to type the 443 00:24:16,800 --> 00:24:18,679 Speaker 1: password in so you don't have to worry about key 444 00:24:18,720 --> 00:24:21,960 Speaker 1: loggers picking up on that. Kind of stuff. Um. But 445 00:24:22,040 --> 00:24:24,480 Speaker 1: we'll talk more about that in just a second. So 446 00:24:24,880 --> 00:24:26,359 Speaker 1: one of the other ones I wanted to talk about, 447 00:24:26,359 --> 00:24:29,000 Speaker 1: this one is kind of a gray area because, uh, 448 00:24:29,040 --> 00:24:33,320 Speaker 1: this is this. I titled this section spies like us um, 449 00:24:33,320 --> 00:24:37,359 Speaker 1: and by this I meant state sponsored hackers. People who 450 00:24:37,440 --> 00:24:42,840 Speaker 1: are hacking on behalf of a specific state or nation 451 00:24:43,000 --> 00:24:46,720 Speaker 1: or government. Um. Sometimes they may be doing so not 452 00:24:46,920 --> 00:24:50,679 Speaker 1: with the uh what should I say, Like, not with 453 00:24:50,720 --> 00:24:54,680 Speaker 1: the express permission of the nation. It may turn out 454 00:24:54,680 --> 00:24:56,960 Speaker 1: that the state says, Hey, we didn't tell them to 455 00:24:57,000 --> 00:24:59,199 Speaker 1: do this. They're just doing it because they love us 456 00:24:59,240 --> 00:25:02,479 Speaker 1: so much and they hate and they hate you guys, 457 00:25:03,040 --> 00:25:05,840 Speaker 1: and that's why they're doing it. Um. Whether that's true 458 00:25:05,920 --> 00:25:08,960 Speaker 1: or not depends upon the situation. I would I would 459 00:25:09,160 --> 00:25:12,280 Speaker 1: think that if I were running a government and I 460 00:25:12,320 --> 00:25:16,360 Speaker 1: had employed a bunch of hackers to infiltrate or sabotage 461 00:25:16,840 --> 00:25:20,600 Speaker 1: another nation's systems, I also would like some plausible deniability 462 00:25:20,600 --> 00:25:23,959 Speaker 1: in there. Hey, I didn't tell him to do it. 463 00:25:24,000 --> 00:25:26,560 Speaker 1: I just said, man, it's it's kind of like there's 464 00:25:26,600 --> 00:25:30,200 Speaker 1: there's a story that a king of England once he 465 00:25:30,240 --> 00:25:32,840 Speaker 1: yelled out, who will rid me of this meddlesome priest, 466 00:25:33,280 --> 00:25:35,480 Speaker 1: and then a couple of nights went off and ridded 467 00:25:35,560 --> 00:25:38,840 Speaker 1: him of his of that meddlesome priest, and it turned 468 00:25:38,840 --> 00:25:41,399 Speaker 1: out that he was he was just mad and just 469 00:25:41,480 --> 00:25:45,200 Speaker 1: talking out loud. And then one of his dearest friends 470 00:25:45,280 --> 00:25:47,840 Speaker 1: ended up being murdered by a couple of nights because 471 00:25:47,840 --> 00:25:49,760 Speaker 1: they heard the guy talking and said, hey, we should 472 00:25:49,760 --> 00:25:52,359 Speaker 1: get rid of them. We'll get rewarded. That's what the 473 00:25:52,359 --> 00:25:54,840 Speaker 1: States argue. I don't know that that's always the case. Also, 474 00:25:54,880 --> 00:25:57,080 Speaker 1: by the way, for you listeners out there who recognize 475 00:25:57,119 --> 00:25:59,600 Speaker 1: who I'm talking about, send me an email and prove it, 476 00:25:59,640 --> 00:26:03,560 Speaker 1: because I'm a medievalist and I love that stuff. Um. 477 00:26:03,600 --> 00:26:05,360 Speaker 1: But yeah, this is something that we see. You know, 478 00:26:05,840 --> 00:26:08,439 Speaker 1: you often will hear stories about Chinese hackers or Russian hackers. 479 00:26:08,440 --> 00:26:11,800 Speaker 1: There was a story UH several years ago about how 480 00:26:12,359 --> 00:26:17,520 Speaker 1: UH information security experts were noticing some artifacts in our 481 00:26:17,560 --> 00:26:21,920 Speaker 1: power grid system that were indicative of UH people who 482 00:26:21,920 --> 00:26:25,040 Speaker 1: had infiltrated that system and planted some stuff in there 483 00:26:25,040 --> 00:26:27,880 Speaker 1: so that they could monitor things or perhaps even jump 484 00:26:27,920 --> 00:26:31,000 Speaker 1: back into the power grid system should UH push come 485 00:26:31,040 --> 00:26:33,880 Speaker 1: to shove in some sort of political situation. They had 486 00:26:33,880 --> 00:26:36,840 Speaker 1: traced it back to either China or Russia. It's pretty 487 00:26:36,840 --> 00:26:40,800 Speaker 1: tricky to actually figure out where attacks ultimately originate from, 488 00:26:40,800 --> 00:26:43,040 Speaker 1: because if you're really good, you can cover your tracks 489 00:26:43,040 --> 00:26:46,760 Speaker 1: pretty well. Um, but the United States has done it too. 490 00:26:47,000 --> 00:26:49,199 Speaker 1: You might have heard about Stuck's Net. That was the 491 00:26:49,720 --> 00:26:53,000 Speaker 1: That was the computer virus that was designed to um 492 00:26:53,280 --> 00:26:57,360 Speaker 1: to to spin a centrifuge in a nuclear facility at 493 00:26:57,359 --> 00:26:59,960 Speaker 1: a speed greater than what it was supposed to spend 494 00:27:00,040 --> 00:27:03,080 Speaker 1: at And originally I think the hope was that it 495 00:27:03,119 --> 00:27:07,720 Speaker 1: would cause a catastrophic failure and perhaps perhaps even destroy 496 00:27:07,800 --> 00:27:10,960 Speaker 1: the facility. As it turned out, it caused a failure, 497 00:27:11,000 --> 00:27:14,879 Speaker 1: but not at that level. But that those are examples 498 00:27:14,920 --> 00:27:19,520 Speaker 1: of something that's technically legal within the country because it's 499 00:27:19,520 --> 00:27:24,280 Speaker 1: it's endorsed or at least permitted by a government, but 500 00:27:25,280 --> 00:27:28,320 Speaker 1: you don't want it out there because it seems pretty 501 00:27:28,359 --> 00:27:33,280 Speaker 1: darn shady to anybody else. Yeah. Yeah, So state sponsored 502 00:27:33,359 --> 00:27:37,359 Speaker 1: hacks are more worrisome to me because they oftentimes have 503 00:27:37,560 --> 00:27:41,800 Speaker 1: much larger targets. For example, they might target a large 504 00:27:41,880 --> 00:27:46,359 Speaker 1: government facility like I don't know, the Pentagon, So I 505 00:27:46,440 --> 00:27:50,080 Speaker 1: worry about those because those kind of servers have a 506 00:27:50,160 --> 00:27:53,360 Speaker 1: lot of information on the citizens of any sort of country. 507 00:27:53,920 --> 00:27:55,920 Speaker 1: So anytime you see these in the news, it's it's 508 00:27:55,920 --> 00:27:58,440 Speaker 1: always like, oh, well, this this hack was done by 509 00:27:58,760 --> 00:28:03,200 Speaker 1: Chinese state sponsored hackers, or Russian state sponsored hackers, or 510 00:28:03,320 --> 00:28:06,800 Speaker 1: American state sponsored hackers in these North Korea. North Korea 511 00:28:06,800 --> 00:28:09,440 Speaker 1: would be another big one. Yeah, yeah, So so they 512 00:28:09,480 --> 00:28:12,640 Speaker 1: are either it might be a tinam of hackers that 513 00:28:12,760 --> 00:28:16,920 Speaker 1: are kind of comprised together in a illegitimate company, who 514 00:28:16,920 --> 00:28:20,359 Speaker 1: are hired by a government or like you say, where 515 00:28:20,400 --> 00:28:25,160 Speaker 1: they may not necessarily have any affiliation quote unquote with 516 00:28:25,359 --> 00:28:28,840 Speaker 1: the government, but the government ends them paying them in 517 00:28:28,920 --> 00:28:33,000 Speaker 1: some way, shape or form for their infiltration because it 518 00:28:33,080 --> 00:28:35,320 Speaker 1: ends up helping the government in some way or another. 519 00:28:35,680 --> 00:28:39,120 Speaker 1: And so it's it's a very sticky scenario when you 520 00:28:39,160 --> 00:28:42,360 Speaker 1: start dealing with these state sponsored hackers, because it's it's 521 00:28:42,400 --> 00:28:46,280 Speaker 1: hard to understand, Um, how are we going to, you know, 522 00:28:46,320 --> 00:28:49,440 Speaker 1: penalize them? Who do we penalize? Do we penalize government 523 00:28:49,600 --> 00:28:52,600 Speaker 1: or the hackers themselves? Are both like who was actually involved? 524 00:28:53,120 --> 00:28:55,320 Speaker 1: It might end up being how do we address the 525 00:28:55,400 --> 00:28:59,320 Speaker 1: underlying situation that led to the employment of hackers in 526 00:28:59,360 --> 00:29:04,160 Speaker 1: the first play? Um, which can get pretty pretty delicate. 