WEBVTT - Hacking for Dollars 0:00:04.200 --> 0:00:12.080 Get Technology with text stuff from Stam. Hey there, and 0:00:12.160 --> 0:00:15.280 welcome to tex Stuff. I'm your host, Jonathan Strickland, and 0:00:15.400 --> 0:00:19.520 today joining me virtually in the studio is a dear 0:00:19.600 --> 0:00:25.239 friend of mine and awesome YouTuber and amazing podcaster, someone 0:00:25.360 --> 0:00:31.480 I genuinely admire and who gives amazing hugs. Shannon Morris. 0:00:31.480 --> 0:00:34.040 Thank you for coming back to the show. Hi. How 0:00:34.080 --> 0:00:37.760 are you, Jonathan? I'm doing great. How are you? I'm awesome? Yeah, 0:00:37.800 --> 0:00:39.479 thank you so much for having me on. This is 0:00:39.520 --> 0:00:41.400 a great show and I love listening to it, so 0:00:41.479 --> 0:00:44.320 I'm super happy to be on. Yeah. Excellent. Now this is, 0:00:44.360 --> 0:00:46.519 of course the second time we've had you on, so 0:00:47.240 --> 0:00:50.520 I will work very hard to to increase that number. 0:00:50.520 --> 0:00:52.280 I want to at least get us up to double digits. 0:00:53.880 --> 0:00:57.000 But I got Shannon on the show specifically to talk 0:00:57.040 --> 0:01:00.560 about an area that she talks about a lot, the 0:01:00.600 --> 0:01:03.680 realm of hacking, and specifically I wanted to do kind 0:01:03.680 --> 0:01:06.000 of an episode about how do hacker? How do you 0:01:06.040 --> 0:01:09.039 make money? How do you make a career out of hacking? 0:01:09.160 --> 0:01:11.760 And uh, and really to frame this conversation, I think 0:01:11.800 --> 0:01:13.760 one of the most important things to do is to 0:01:13.880 --> 0:01:16.800 sort of define your terms and as it turns out, 0:01:16.800 --> 0:01:20.679 the term hacker is actually a very broad term that 0:01:20.720 --> 0:01:22.759 can apply to a lot of different things, and not 0:01:22.920 --> 0:01:28.120 all of them are that nefarious, evil infiltrated system and 0:01:28.160 --> 0:01:31.400 steal all the corporate secrets kind of approach to hacking 0:01:31.440 --> 0:01:36.039 that Hollywood often presents right right exactly. I actually asked 0:01:36.040 --> 0:01:37.920 this question to a lot of people, especially when I 0:01:37.959 --> 0:01:41.280 first meet them. Since I'm so closely affiliated with a 0:01:41.319 --> 0:01:44.040 lot of the info set community, I want to surround 0:01:44.080 --> 0:01:49.040 myself with positive people. So you'll notice with the hacker definition, 0:01:49.120 --> 0:01:51.400 you can either get a very negative vibe from somebody 0:01:51.480 --> 0:01:54.520 or a very positive vibe. Oftentimes, with the negative vibe, 0:01:54.560 --> 0:01:56.840 you'll get somebody who says, oh, that's the person who 0:01:56.960 --> 0:01:59.200 stole my credit card data when I went to a 0:01:59.240 --> 0:02:02.040 restaurant the other day. But on the positive side, you'll 0:02:02.040 --> 0:02:04.200 get somebody that says, oh, they're the kind of people 0:02:04.320 --> 0:02:07.000 that will like break something apart and then put it 0:02:07.040 --> 0:02:09.080 back together in a way that it wasn't supposed to 0:02:09.240 --> 0:02:11.400 be put back together to make it do something cool, 0:02:11.760 --> 0:02:15.960 and that's a hack in in mainstream. Uh So that's 0:02:16.000 --> 0:02:18.000 the way I see it. I see hackers as being 0:02:18.040 --> 0:02:22.840 people who um reverse engineer different software, different hardware. It 0:02:22.880 --> 0:02:25.639 could just be a bicycle, for example, and put it 0:02:25.720 --> 0:02:28.519 back together in a way