527 00:29:04,480 --> 00:29:07,719 Speaker 1: Another great example, or not too long ago, or at 528 00:29:07,760 --> 00:29:11,120 Speaker 1: least one that may or may not have been involved 529 00:29:11,240 --> 00:29:12,920 Speaker 1: in my may or may not have involved a state 530 00:29:12,920 --> 00:29:17,040 Speaker 1: sponsored hacker I'm still somewhat skeptical of that, would be 531 00:29:17,040 --> 00:29:21,520 Speaker 1: the Sony hack. Because the Sony hack, the US government 532 00:29:21,600 --> 00:29:24,720 Speaker 1: essentially was pointing fingers to North Korea, saying the hackers 533 00:29:24,760 --> 00:29:27,360 Speaker 1: must have come from North Korea. Look at this IP address, 534 00:29:27,520 --> 00:29:30,040 Speaker 1: which we don't even need to go into detail right now, 535 00:29:30,400 --> 00:29:33,120 Speaker 1: except to say that an IP address does not proof 536 00:29:33,200 --> 00:29:36,920 Speaker 1: make but at any rate, they're they're pointing over at 537 00:29:36,920 --> 00:29:39,240 Speaker 1: North Korea saying, we think the attacks came from there. 538 00:29:39,600 --> 00:29:42,560 Speaker 1: The attack appears to be politically motivated North Korea, for 539 00:29:42,600 --> 00:29:44,960 Speaker 1: its part, the government, which, by the way, North Korea 540 00:29:45,080 --> 00:29:48,800 Speaker 1: not shy about taking credit for stuff, but they said, no, no, 541 00:29:48,960 --> 00:29:51,160 Speaker 1: we didn't. We we didn't ask for this, but we're 542 00:29:51,200 --> 00:29:55,680 Speaker 1: totally cool with it happening. Um, So you know, it's 543 00:29:55,720 --> 00:29:57,920 Speaker 1: one of those It's also very muddy because obviously, when 544 00:29:57,920 --> 00:30:00,360 Speaker 1: you're talking about things like espionage or Sava Taj or 545 00:30:00,360 --> 00:30:04,120 Speaker 1: any of those things, uh, you don't you don't come 546 00:30:04,120 --> 00:30:06,320 Speaker 1: out and talk more about it, you don't. That ends 547 00:30:06,360 --> 00:30:09,240 Speaker 1: up being closed away. In fact, I should, I should 548 00:30:09,240 --> 00:30:11,160 Speaker 1: really throw that over to the stuff they don't want 549 00:30:11,160 --> 00:30:13,160 Speaker 1: you to know guys, and have them do an episode 550 00:30:13,160 --> 00:30:14,280 Speaker 1: on it, because that would be a lot of fun. 551 00:30:15,960 --> 00:30:20,600 Speaker 1: And then we've got got the the traditional at least, 552 00:30:20,600 --> 00:30:23,080 Speaker 1: I would argue the traditional concept of a hacker from 553 00:30:23,120 --> 00:30:27,040 Speaker 1: the Hollywood perspective. The black hats, the ones they are 554 00:30:27,080 --> 00:30:29,200 Speaker 1: wearing the hoodies and they're sitting at a keyboard and 555 00:30:29,200 --> 00:30:31,760 Speaker 1: they're typing really fast on a green and black screen. 556 00:30:33,000 --> 00:30:38,880 Speaker 1: Over They've got like got some junk food food around them. Yeah, mail, 557 00:30:39,280 --> 00:30:41,560 Speaker 1: and they have a ton of different windows popping up 558 00:30:41,560 --> 00:30:44,120 Speaker 1: on their computer really really fast. You can't make out 559 00:30:44,160 --> 00:30:47,360 Speaker 1: anything that's happening. It's entirely not true. That's not how 560 00:30:47,400 --> 00:30:50,920 Speaker 1: it works. It's actually a somewhat slow process to get 561 00:30:51,320 --> 00:30:55,080 Speaker 1: um basically, to get reconnaissance and to get into any 562 00:30:55,160 --> 00:30:58,000 Speaker 1: kind of network. Uh. The only things I've done, of course, 563 00:30:58,040 --> 00:31:02,000 Speaker 1: are completely legal. I've sure authorization by everybody who I 564 00:31:02,080 --> 00:31:07,959 Speaker 1: have tested my my abilities on. Right. Yeah, so black hats. 565 00:31:08,080 --> 00:31:12,480 Speaker 1: That's that's another awkward definition because it's not one that 566 00:31:12,560 --> 00:31:14,760 Speaker 1: I like to use all the time, because black hat 567 00:31:14,800 --> 00:31:19,000 Speaker 1: hacker means that there's it makes hackers have more of 568 00:31:19,000 --> 00:31:21,920 Speaker 1: a negative appeal to a lot of people, So I 569 00:31:21,920 --> 00:31:24,960 Speaker 1: always just call them black hat thiefs. Yeah. Now that's 570 00:31:24,960 --> 00:31:27,800 Speaker 1: a great way of putting it, because, Uh, typically you'll 571 00:31:27,800 --> 00:31:31,040 Speaker 1: see things like, um, uh, the idea of infiltrating a 572 00:31:31,080 --> 00:31:33,680 Speaker 1: system in order to steal information, perhaps to sell it 573 00:31:33,720 --> 00:31:36,880 Speaker 1: to someone else, or to hold it against the party 574 00:31:36,920 --> 00:31:39,960 Speaker 1: that you've stolen it from. Um, you know, so it 575 00:31:40,040 --> 00:31:45,680 Speaker 1: might be extortion as opposed to h to stealing and selling. Uh. Also, 576 00:31:45,720 --> 00:31:47,960 Speaker 1: we should go ahead and point out something else that 577 00:31:48,000 --> 00:31:51,200 Speaker 1: I'll talk about in a future episode, but I've mentioned 578 00:31:51,200 --> 00:31:54,480 Speaker 1: it in previous ones too. Um. Hackers don't necessarily just 579 00:31:54,600 --> 00:31:57,719 Speaker 1: sit at a keyboard and type in strings of letters 580 00:31:57,720 --> 00:32:00,120 Speaker 1: and numbers. They also do a lot of social engineering 581 00:32:00,160 --> 00:32:02,840 Speaker 1: where or they can do a lot of social engineering 582 00:32:02,840 --> 00:32:05,960 Speaker 1: where they attempt to gain access to systems, either by 583 00:32:06,000 --> 00:32:10,080 Speaker 1: physically gaining access to a system, which makes it way 584 00:32:10,120 --> 00:32:14,400 Speaker 1: easier than remotely doing it, or even easier than that 585 00:32:14,480 --> 00:32:16,960 Speaker 1: manipulating someone who does have access to a system, and 586 00:32:17,000 --> 00:32:19,920 Speaker 1: then you get it that way. Um, And it's surprisingly 587 00:32:20,000 --> 00:32:24,680 Speaker 1: easy to do if employees have not been educated on 588 00:32:24,960 --> 00:32:27,880 Speaker 1: how to spot that and avoid it. Yeah, properly training 589 00:32:27,880 --> 00:32:30,720 Speaker 1: your your your employees at your place of work is 590 00:32:30,760 --> 00:32:33,880 Speaker 1: really important when it comes to social engineering. And it 591 00:32:34,040 --> 00:32:37,880 Speaker 1: is incredibly easy to do social engineering, especially when you're 592 00:32:38,040 --> 00:32:41,600 Speaker 1: a female, I would imagine. So it turns out also 593 00:32:42,080 --> 00:32:45,280 Speaker 1: if you are dressed as the stereotypical I T. Guy 594 00:32:45,440 --> 00:32:49,400 Speaker 1: and you are there to quote unquote upgrade someone's machine, 595 00:32:50,120 --> 00:32:52,920 Speaker 1: really easy to get access to that machine. People are 596 00:32:53,360 --> 00:32:58,600 Speaker 1: so eager. Yeah. Yeah. And obviously, like social engineering completely 597 00:32:58,640 --> 00:33:03,800 Speaker 1: depends upon identifying and then exploiting a person's vulnerability and 598 00:33:04,040 --> 00:33:08,240 Speaker 1: typically speaking like greed lust, those are two big ones 599 00:33:08,520 --> 00:33:12,440 Speaker 1: that are exploitable and that the people who are really 600 00:33:12,440 --> 00:33:15,080 Speaker 1: good at social engineering know that, and they're very good 601 00:33:15,120 --> 00:33:18,480 Speaker 1: at that leveraging that. Just as knowing what sort of 602 00:33:18,880 --> 00:33:23,320 Speaker 1: vulnerabilities typically show up within code, within within programs, you 603 00:33:23,360 --> 00:33:27,240 Speaker 1: need to know what vulnerabilities show up in people. Um. 604 00:33:27,280 --> 00:33:29,080 Speaker 1: And I also I had a little thing on here 605 00:33:29,080 --> 00:33:31,800 Speaker 1: about botan net masters. Really what in this I was 606 00:33:31,800 --> 00:33:33,920 Speaker 1: thinking about the people who are using malware to get 607 00:33:33,920 --> 00:33:36,400 Speaker 1: that back door access to machines, to get uh, to 608 00:33:36,520 --> 00:33:41,400 Speaker 1: get that administrative control over a wide array. Sometimes we 609 00:33:41,440 --> 00:33:43,000 Speaker 1: call it a botan net. Sometimes we call it a 610 00:33:43,080 --> 00:33:47,600 Speaker 1: zombie army of of user computers and then utilizing that 611 00:33:47,640 --> 00:33:52,040 Speaker 1: to do stuff like uh uh distributed denial of service 612 00:33:52,080 --> 00:33:56,520 Speaker 1: attacks or de DOS attacks, where you are uh directing 613 00:33:56,880 --> 00:34:01,720 Speaker 1: an army essentially to coordinate an attack against an identified target. 614 00:34:02,560 --> 00:34:05,960 Speaker 1: Sometimes this is done just to cause problems. I mean, 615 00:34:05,960 --> 00:34:09,480 Speaker 1: obviously if you've ever had issues logging into like a 616 00:34:09,600 --> 00:34:13,960 Speaker 1: gaming network. Xbox Live has had this happen, PlayStation has 617 00:34:13,960 --> 00:34:18,000 Speaker 1: had this happen where people who are disenchanted with the 618 00:34:18,040 --> 00:34:20,479 Speaker 1: service for one reason or another, or they just want 619 00:34:20,560 --> 00:34:25,400 Speaker 1: to do it for the lulls. Uh. Specifically around holiday times, 620 00:34:25,440 --> 00:34:28,480 Speaker 1: that's a big that's a big target time to attack 621 00:34:28,560 --> 00:34:31,640 Speaker 1: something like Xbox Live. They'll direct a ton of traffic 622 00:34:31,719 --> 00:34:35,360 Speaker 1: to break down servers, so servers can't respond to legitimate 623 00:34:35,360 --> 00:34:37,680 Speaker 1: traffic because they're too busy responding to a bunch of 624 00:34:37,719 --> 00:34:42,000 Speaker 1: fake traffic. Essentially, I'm oversimplifying, but this is a basic 625 00:34:42,040 --> 00:34:44,400 Speaker 1: DETOS attack. It is. It's such a mean thing to 626 00:34:44,440 --> 00:34:46,799 Speaker 1: do to those little kids during Christmas time. Just turn 627 00:34:46,840 --> 00:34:49,239 Speaker 1: off their xboxes so that they can log in and 628 00:34:49,239 --> 00:34:51,560 Speaker 1: they can't play their games, so they just go on. 629 00:34:51,880 --> 00:34:55,319 Speaker 1: Yeah yeah, I think, break my heart. Gosh, it's it's 630 00:34:55,320 --> 00:34:57,640 Speaker 1: a jerk move. It's a jerk move, don't do it. 631 00:34:58,000 --> 00:35:02,600 Speaker 1: I love the definition, or I love the term zombie 632 00:35:03,040 --> 00:35:05,600 Speaker 1: for botton nets, because that's exactly what it is. Where 633 00:35:05,600 --> 00:35:08,680 Speaker 1: you have a you have a zero, a patient zero, 634 00:35:08,880 --> 00:35:11,520 Speaker 1: and that would be the first computer. They end up 635 00:35:11,560 --> 00:35:14,520 Speaker 1: biting a few more computers, and those ones end up 636 00:35:14,520 --> 00:35:18,360 Speaker 1: getting infected with the same exact infection that patient zero had, 637 00:35:18,600 --> 00:35:21,759 Speaker 1: and then those ones end up biting ten each, So 638 00:35:21,800 --> 00:35:24,680 Speaker 1: you end up with thousands upon thousands of these computers 639 00:35:24,680 --> 00:35:27,799 Speaker 1: that each have the same exact infection, and they all 640 00:35:27,920 --> 00:35:32,000 Speaker 1: end up perpetrating the same exact vulnerability on whatever their 641 00:35:32,000 --> 00:35:36,279 Speaker 1: target might be. Yeah, and then ultimately you end up 642 00:35:36,320 --> 00:35:38,920 Speaker 1: with a situation where Nagan is standing there with a 643 00:35:38,960 --> 00:35:41,279 Speaker 1: baseball bat and you don't know whose head he's gonna 644 00:35:41,360 --> 00:35:45,959 Speaker 1: cave in. I might have taken that metaphor a little 645 00:35:45,960 --> 00:35:49,280 Speaker 1: too far. But one of the things that boughton net 646 00:35:49,480 --> 00:35:52,080 Speaker 1: controllers might do, and in fact, this has happened on 647 00:35:52,160 --> 00:35:55,680 Speaker 1: multiple occasions, it's similar to ransomware, is they'll send a 648 00:35:55,680 --> 00:36:00,279 Speaker 1: message to an identified target and say, hey, we we 649 00:36:00,360 --> 00:36:03,040 Speaker 1: got your number. We're gonna come after you unless you 650 00:36:03,080 --> 00:36:06,040 Speaker 1: pay us a certain amount of money. Um, we will 651 00:36:06,200 --> 00:36:10,799 Speaker 1: unleash the dogs of war on your servers, and you 652 00:36:10,840 --> 00:36:13,640 Speaker 1: will be unable to do business. And there have been 653 00:36:13,680 --> 00:36:16,800 Speaker 1: cases where businesses have folded to this kind of pressure, 654 00:36:16,840 --> 00:36:22,520 Speaker 1: where they have in fact paid to do this because hospital. Yes, 655 00:36:22,920 --> 00:36:26,560 Speaker 1: yes it was. Yeah. I've seen a few cases of 656 00:36:26,640 --> 00:36:34,640 Speaker 1: particularly malicious and odious acts against things like hospitals. There 657 00:36:34,719 --> 00:36:38,800 Speaker 1: was one year when I was participating in a charity 658 00:36:38,880 --> 00:36:42,640 Speaker 1: for children's hospitals and the charity was targeted in the 659 00:36:42,640 --> 00:36:47,319 Speaker 1: middle of the event and for about three hours they 660 00:36:47,320 --> 00:36:51,359 Speaker 1: were offline trying to deal with that. Um, yeah, it's 661 00:36:51,560 --> 00:36:53,520 Speaker 1: and in that case, it wasn't a it wasn't an 662 00:36:53,520 --> 00:36:56,359 Speaker 1: attack in an effort to get money. I don't think. 663 00:36:56,400 --> 00:36:58,880 Speaker 1: I think it was just someone being truly an awful 664 00:36:59,040 --> 00:37:02,120 Speaker 1: human being. Uh. But we have seen cases of people 665 00:37:02,200 --> 00:37:04,799 Speaker 1: trying to do this in order to extort money. So 666 00:37:04,960 --> 00:37:09,880 Speaker 1: you're probably noticing some trends here extortion, stealing, uh, you know, 667 00:37:09,960 --> 00:37:14,239 Speaker 1: holding things for ransom, this idea of making sure that 668 00:37:14,239 --> 00:37:18,279 Speaker 1: that people are spending money for out of fear or 669 00:37:18,360 --> 00:37:20,839 Speaker 1: out of a need to get back uh, and and 670 00:37:20,920 --> 00:37:25,359 Speaker 1: have access to something that belongs to them. These are 671 00:37:25,400 --> 00:37:29,880 Speaker 1: all terrible, terrible motivations to make money and as such 672 00:37:30,000 --> 00:37:32,760 Speaker 1: as such terrible motivations. You might think, well, wait a minute, 673 00:37:32,800 --> 00:37:34,960 Speaker 1: how are they actually like, how are they getting paid? 674 00:37:35,080 --> 00:37:38,799 Speaker 1: How is this money transfer happening? Because you would think 675 00:37:39,440 --> 00:37:44,799 Speaker 1: anything that would be traceable would end up being somewhat problematic. 676 00:37:44,840 --> 00:37:46,879 Speaker 1: You've got a trail that leads back to you as 677 00:37:46,880 --> 00:37:50,800 Speaker 1: a person, then pretty soon law enforcement's going to get involved, 678 00:37:51,000 --> 00:37:54,560 Speaker 1: or at least the I R S. So, so, how 679 00:37:54,800 --> 00:37:59,319 Speaker 1: Shannon do hackers? How do they get the money? So 680 00:37:59,360 --> 00:38:02,040 Speaker 1: there's probably some ways that I don't even know about yet, 681 00:38:02,360 --> 00:38:04,920 Speaker 1: but the ones that I can think of would be 682 00:38:05,400 --> 00:38:08,319 Speaker 1: trading of high value data. So that's a pretty big 683 00:38:08,360 --> 00:38:11,200 Speaker 1: one where uh say a hacker collects a whole bunch 684 00:38:11,239 --> 00:38:14,640 Speaker 1: of really really high value data like your SOLL security number, 685 00:38:14,760 --> 00:38:18,879 Speaker 1: your credit card accounts, your banking account, tons of information, 686 00:38:19,320 --> 00:38:21,080 Speaker 1: and they decided to go on to a deep web 687 00:38:21,080 --> 00:38:24,520 Speaker 1: forum sell it, and then or trade it for something 688 00:38:24,520 --> 00:38:28,000 Speaker 1: else of high value, for example, a gift card. They 689 00:38:28,040 --> 00:38:30,360 Speaker 1: could ask for people to give them a ton of 690 00:38:30,400 --> 00:38:32,920 Speaker 1: gift cards that are, like you, twenty five or fifty 691 00:38:32,960 --> 00:38:36,719 Speaker 1: dollars each, and then use those gift cards at a 692 00:38:36,800 --> 00:38:40,560 Speaker 1: retailer who is easily vulnerable to some kind of gift 693 00:38:40,560 --> 00:38:43,080 Speaker 1: card scam, and in that sense they would be able 694 00:38:43,120 --> 00:38:45,399 Speaker 1: to make some kind of money back through those gift 695 00:38:45,400 --> 00:38:48,480 Speaker 1: cards and that trade of that high value uh data 696 00:38:48,600 --> 00:38:52,680 Speaker 1: that they stole from whoever it might be, whatever company. 