to make it harder, better, faster, 0:02:28.560 --> 0:02:33.040 and stronger. Nice the old daft punk approach, of course, Yeah, 0:02:33.240 --> 0:02:36.920 I agree entirely. Uh. The the original term hacker was 0:02:36.960 --> 0:02:41.760 really all about people who have almost an insatiable curiosity 0:02:41.960 --> 0:02:46.119 to learn how stuff works. Oddly enough, I share that quality, 0:02:46.639 --> 0:02:50.160 having worked at how stuff works for a decade. Uh. 0:02:50.200 --> 0:02:52.560 But yeah, to understand how it works, and then to 0:02:52.680 --> 0:02:55.880 make stuff do things it wasn't necessarily intended to do. 0:02:56.280 --> 0:02:59.920 Not for nefarious purposes necessarily, although that could clearly be 0:03:00.280 --> 0:03:04.600 an application, but just for curiosity's sake. Can can I 0:03:04.680 --> 0:03:07.720 take these elements that are meant to do this one 0:03:07.760 --> 0:03:11.160 thing and do something completely transformative with it, whether it 0:03:11.360 --> 0:03:14.560 is hardware or software. And we've seen some really cool 0:03:14.639 --> 0:03:16.680 stuff come out of that. I mean, I would argue 0:03:17.160 --> 0:03:18.600 that a lot of the things you see in the 0:03:18.600 --> 0:03:22.520 cosplay world, in the steampunk world, those are all taking 0:03:22.560 --> 0:03:27.399 elements of hacking. Maker Fair is really just a hacker's 0:03:27.440 --> 0:03:30.880 paradise when you get down to it, especially for hardware hacks. Absolutely, 0:03:30.960 --> 0:03:33.119 I'm kind of sad. I'm gonna miss maker Fair this year. 0:03:33.760 --> 0:03:35.520 I haven't been to one yet. I've been to a 0:03:35.600 --> 0:03:39.240 small one here in Atlanta, very a very modest maker Fair. 0:03:39.560 --> 0:03:43.960 Everyone there was great and passionate and intelligent, but it was, 0:03:44.040 --> 0:03:46.119 you know, a much smaller scale than something you would 0:03:46.120 --> 0:03:49.000 see in the Bay Area. But but that's the kind 0:03:49.040 --> 0:03:51.920 of thing that hacker means to me. Now that being said, 0:03:52.760 --> 0:03:55.240 in this episode, we're really going to be focusing on 0:03:55.840 --> 0:03:59.000 on sort of the computer oriented, really the software side 0:03:59.040 --> 0:04:01.560 of hacking um and a large part of it's going 0:04:01.640 --> 0:04:05.160 to be on the bad guy, the naughty bits as 0:04:05.160 --> 0:04:08.120 I call it in our notes about hacking, simply to 0:04:08.160 --> 0:04:12.040 talk about what are the ways that hackers cause or 0:04:12.200 --> 0:04:16.040 the malicious hackers cause problems, how do they expect to 0:04:16.600 --> 0:04:20.080 profit from that? And also that well, we'll look at 0:04:20.120 --> 0:04:23.400 ways that hackers who don't follow that path, who are 0:04:23.520 --> 0:04:27.360 looking to help people, not hurt people, how do they 0:04:27.360 --> 0:04:31.240 make a living? Because it's one of those things where 0:04:31.279 --> 0:04:32.960 you kind of take it for granted when you see 0:04:32.960 --> 0:04:35.960 the Hollywood depiction of a hacker, the person sitting down, 0:04:36.080 --> 0:04:39.040 usually they're sitting at a keyboard and for some reason, 0:04:39.080 --> 0:04:44.400 their monitor only is monochromatic. Green. You know, they're using 0:04:44.400 --> 0:04:47.960 the old Apple to E terminals. Terminals are actually written 0:04:47.960 --> 0:04:50.560 and green oftentimes, but you can change the colors to 0:04:50.760 --> 0:04:52.920 rainbow colors if you choose. That is a hack. It's 0:04:52.920 --> 0:04:56.240 a real life