697 00:38:52,719 --> 00:38:55,839 Speaker 1: Another way would be bitcoins. Now that's probably the most 698 00:38:55,840 --> 00:38:58,919 Speaker 1: obvious one, of course, because bitcoins are very very hard 699 00:38:58,960 --> 00:39:02,480 Speaker 1: to track. Yes, they are traceable in some circumstances, depending 700 00:39:02,520 --> 00:39:05,080 Speaker 1: on what kind of wallet you use, but in a 701 00:39:05,120 --> 00:39:09,120 Speaker 1: lot of circumstances, the bitcoins will trade wallets so many 702 00:39:09,160 --> 00:39:11,799 Speaker 1: times that it will be somewhat impossible to find out 703 00:39:11,840 --> 00:39:14,680 Speaker 1: where it actually came from, where it actually started. Yeah, 704 00:39:14,719 --> 00:39:17,960 Speaker 1: it's kind of interesting because every single bitcoin contains with 705 00:39:18,040 --> 00:39:20,480 Speaker 1: it a record of every transaction. But that does not 706 00:39:20,680 --> 00:39:24,640 Speaker 1: mean that the parties involved are actually identifiable. Yeah, it 707 00:39:24,680 --> 00:39:27,799 Speaker 1: really is. Um it's it's actually data that's used in 708 00:39:27,920 --> 00:39:31,160 Speaker 1: order to allow for the mining of further bitcoins. It's 709 00:39:31,160 --> 00:39:34,480 Speaker 1: a really fascinating process. But but one of the things 710 00:39:34,480 --> 00:39:37,319 Speaker 1: that attracts people to bitcoins is this idea of being 711 00:39:37,320 --> 00:39:43,200 Speaker 1: able to spend them anonymously and be able to purchase things, uh, 712 00:39:43,440 --> 00:39:47,040 Speaker 1: whether legal or illegal, without it being traced back to 713 00:39:47,120 --> 00:39:49,960 Speaker 1: that person you often will hear about things like, you know, 714 00:39:50,000 --> 00:39:53,400 Speaker 1: the old Silk Road, where you could purchase all sources 715 00:39:53,400 --> 00:39:58,160 Speaker 1: of stuff, including illegal drugs or other materials, sometimes weapons, 716 00:39:58,560 --> 00:40:00,680 Speaker 1: that kind of stuff, um, and you could do it 717 00:40:00,719 --> 00:40:04,080 Speaker 1: through bitcoins, and people felt a high level of confidence 718 00:40:04,080 --> 00:40:08,359 Speaker 1: because it was not a state backed currency. It was 719 00:40:08,480 --> 00:40:13,360 Speaker 1: this independent cryptocurrency that allowed them that that freedom and 720 00:40:13,480 --> 00:40:17,680 Speaker 1: had real value because people want the bitcoins. If no 721 00:40:17,719 --> 00:40:21,480 Speaker 1: one wanted the bitcoins, they wouldn't be worth anything, right, 722 00:40:21,600 --> 00:40:25,040 Speaker 1: And bitcoins have actually been pretty steady last time I checked, 723 00:40:25,120 --> 00:40:29,960 Speaker 1: so their value has been pretty decent in late days, 724 00:40:30,080 --> 00:40:34,000 Speaker 1: in recent days, So I completely understand why hacker would 725 00:40:34,000 --> 00:40:37,680 Speaker 1: want to be paid in bitcoins. It makes sense. Yeah. Yeah. 726 00:40:37,760 --> 00:40:40,759 Speaker 1: There's also the old, the old deal of putting the 727 00:40:40,800 --> 00:40:43,520 Speaker 1: money into the the washing machine. Right, that's how money 728 00:40:43,560 --> 00:40:47,160 Speaker 1: laundering works, right, Yes, money laundering. So that was something 729 00:40:47,200 --> 00:40:48,960 Speaker 1: that I learned about way back in the day when 730 00:40:48,960 --> 00:40:51,319 Speaker 1: I worked at a bank of all places, which also 731 00:40:51,360 --> 00:40:54,520 Speaker 1: got me really interested in security before I started podcasting. 732 00:40:54,960 --> 00:40:57,560 Speaker 1: But money laundering, it's very easy for somebody to go 733 00:40:57,600 --> 00:41:00,680 Speaker 1: online be able to sell this high value d to 734 00:41:00,840 --> 00:41:04,000 Speaker 1: get some bitcoins, or it might be some other form 735 00:41:04,080 --> 00:41:09,400 Speaker 1: of currency and then be able to resell that money 736 00:41:09,520 --> 00:41:12,400 Speaker 1: or be able to trade a product to get real money, 737 00:41:12,440 --> 00:41:15,319 Speaker 1: real cash at one point or another. But basically it's 738 00:41:15,400 --> 00:41:20,560 Speaker 1: it's um exchanging the hands that hold that money so 739 00:41:20,600 --> 00:41:23,920 Speaker 1: many times that again it's very hard to trace. Yeah, 740 00:41:24,040 --> 00:41:26,960 Speaker 1: and it's it's hard to determine that the the original 741 00:41:27,040 --> 00:41:31,239 Speaker 1: source of that money was anything remotely illegal. And then 742 00:41:31,520 --> 00:41:34,480 Speaker 1: depending on again, if you're if you're a state sponsored hacker, 743 00:41:34,480 --> 00:41:38,439 Speaker 1: you're probably just drawing a salary or doing contract work. 744 00:41:38,560 --> 00:41:45,239 Speaker 1: So you're actually getting paid a check. Yeah, Yeah, you 745 00:41:45,560 --> 00:41:48,920 Speaker 1: got money withdrawn from your paycheck to handle to support 746 00:41:48,960 --> 00:41:52,560 Speaker 1: the government while you are subverting other governments. And then 747 00:41:52,600 --> 00:41:55,319 Speaker 1: it looks completely legitimate. So that's a really easy way 748 00:41:55,320 --> 00:42:01,200 Speaker 1: for somebody to do something that might be very very bad. Yeah, 749 00:42:01,719 --> 00:42:04,200 Speaker 1: because they are they do have to pay the I 750 00:42:04,360 --> 00:42:06,520 Speaker 1: R S, they do get a tax refund every year, 751 00:42:06,560 --> 00:42:09,440 Speaker 1: they do have an employer, so it looks completely normal 752 00:42:09,880 --> 00:42:13,200 Speaker 1: for them to be receiving a paycheck for whatever work 753 00:42:13,280 --> 00:42:18,279 Speaker 1: this might be. Yeah. So the nice thing is there 754 00:42:18,320 --> 00:42:22,560 Speaker 1: aren't just quote unquote bad guys out there doing all 755 00:42:22,560 --> 00:42:25,880 Speaker 1: this kind of of work with computers, with a hacking, 756 00:42:26,040 --> 00:42:29,640 Speaker 1: with discovering vulnerabilities. There are plenty of people, as as 757 00:42:29,680 --> 00:42:32,520 Speaker 1: you mentioned earlier, Shannon, who are doing this in order 758 00:42:32,560 --> 00:42:37,279 Speaker 1: to help others, either to make systems more secure or 759 00:42:37,320 --> 00:42:41,040 Speaker 1: to inform people of how these kind of attacks happen 760 00:42:41,120 --> 00:42:43,920 Speaker 1: so that they can be better prepared to defend themselves. 761 00:42:44,200 --> 00:42:46,720 Speaker 1: So let's talk about some of them. Uh. Of course, 762 00:42:47,080 --> 00:42:50,120 Speaker 1: if you have black hat hackers, right, you got the 763 00:42:50,160 --> 00:42:54,560 Speaker 1: bad guys, you gotta have, you gotta hat white hack hackers. 764 00:42:55,520 --> 00:43:00,320 Speaker 1: These are the These are the the noble bounty hunter 765 00:43:00,800 --> 00:43:04,240 Speaker 1: characters of those westerns, the ones who you know they've 766 00:43:04,280 --> 00:43:09,799 Speaker 1: seen things, but deep down they have a heart of gold. Well, 767 00:43:09,840 --> 00:43:12,600 Speaker 1: not all of them, but a lot of a lot 768 00:43:12,640 --> 00:43:16,719 Speaker 1: of my friends are considered white hat hackers. They're the 769 00:43:16,760 --> 00:43:21,800 Speaker 1: people who either they work for a company that specializes insecurity. 770 00:43:22,000 --> 00:43:24,640 Speaker 1: So a lot of my friends work for these companies 771 00:43:24,680 --> 00:43:28,680 Speaker 1: who will be contracted with big brands, go into their 772 00:43:28,719 --> 00:43:31,640 Speaker 1: networks and then find out what the vulnerabilities are and 773 00:43:31,760 --> 00:43:33,920 Speaker 1: fix them, or they will give them a report and 774 00:43:33,960 --> 00:43:35,960 Speaker 1: tell them how to fix that fix it in the future. 775 00:43:36,560 --> 00:43:38,640 Speaker 1: They make a lot of money. A lot of them 776 00:43:38,680 --> 00:43:43,400 Speaker 1: don't like it because they have specific amounts of vulnerabilities 777 00:43:43,480 --> 00:43:45,959 Speaker 1: or specific time frame set that they have to get 778 00:43:46,000 --> 00:43:48,640 Speaker 1: this work done, and a lot of times, hacking takes 779 00:43:48,640 --> 00:43:52,720 Speaker 1: a lot of time. It takes a lot of information reconnaissance. 780 00:43:53,239 --> 00:43:56,399 Speaker 1: So a lot of my friends don't necessarily appreciate having 781 00:43:56,440 --> 00:43:58,960 Speaker 1: to be under these time constraints with these big brands, 782 00:43:59,280 --> 00:44:02,040 Speaker 1: well particular Relea, since you figure the bad guys aren't 783 00:44:02,080 --> 00:44:05,839 Speaker 1: under any particular time constraints exactly. So the bad guys 784 00:44:05,880 --> 00:44:08,799 Speaker 1: have tons of time to find these vulnerabilities, while the 785 00:44:08,800 --> 00:44:11,239 Speaker 1: white hacks are under the stress of these time constraints 786 00:44:11,360 --> 00:44:12,880 Speaker 1: to get the work done so that they make their 787 00:44:12,880 --> 00:44:16,520 Speaker 1: bosses happy. In this sense, a lot of my a 788 00:44:16,520 --> 00:44:18,399 Speaker 1: lot of people that I know, have created their own 789 00:44:18,440 --> 00:44:22,480 Speaker 1: security companies because of this fault in the generic nature 790 00:44:22,680 --> 00:44:25,920 Speaker 1: of having these security companies. So they said, you know, 791 00:44:25,960 --> 00:44:29,040 Speaker 1: I'm tired of having to deal with these constraints that 792 00:44:29,080 --> 00:44:31,480 Speaker 1: my boss has given me. Just gonna open my own 793 00:44:31,520 --> 00:44:33,680 Speaker 1: security company, and we're going to do it even better 794 00:44:33,760 --> 00:44:36,200 Speaker 1: because we won't give ourselves those time constraints. Will give 795 00:44:36,280 --> 00:44:39,719 Speaker 1: us ourselves several months to find all the vulnerabilities that 796 00:44:39,760 --> 00:44:42,400 Speaker 1: we absolutely can and then we'll write a report and 797 00:44:42,440 --> 00:44:44,840 Speaker 1: we'll fix it. And uh, those are the ones that 798 00:44:44,960 --> 00:44:47,560 Speaker 1: I would definitely work with if I had to hire 799 00:44:47,560 --> 00:44:50,799 Speaker 1: a security company. Yeah, because they're the ones who are 800 00:44:50,800 --> 00:44:54,719 Speaker 1: going to use the exact same kind of methodologies that 801 00:44:54,880 --> 00:44:57,200 Speaker 1: bad guys are going to use. And if if you 802 00:44:57,280 --> 00:45:00,799 Speaker 1: want to really be secure, you want the people to 803 00:45:00,880 --> 00:45:04,120 Speaker 1: throw everything they can at your system so that you 804 00:45:04,160 --> 00:45:06,839 Speaker 1: can find out are you actually secure? If you're not, 805 00:45:06,960 --> 00:45:09,480 Speaker 1: what do you need to do to address it? Um. 806 00:45:09,560 --> 00:45:12,120 Speaker 1: If you want to see a movie that that does 807 00:45:12,200 --> 00:45:16,360 Speaker 1: a very fantasy version of this very idea, there's a 808 00:45:17,400 --> 00:45:22,040 Speaker 1: film that I always think back to, Sneakers had Robert 809 00:45:22,040 --> 00:45:24,759 Speaker 1: Redford and dan Ackroyd, who plays a character named mother 810 00:45:26,080 --> 00:45:29,319 Speaker 1: Ben Kingsley is in it Um. A ton of folks. 811 00:45:29,440 --> 00:45:33,080 Speaker 1: River Phoenix was in it Um, and it's a It's 812 00:45:33,080 --> 00:45:37,160 Speaker 1: a movie about a group of kind of almost like 813 00:45:37,200 --> 00:45:40,719 Speaker 1: outcasts who have grouped together to form a company that 814 00:45:40,840 --> 00:45:44,520 Speaker 1: they specifically do this. They try to infiltrate a company 815 00:45:44,560 --> 00:45:49,239 Speaker 1: in order to test its security, not to exploit it, 816 00:45:49,320 --> 00:45:52,759 Speaker 1: but rather to tell the company, hey, here's how we 817 00:45:52,800 --> 00:45:54,880 Speaker 1: got in, here's how someone else could get in, So 818 00:45:55,120 --> 00:45:58,120 Speaker 1: you need to plug this vulnerability. That kind of thing um. 819 00:45:58,160 --> 00:46:00,200 Speaker 1: And then of course they get involved in all sorts 820 00:46:00,200 --> 00:46:03,960 Speaker 1: of shenanigans. And in case you are interested in the methodology, 821 00:46:04,000 --> 00:46:07,359 Speaker 1: I actually find it very very interesting how they get 822 00:46:07,360 --> 00:46:10,359 Speaker 1: their work done, because of course they have to go 823 00:46:10,480 --> 00:46:13,400 Speaker 1: through the tennis match of back and forth with a 824 00:46:13,440 --> 00:46:17,160 Speaker 1: brand name company, whatever it might be. So they'll have 825 00:46:17,200 --> 00:46:19,680 Speaker 1: to get a purchase order. They'll do a little bit 826 00:46:19,719 --> 00:46:22,480 Speaker 1: of negotiation for an amount that they'll do the work for, 827 00:46:22,719 --> 00:46:25,040 Speaker 1: and then they'll go in and they'll gather information on 828 00:46:25,080 --> 00:46:28,640 Speaker 1: the network and they'll capture traffic, and they'll try to 829 00:46:28,640 --> 00:46:31,360 Speaker 1: find any kind of vulnerabilities that are on that network, 830 00:46:31,960 --> 00:46:34,879 Speaker 1: even with the people too. For example, they could use 831 00:46:34,920 --> 00:46:39,200 Speaker 1: social engineering to get into the server rack uh physically, 832 00:46:39,560 --> 00:46:43,000 Speaker 1: or they could get into a network that doesn't necessarily 833 00:46:43,000 --> 00:46:45,760 Speaker 1: have a very good password on it. UH. They could 834 00:46:45,840 --> 00:46:49,160 Speaker 1: email clients that work there that are employed at the 835 00:46:49,160 --> 00:46:53,160 Speaker 1: brand name company with I don't know malware written PDFs 836 00:46:53,160 --> 00:46:56,560 Speaker 1: for example, and they could use wireless attacks. They could 837 00:46:56,560 --> 00:46:59,040 Speaker 1: do war driving from the parking lot if they wanted to. 838 00:46:59,640 --> 00:47:02,440 Speaker 1: And then what they'll do, it's right, a very very 839 00:47:02,480 --> 00:47:05,600 Speaker 1: long report so that the brand name company can see 840 00:47:05,680 --> 00:47:08,319 Speaker 1: exactly what happens on their network and exactly what they 841 00:47:08,320 --> 00:47:12,000 Speaker 1: were able to do. From from whatever back door they 842 00:47:12,000 --> 00:47:15,600 Speaker 1: were able to get into. It's really interesting how how 843 00:47:15,640 --> 00:47:19,360 Speaker 1: well they're able to put everything together in in turn 844 00:47:19,480 --> 00:47:22,239 Speaker 1: hopefully save this company in the long run thousands and 845 00:47:22,320 --> 00:47:25,040 Speaker 1: thousands of dollars. Yeah, yeah, I mean this is the 846 00:47:25,080 --> 00:47:28,759 Speaker 1: whole Security has always been a tick talk approach. Right. 847 00:47:28,760 --> 00:47:31,160 Speaker 1: You've got the tick, which is where someone has identified 848 00:47:31,239 --> 00:47:34,160 Speaker 1: a way of exploiting a system, and then the talk 849 00:47:34,400 --> 00:47:38,360 Speaker 1: is where you find a way to correct that that vulnerability. 850 00:47:38,600 --> 00:47:41,680 Speaker 1: The tick is the next time someone's found of vulnerability. Uh, 851 00:47:41,800 --> 00:47:45,080 Speaker 1: you're always going to have that, right unless someone somehow 852 00:47:45,480 --> 00:47:48,960 Speaker 1: designs the absolute perfect system, which as far as we 853 00:47:49,000 --> 00:47:53,200 Speaker 1: know is an impossibility. Yeah. That's yeah, because for one thing, 854 00:47:53,360 --> 00:47:55,759 Speaker 1: if people are involved, there's no such thing as a 855 00:47:55,760 --> 00:47:59,160 Speaker 1: perfect system. It's always a battle. And I love my 856 00:47:59,239 --> 00:48:03,600 Speaker 1: video games, so I love a battle. But it also 857 00:48:03,680 --> 00:48:06,880 Speaker 1: drives other other industries though, because we'll see things like 858 00:48:07,000 --> 00:48:11,239 Speaker 1: the artificial intelligence industry improve as a result of this 859 00:48:11,320 --> 00:48:15,560 Speaker 1: security battle between hackers and uh, the infosec experts who 860 00:48:15,600 --> 00:48:19,120 Speaker 1: are trying to make sure that their protecting systems. And 861 00:48:19,239 --> 00:48:21,239 Speaker 1: as a result, we're we're getting information that can be 862 00:48:21,280 --> 00:48:24,600 Speaker 1: used in other areas, which is phenomenal, Like I remember, 863 00:48:25,800 --> 00:48:28,879 Speaker 1: here's a simple one. It's it's as far as security goes. 864 00:48:28,920 --> 00:48:30,480 Speaker 1: This is as low level as it gets. But the 865 00:48:30,520 --> 00:48:35,640 Speaker 1: capture system. So when cap when capture was implemented, even 866 00:48:35,680 --> 00:48:38,000 Speaker 1: the people who were writing capture at the time, we're 867 00:48:38,080 --> 00:48:40,600 Speaker 1: not really thinking of it as being some sort of 868 00:48:40,640 --> 00:48:44,319 Speaker 1: full proof security system to make sure that bots don't 869 00:48:44,360 --> 00:48:48,120 Speaker 1: get into a system, right. They weren't thinking, oh, now 870 00:48:48,239 --> 00:48:50,759 Speaker 1: only human beings can get access. And if you don't 871 00:48:50,760 --> 00:48:53,240 Speaker 1: know what a capture is, anytime you get your filling 872 00:48:53,239 --> 00:48:55,440 Speaker 1: out a thing and you get a little picture of 873 00:48:55,480 --> 00:48:58,560 Speaker 1: something and it says, uh, tell, you know, write down 874 00:48:58,560 --> 00:49:00,640 Speaker 1: the word or numbers that are in the picture, or 875 00:49:00,680 --> 00:49:03,719 Speaker 1: even to a point of identify the pictures in this 876 00:49:03,840 --> 00:49:07,200 Speaker 1: sequence that have this particular feature, like identify all the 877 00:49:07,200 --> 00:49:09,719 Speaker 1: pictures that have a lake in it or something like that. 878 00:49:09,719 --> 00:49:13,359 Speaker 1: That's a simply that's simply a version of capture. Um. 879 00:49:13,440 --> 00:49:15,399 Speaker 1: The people who made it, they actually said, our goal 880 00:49:15,600 --> 00:49:18,480 Speaker 1: was really to help push artificial intelligence, because we created 881 00:49:18,520 --> 00:49:22,680 Speaker 1: a system where programmers or hackers had to start coming 882 00:49:22,760 --> 00:49:26,760 Speaker 1: up with uh, computer programs that could identify the same 883 00:49:26,800 --> 00:49:30,360 Speaker 1: things that we humans can identify, and in turn that 884 00:49:30,400 --> 00:49:35,040 Speaker 1: means now we've got software that pushes forward artificial intelligence. Now, granted, 885 00:49:35,080 --> 00:49:37,960 Speaker 1: that also means you have to improve the system you 886 00:49:38,000 --> 00:49:40,240 Speaker 1: had designed to keep bots out in the first place. 887 00:49:40,520 --> 00:49:42,840 Speaker 1: So again it goes to that TikTok. But there's an 888 00:49:42,920 --> 00:49:47,520 Speaker 1: added benefit beyond someone being able to to automatically access 889 00:49:47,560 --> 00:49:50,759 Speaker 1: systems and build you know, dozens and dozens of fake 890 00:49:50,800 --> 00:49:53,960 Speaker 1: profiles on Facebook or whatever it might be, whatever that 891 00:49:54,040 --> 00:49:57,279 Speaker 1: might be. Yeah, yeah, And and keep in mind, like 892 00:49:57,280 --> 00:49:59,920 Speaker 1: like we've been saying here, I mean, any any system, 893 00:50:00,200 --> 00:50:03,239 Speaker 1: security is only as strong as its weakest link. That 894 00:50:03,280 --> 00:50:07,919 Speaker 1: weak is pretty much always people. That's the big one, right. 895 00:50:07,960 --> 00:50:11,200 Speaker 1: But I mean I've I've read stories about hacker gaining 896 00:50:11,239 --> 00:50:15,080 Speaker 1: access to a system because there was an overall security 897 00:50:15,080 --> 00:50:18,759 Speaker 1: system that was really robust for the main company, but 898 00:50:18,800 --> 00:50:21,560 Speaker 1: then they had a little branch office and the branch 899 00:50:21,600 --> 00:50:24,640 Speaker 1: office didn't have that crazy amount of security but was 900 00:50:24,719 --> 00:50:27,840 Speaker 1: still on the same network. I think I read about 901 00:50:27,880 --> 00:50:30,480 Speaker 1: that story too, So I mean, these are these are 902 00:50:30,520 --> 00:50:33,560 Speaker 1: things like if you identify a potential point of weakness 903 00:50:34,200 --> 00:50:37,520 Speaker 1: that's now suddenly the you know, it's it's like a 904 00:50:37,760 --> 00:50:40,600 Speaker 1: bank vault. If the bank vault has an enormous door 905 00:50:40,640 --> 00:50:43,560 Speaker 1: with huge locks on it that you have to get through. Oh, 906 00:50:43,600 --> 00:50:46,120 Speaker 1: but it also has a backdoor. Just for convenience sake, 907 00:50:46,360 --> 00:50:50,160 Speaker 1: you're gonna aim for the back door. So, but there 908 00:50:50,160 --> 00:50:53,440 Speaker 1: are other ways that that hackers can can make a 909 00:50:53,560 --> 00:50:57,360 Speaker 1: legitimate living that don't even involve testing security systems. It 910 00:50:57,440 --> 00:51:02,200 Speaker 1: might involve education. Yeah, absolutely so education is I guess 911 00:51:02,239 --> 00:51:04,920 Speaker 1: what you would say, I fall into that kind of category. 912 00:51:05,280 --> 00:51:07,840 Speaker 1: And while I I don't necessarily like to call myself 913 00:51:07,840 --> 00:51:10,279 Speaker 1: a hacker because I know so many experts in the 914 00:51:10,320 --> 00:51:13,040 Speaker 1: field who are much more knowledgeable than I am. I'm 915 00:51:13,440 --> 00:51:17,920 Speaker 1: quite a intermediate, I would say, but I love to 916 00:51:17,960 --> 00:51:21,040 Speaker 1: teach and I love to give tutorials online, so I 917 00:51:21,120 --> 00:51:24,239 Speaker 1: give tutorials on YouTube. But I also know a lot 918 00:51:24,239 --> 00:51:28,240 Speaker 1: of people who have either written books about hacking UH, 919 00:51:28,280 --> 00:51:31,960 Speaker 1: and they could do either specifics about penetration testing or 920 00:51:32,000 --> 00:51:35,120 Speaker 1: they get to make it a very very wide based 921 00:51:35,160 --> 00:51:37,600 Speaker 1: book where they explain everything that you would have to 922 00:51:37,640 --> 00:51:40,239 Speaker 1: do as a penetration tester. And a penetration tester is 923 00:51:40,280 --> 00:51:42,440 Speaker 1: basically one of those guys that would go into a 924 00:51:42,480 --> 00:51:45,799 Speaker 1: company and UH find all the vulnerabilities and report on it. 925 00:51:46,600 --> 00:51:51,520 Speaker 1: You would also have companies that administer certifications. So a 926 00:51:51,600 --> 00:51:54,480 Speaker 1: lot of I'm sure a lot of your your UM 927 00:51:54,600 --> 00:51:57,759 Speaker 1: listeners probably know that you have to get certifications to 928 00:51:57,840 --> 00:52:00,880 Speaker 1: get a lot of uh A, to get into a 929 00:52:00,880 --> 00:52:04,160 Speaker 1: lot of the fields with computer security and even just 930 00:52:04,400 --> 00:52:07,680 Speaker 1: you know, computer networking too. There's a lot of searts 931 00:52:07,719 --> 00:52:09,960 Speaker 1: for those and they're very, very expensive. So a lot 932 00:52:09,960 --> 00:52:14,040 Speaker 1: of companies just administer their certifications or they'll will have 933 00:52:14,160 --> 00:52:16,520 Speaker 1: you take classes for a period of time until you 934 00:52:16,560 --> 00:52:19,640 Speaker 1: actually take the test and get certified. But that ends 935 00:52:19,719 --> 00:52:21,160 Speaker 1: up being a really good thing to put on your 936 00:52:21,200 --> 00:52:24,520 Speaker 1: resume for a lot of companies whenever you do intend 937 00:52:24,520 --> 00:52:29,160 Speaker 1: to get a job in network security. And then lastly, 938 00:52:29,200 --> 00:52:32,759 Speaker 1: we have the publishers. So that's the YouTubers, the that's 939 00:52:32,800 --> 00:52:36,200 Speaker 1: the people that make podcast That's the people that UM 940 00:52:36,480 --> 00:52:40,840 Speaker 1: might be creating other forms of entertainment that not only 941 00:52:41,320 --> 00:52:44,680 Speaker 1: educate but also entertain their users and their listeners so 942 00:52:44,719 --> 00:52:49,080 Speaker 1: that they get excited about being a part of information security. 943 00:52:49,560 --> 00:52:51,440 Speaker 1: Uh And that's what I like to do. I like 944 00:52:51,520 --> 00:52:54,200 Speaker 1: to teach people in a way that makes it exciting. 945 00:52:54,280 --> 00:52:56,160 Speaker 1: So I do a lot of hands on stuff. I 946 00:52:56,160 --> 00:52:58,600 Speaker 1: I make, I make jokes, and I explain things in 947 00:52:58,600 --> 00:53:02,400 Speaker 1: a very natural light, and it helps, it helps again 948 00:53:03,880 --> 00:53:07,600 Speaker 1: foster that desire to learn how things work. Right. That 949 00:53:07,719 --> 00:53:11,040 Speaker 1: does so again that that same fascination, Like if you 950 00:53:11,040 --> 00:53:13,640 Speaker 1: were ever a kid that took apart a watch or 951 00:53:13,680 --> 00:53:16,719 Speaker 1: a radio or some other piece of equipment, because you 952 00:53:16,760 --> 00:53:19,839 Speaker 1: really want to know what's the magic that makes this 953 00:53:19,920 --> 00:53:24,279 Speaker 1: thing do what it does? Uh, hackers have that. I mean, 954 00:53:24,320 --> 00:53:27,680 Speaker 1: that's the that's that's the defining quality in my mind 955 00:53:27,719 --> 00:53:31,200 Speaker 1: of a hacker is ultimately it's someone who is fascinated 956 00:53:31,239 --> 00:53:34,840 Speaker 1: with the way something works. Uh. We've largely been focusing 957 00:53:34,880 --> 00:53:38,720 Speaker 1: on software, but that is just as legitimate as any 958 00:53:38,719 --> 00:53:42,200 Speaker 1: hardware hack. It's the idea of how does this It 959 00:53:42,280 --> 00:53:43,920 Speaker 1: might not even just be the software, might be a 960 00:53:43,960 --> 00:53:47,080 Speaker 1: full system, like how does this system work? What are 961 00:53:47,080 --> 00:53:50,560 Speaker 1: all the interlocking parts? How do they communicate with each other? 962 00:53:51,520 --> 00:53:53,560 Speaker 1: I just had a random memory from when I was 963 00:53:54,200 --> 00:53:56,960 Speaker 1: younger and in school. I took apart my first iPod 964 00:53:57,280 --> 00:53:58,960 Speaker 1: because I had no clue how it worked, and I 965 00:53:59,000 --> 00:54:01,839 Speaker 1: was very curious about what what the interior of it was. 966 00:54:02,440 --> 00:54:04,800 Speaker 1: So I just I took it apart. I could have 967 00:54:04,840 --> 00:54:07,799 Speaker 1: put it back together, So I was not hacker in 968 00:54:07,840 --> 00:54:12,400 Speaker 1: any sense. We um we for for an article I 969 00:54:12,440 --> 00:54:19,400 Speaker 1: was writing. We got a first edition launch day Nintendo 970 00:54:19,480 --> 00:54:22,480 Speaker 1: three D s and it was my job to disassemble 971 00:54:22,560 --> 00:54:25,960 Speaker 1: it and take photos of all the pieces. So first 972 00:54:25,960 --> 00:54:29,680 Speaker 1: I took a picture of it whole and shared it 973 00:54:29,760 --> 00:54:32,880 Speaker 1: online on Twitter and said look what I have, and 974 00:54:32,960 --> 00:54:35,799 Speaker 1: everyone got excited. And then by the end of it, 975 00:54:35,840 --> 00:54:38,879 Speaker 1: I had a little had a little black cauldron at 976 00:54:38,920 --> 00:54:41,480 Speaker 1: my desk that was left over from a Halloween thing, 977 00:54:41,920 --> 00:54:44,440 Speaker 1: and then I put all the different pieces because there 978 00:54:44,520 --> 00:54:46,359 Speaker 1: was no way this thing was going back together after 979 00:54:46,400 --> 00:54:49,040 Speaker 1: I took it apart. For one thing, Nintendo is pretty 980 00:54:49,040 --> 00:54:51,640 Speaker 1: careful about sealing stuff in such a way that it's 981 00:54:51,680 --> 00:54:54,600 Speaker 1: not meant to come amart so um, so you have 982 00:54:54,640 --> 00:54:56,480 Speaker 1: to hear. It was a little force in some cases 983 00:54:56,480 --> 00:54:58,520 Speaker 1: in order to get to stuff. And then I showed 984 00:54:58,520 --> 00:55:00,279 Speaker 1: a picture. I'm like, I'm like, look what I did 985 00:55:00,280 --> 00:55:05,320 Speaker 1: to the thing. I made the entire internet cry. Yeah, 986 00:55:05,520 --> 00:55:08,799 Speaker 1: although ultimately I think the three DS most people are like, 987 00:55:08,800 --> 00:55:12,560 Speaker 1: oh whatever, But at the time when it was brand new, 988 00:55:12,600 --> 00:55:15,440 Speaker 1: people were freaking out. And of course there's there's also 989 00:55:15,560 --> 00:55:18,200 Speaker 1: another role for for hackers out there. It may not 990 00:55:18,239 --> 00:55:21,680 Speaker 1: be a steady gig, but we are seeing more and 991 00:55:21,760 --> 00:55:26,279 Speaker 1: more of the Hollywood productions out there actually talk with 992 00:55:26,360 --> 00:55:29,520 Speaker 1: people in the industry so that the depictions that we're 993 00:55:29,520 --> 00:55:33,800 Speaker 1: getting are more accurately reflecting what really happens. Mr. Robot 994 00:55:33,920 --> 00:55:37,880 Speaker 1: is probably the example that immediately leaps to my mind, 995 00:55:38,400 --> 00:55:41,000 Speaker 1: and that it's it's a show that tries very hard 996 00:55:41,400 --> 00:55:44,840 Speaker 1: to take a more realistic approach to the world of hacking, 997 00:55:44,880 --> 00:55:48,360 Speaker 1: as opposed to um you type in three passwords, the 998 00:55:48,400 --> 00:55:51,279 Speaker 1: third one gets you in, and then you're navigating through 999 00:55:51,440 --> 00:55:54,600 Speaker 1: a vector graphics three D dungeon and you encounter a 1000 00:55:54,640 --> 00:55:58,360 Speaker 1: skull and cross bones. That's not how hacking works. It 1001 00:55:58,400 --> 00:56:01,560 Speaker 1: sounds like you were talking about hackers hacked the planet 1002 00:56:02,840 --> 00:56:06,120 Speaker 1: might have been. I should mention too, with education, just 1003 00:56:06,160 --> 00:56:08,399 Speaker 1: to bring it back a bit. Professors. I didn't leave 1004 00:56:08,440 --> 00:56:11,319 Speaker 1: you guys out. I'm sorry. I love you guys. You 1005 00:56:11,360 --> 00:56:13,160 Speaker 1: are the reason why I'm here now. If I didn't 1006 00:56:13,160 --> 00:56:16,000 Speaker 1: take my computer courses in college with my professors, I 1007 00:56:16,040 --> 00:56:18,839 Speaker 1: would not be doing what I'm doing now. So professors 1008 00:56:18,840 --> 00:56:20,919 Speaker 1: are like at the top of that education list because 1009 00:56:21,840 --> 00:56:23,880 Speaker 1: and you can take a lot of computer security courses 1010 00:56:23,920 --> 00:56:26,359 Speaker 1: in college and sometimes in high schools if you're lucky. 1011 00:56:26,920 --> 00:56:31,239 Speaker 1: But yeah, technical assistance. So technical assistance are people that 1012 00:56:31,320 --> 00:56:34,480 Speaker 1: will come on board with a Hollywood movie or a 1013 00:56:34,520 --> 00:56:37,520 Speaker 1: TV show or what have you, and they will explain 1014 00:56:37,600 --> 00:56:42,920 Speaker 1: to the network how the hacking actually happens. So I 1015 00:56:42,960 --> 00:56:47,160 Speaker 1: know a few uh they will They'll come to some 1016 00:56:47,200 --> 00:56:49,000 Speaker 1: of their hacker friends or they will be a hacker 1017 00:56:49,040 --> 00:56:52,480 Speaker 1: themselves and they will say, okay, uh in this season, 1018 00:56:52,680 --> 00:56:54,719 Speaker 1: I know that they want to do X, Y and 1019 00:56:54,800 --> 00:56:57,880 Speaker 1: Z on camera, and I need to make it look legitimate, 1020 00:56:58,000 --> 00:57:00,160 Speaker 1: so they will come up with the script. They will 1021 00:57:00,200 --> 00:57:03,200 Speaker 1: come up with the hack and the actual keyboard commands 1022 00:57:03,280 --> 00:57:07,160 Speaker 1: that the actor has to type in on camera so 1023 00:57:07,200 --> 00:57:10,799 Speaker 1: that they are actually doing legitimate hacks. So that way 1024 00:57:10,880 --> 00:57:14,480 Speaker 1: they're not only making it look cool for a wider 1025 00:57:14,560 --> 00:57:17,440 Speaker 1: audience because an audience is actually going to see how 1026 00:57:17,480 --> 00:57:20,640 Speaker 1: a hack works, but they're also getting that credibility with 1027 00:57:20,760 --> 00:57:24,600 Speaker 1: the info set community too. So Mr Robot is huge 1028 00:57:24,680 --> 00:57:28,000 Speaker 1: with the infoset community because it is legitimate. Like I've 1029 00:57:28,040 --> 00:57:30,400 Speaker 1: watched several of those episodes and I've seen a lot 1030 00:57:30,440 --> 00:57:32,560 Speaker 1: of the hacks that they do. They've even used some 1031 00:57:32,600 --> 00:57:35,800 Speaker 1: of our Hack five products on the show, and they're 1032 00:57:35,840 --> 00:57:38,880 Speaker 1: actually using legit hacks and it is so much fun 1033 00:57:38,960 --> 00:57:40,880 Speaker 1: to see it on TV and see them get so 1034 00:57:40,880 --> 00:57:43,600 Speaker 1: many good reviews from a wider consumer audience, because it 1035 00:57:43,640 --> 00:57:47,200 Speaker 1: makes me feel like many more people are getting interested 1036 00:57:47,240 --> 00:57:49,720 Speaker 1: in info sex because they see what's happening on camera 1037 00:57:49,800 --> 00:57:52,560 Speaker 1: and they see that this is actually how you do it. Yeah, 1038 00:57:52,560 --> 00:57:56,880 Speaker 1: it's nice to see it go beyond. Uh. The the 1039 00:57:56,960 --> 00:58:01,000 Speaker 1: niche that I would argue in po sak and hacking 1040 00:58:01,040 --> 00:58:05,200 Speaker 1: has largely inhabited for the past three decades, right, the 1041 00:58:05,240 --> 00:58:07,480 Speaker 1: people who have been interested. When it first started, it 1042 00:58:07,520 --> 00:58:13,760 Speaker 1: was essentially your hobbyists, and often those hobbyists were isolated individuals. Uh. 1043 00:58:13,800 --> 00:58:16,240 Speaker 1: You got to the phone freaking days where there was 1044 00:58:16,280 --> 00:58:20,080 Speaker 1: a little bit of a small subculture of people who 1045 00:58:20,080 --> 00:58:23,400 Speaker 1: were interested in hacking the telephone system using all sorts 1046 00:58:23,400 --> 00:58:27,560 Speaker 1: of stuff, including a whistle from Captain Crunch. Uh. You 1047 00:58:27,600 --> 00:58:30,480 Speaker 1: had you had the the early hack days where people 1048 00:58:30,480 --> 00:58:33,280 Speaker 1: were just trying to create interesting programs for their computers 1049 00:58:33,360 --> 00:58:35,480 Speaker 1: or to see how some of the programs that were 1050 00:58:35,480 --> 00:58:38,280 Speaker 1: coming out, how did those work? Um, But it was 1051 00:58:38,480 --> 00:58:43,080 Speaker 1: largely a tiny slice of the folks who were even 1052 00:58:43,120 --> 00:58:46,360 Speaker 1: aware of personal computers, and and even that group was 1053 00:58:46,400 --> 00:58:50,040 Speaker 1: still a tiny slice of the overall population. We're seeing 1054 00:58:50,080 --> 00:58:54,720 Speaker 1: that tiny slice grow over time, and largely because so 1055 00:58:54,760 --> 00:58:57,440 Speaker 1: many of us are so dependent upon computers these days 1056 00:58:57,520 --> 00:59:00,320 Speaker 1: that it benefits us to have an aware is to 1057 00:59:00,360 --> 00:59:03,840 Speaker 1: make sure that we remain safe, but also because of 1058 00:59:03,880 --> 00:59:08,520 Speaker 1: things like Mr Robot showing how this works and sparking 1059 00:59:08,520 --> 00:59:12,040 Speaker 1: the imagination of people who perhaps before they saw that, 1060 00:59:12,280 --> 00:59:14,919 Speaker 1: never thought, yeah, it's kind of cool. I would love 1061 00:59:14,960 --> 00:59:17,560 Speaker 1: to be able to manipulate code in such a way 1062 00:59:17,560 --> 00:59:22,760 Speaker 1: that I could do something new or unexpected or help people. Uh. 1063 00:59:22,800 --> 00:59:25,360 Speaker 1: And it's really encouraging to see that kind of thing 1064 00:59:25,480 --> 00:59:28,400 Speaker 1: happen right now. I kind of wish it had happened 1065 00:59:28,440 --> 00:59:31,240 Speaker 1: ten years ago, but I love seeing it happen now. Same. 1066 00:59:31,360 --> 00:59:33,280 Speaker 1: I actually feel like there was a little bit of 1067 00:59:33,320 --> 00:59:37,280 Speaker 1: negativity in in the aspect that we we used to 1068 00:59:37,320 --> 00:59:40,760 Speaker 1: have all these really fancy graphics happening on in these 1069 00:59:40,800 --> 00:59:43,840 Speaker 1: Hollywood movies and these TV shows, and now they're actually 1070 00:59:43,880 --> 00:59:47,160 Speaker 1: seeing the reality that is hacking, and it is not 1071 00:59:47,320 --> 00:59:51,320 Speaker 1: super colorful. It's not super quick, fast paced and exciting 1072 00:59:51,360 --> 00:59:54,280 Speaker 1: like it looks like it is on those old school shows. 1073 00:59:54,600 --> 00:59:58,120 Speaker 1: So I'm hoping that now that they're actually seeing it, 1074 00:59:58,400 --> 01:00:01,960 Speaker 1: people will try it too. Like if they see, um, 1075 01:00:02,120 --> 01:00:05,280 Speaker 1: the main actor on Mr Robot do a specific command 1076 01:00:05,280 --> 01:00:08,560 Speaker 1: line option, they'll go to their computer and try it 1077 01:00:08,600 --> 01:00:10,840 Speaker 1: themselves and see that it actually does work, and then 1078 01:00:10,880 --> 01:00:12,480 Speaker 1: they'll be like, oh, I really want to try some 1079 01:00:12,560 --> 01:00:14,640 Speaker 1: new stuff too, so they'll start googling in and see 1080 01:00:14,640 --> 01:00:16,840 Speaker 1: what else they can find out. That's the kind of 1081 01:00:16,880 --> 01:00:20,400 Speaker 1: inspiration that I wish happened thirty years ago, and it didn't, 1082 01:00:20,960 --> 01:00:24,240 Speaker 1: So I want to see more of that now, and 1083 01:00:24,280 --> 01:00:27,560 Speaker 1: I'm really happy that, for example, Mr Robot has done 1084 01:00:27,560 --> 01:00:30,200 Speaker 1: a great job with it. Yeah, it's it's and you 1085 01:00:31,280 --> 01:00:35,360 Speaker 1: not to not to poop all over Hollywood because I 1086 01:00:35,440 --> 01:00:40,160 Speaker 1: do loves mo Hollywood's but but it is. And to 1087 01:00:40,320 --> 01:00:42,680 Speaker 1: understand where they were coming from, they were trying to 1088 01:00:42,680 --> 01:00:48,080 Speaker 1: find a way to create an exciting visual depiction of 1089 01:00:48,600 --> 01:00:53,520 Speaker 1: something that doesn't necessarily necessarily lend itself to that in 1090 01:00:53,640 --> 01:00:57,120 Speaker 1: order for to create a dramatic effect. So I get it. 1091 01:00:57,120 --> 01:01:00,840 Speaker 1: It's very similar to the way Hollywood per trade virtual 1092 01:01:00,880 --> 01:01:04,760 Speaker 1: reality back in the nineties, way before virtual reality was 1093 01:01:05,000 --> 01:01:09,760 Speaker 1: ready for public consumption, and it's what largely killed VR 1094 01:01:10,080 --> 01:01:14,360 Speaker 1: for a decade before the various video game systems started 1095 01:01:14,400 --> 01:01:16,959 Speaker 1: to make the very the components cheap enough for people 1096 01:01:17,000 --> 01:01:19,240 Speaker 1: to play in that space again, and now we're on 1097 01:01:19,280 --> 01:01:22,840 Speaker 1: the verge of another VR revolution. The same sort of 1098 01:01:22,840 --> 01:01:24,479 Speaker 1: thing is true of hacking, Like, how do you show 1099 01:01:24,520 --> 01:01:28,760 Speaker 1: hacking in a way that gets across what is happening 1100 01:01:28,760 --> 01:01:31,560 Speaker 1: to an audience and makes it interesting? I think largely 1101 01:01:31,680 --> 01:01:33,880 Speaker 1: you have to do that through really good writing of 1102 01:01:33,880 --> 01:01:37,800 Speaker 1: your characters, and once you do that, then everything else follows. 1103 01:01:38,080 --> 01:01:41,120 Speaker 1: I think if if you can show that the characters 1104 01:01:41,280 --> 01:01:43,640 Speaker 1: in a movie or in a TV show are actually 1105 01:01:43,680 --> 01:01:47,080 Speaker 1: real people that have real relationships, they have real jobs 1106 01:01:47,080 --> 01:01:50,520 Speaker 1: and real lives, and they have hobbies outside of just hacking, 1107 01:01:50,920 --> 01:01:54,040 Speaker 1: you can really you can start to relate to that 1108 01:01:54,120 --> 01:01:57,880 Speaker 1: character in a very real sense in the fact that, hey, 1109 01:01:57,920 --> 01:02:01,000 Speaker 1: they are humans too, because hackers are people too. That 1110 01:02:01,080 --> 01:02:05,600 Speaker 1: was actually a documentary nice. Yeah, because again, when when 1111 01:02:05,600 --> 01:02:07,920 Speaker 1: you're when you're thinking about it in the abstract, you're 1112 01:02:07,960 --> 01:02:11,480 Speaker 1: really it becomes that us versus them mentality, where by 1113 01:02:11,600 --> 01:02:15,600 Speaker 1: by its very nature, it's dehumanizing. But that's probably a 1114 01:02:15,720 --> 01:02:18,560 Speaker 1: topic for a show that's not about technology, So I 1115 01:02:18,560 --> 01:02:22,600 Speaker 1: will just leave it be. Shannon Morse, thank you so 1116 01:02:22,680 --> 01:02:26,200 Speaker 1: much for joining me today. Please let everyone know where 1117 01:02:26,200 --> 01:02:30,560 Speaker 1: they can find all of your stuff. Jonathan Strickland, thank you. 1118 01:02:30,760 --> 01:02:35,000 Speaker 1: So it was a little, it was a little, it 1119 01:02:35,040 --> 01:02:38,200 Speaker 1: was a little laden. Yeah. Yeah, I've been watching Star 1120 01:02:38,280 --> 01:02:41,160 Speaker 1: Trek lately, way way too much Start Trek, so you 1121 01:02:41,160 --> 01:02:45,280 Speaker 1: can find me. Um, the most direct path is on Twitter. 1122 01:02:45,360 --> 01:02:48,240 Speaker 1: I'm at snubs and that's s n U b S 1123 01:02:48,680 --> 01:02:51,720 Speaker 1: and then my shows, specifically Our Tech Thing over at 1124 01:02:51,800 --> 01:02:54,520 Speaker 1: t e K thing dot com and Hack five over 1125 01:02:54,560 --> 01:02:59,120 Speaker 1: at h K five dot org. Yeah, so go check 1126 01:02:59,160 --> 01:03:02,760 Speaker 1: those shows out. They are awesome. Shannon and her co 1127 01:03:02,920 --> 01:03:06,160 Speaker 1: hosts are all awesome. I gotta get I gotta get 1128 01:03:06,240 --> 01:03:08,080 Speaker 1: Darren on the show. Yeah, no, you are cooler, but 1129 01:03:08,120 --> 01:03:10,680 Speaker 1: someday I gotta get Darren on the show. Um. I 1130 01:03:10,720 --> 01:03:12,600 Speaker 1: don't think Darren and I have ever I think we 1131 01:03:12,760 --> 01:03:16,920 Speaker 1: may have been on one of tom Merritt's shows at 1132 01:03:16,960 --> 01:03:19,400 Speaker 1: the same time, but otherwise I don't think we've ever 1133 01:03:19,440 --> 01:03:22,040 Speaker 1: done a show together at any rate. Yeah. I know, 1134 01:03:22,080 --> 01:03:25,720 Speaker 1: it's crazy, right, I've known forever happen. Let's let's do that. 1135 01:03:25,840 --> 01:03:29,120 Speaker 1: Let's do that. So, guys, if you have any thoughts 1136 01:03:29,160 --> 01:03:32,120 Speaker 1: on this subject, or you have any requests for future episodes, 1137 01:03:32,200 --> 01:03:34,640 Speaker 1: or you have questions comments that kind of thing let 1138 01:03:34,640 --> 01:03:37,480 Speaker 1: me know, send me an email that address is tech 1139 01:03:37,600 --> 01:03:41,120 Speaker 1: stuff at how stuff works dot com, or dropped me 1140 01:03:41,160 --> 01:03:44,040 Speaker 1: a line on social media. You can find me on 1141 01:03:44,080 --> 01:03:47,920 Speaker 1: Twitter and Facebook with the handle text stuff h s W. 1142 01:03:48,560 --> 01:03:50,800 Speaker 1: Thank you so much for joining us, and I'll talk 1143 01:03:50,840 --> 01:03:58,360 Speaker 1: to you again really soon. For more on this and 1144 01:03:58,440 --> 01:04:11,000 Speaker 1: bathands of other topics of how stuff works dot com