hack. Yeah, Yeah, And usually you see 0:04:56.240 --> 0:04:59.440 them sitting down and then they cause some sort of 0:04:59.600 --> 0:05:03.960 miss you sometimes bordering on sabotage. But then you when 0:05:03.960 --> 0:05:06.520 you think about it outside the context of that scene, 0:05:06.560 --> 0:05:11.400 you think, how did they expect to profit from this? 0:05:11.720 --> 0:05:14.400 So that's kind of what we're looking at. Yeah, because 0:05:14.760 --> 0:05:17.880 it's always important to me to reiterate to that there 0:05:17.920 --> 0:05:20.080 are always going to be two sides of a coin 0:05:20.160 --> 0:05:22.279 to everything in life. Of course, there are going to 0:05:22.320 --> 0:05:25.400 be bad guys in the real in the world who 0:05:25.440 --> 0:05:28.120 do nefarious hacks, but there's also a lot of good 0:05:28.120 --> 0:05:31.480 guys too, And personally, for me, the reason why I'm 0:05:31.520 --> 0:05:34.159 so interested in researching this is because it has made 0:05:34.279 --> 0:05:37.960 me a much more privacy and security guarded person. I've 0:05:38.000 --> 0:05:40.479 gotten a lot better at my own protections online, and 0:05:40.520 --> 0:05:43.039 I feel like if somebody else can understand what a 0:05:43.040 --> 0:05:45.120 hacker does on the bad side as well as the 0:05:45.120 --> 0:05:47.400 good side, they can better protect themselves too, And that's 0:05:47.440 --> 0:05:50.040 what I've always tried to teach people. Yeah, I think 0:05:50.040 --> 0:05:52.400 all you have to really do is attend one def 0:05:52.480 --> 0:05:56.000 con and really have that driven home. I have not 0:05:56.080 --> 0:05:59.200 yet gone to a def con, mostly because I don't 0:05:59.200 --> 0:06:01.280 know that I could part with my smartphone for that 0:06:01.360 --> 0:06:04.760 long and I certainly wouldn't take it with me. Bring 0:06:04.800 --> 0:06:08.280 a burner phone, you'll be fine. Burn Yeah, that that's 0:06:08.320 --> 0:06:11.719 me Jonathan, the guy which carries the burner. Uh, it 0:06:11.800 --> 0:06:13.960 makes sense, I mean when you're doing something like that. So, 0:06:14.160 --> 0:06:16.520 for those who don't know, def Con is a large 0:06:16.560 --> 0:06:21.200 hacker based conference largely looking at the realm of information 0:06:21.200 --> 0:06:26.520 security UM and often they will you'll have entire presentations 0:06:26.560 --> 0:06:30.599 dedicated to showing off vulnerabilities and security. Again not necessarily 0:06:30.680 --> 0:06:32.960 so that people can take advantage of them, but rather 0:06:33.000 --> 0:06:36.120 to raise awareness and to kind of force the hands 0:06:36.720 --> 0:06:40.159 of the parties that are responsible for that software to 0:06:40.480 --> 0:06:43.680 take action and fix a problem. Right Like that was 0:06:43.720 --> 0:06:48.480 what we saw with the hack about remotely taking control 0:06:48.600 --> 0:06:52.239 of a person's vehicle. Uh, specifically Jeep was really having 0:06:52.279 --> 0:06:54.960 that issue. Those one of those things where the researchers 0:06:54.960 --> 0:06:58.360 were saying, look, we're bringing this to light, not so 0:06:58.440 --> 0:07:01.360 that we can create an era where people are terrified 0:07:01.360 --> 0:07:03.599 of their vehicles that someone's going to take remote control 0:07:03.640 --> 0:07:07.039 of their car. But rather to really drive home the 0:07:07.080 --> 0:07:11.160 fact that the information security is now, it's important everywhere. 0:07:11.240 --> 0:07:14.440 It's not just your phone, it's not just your computer. 0:07:14.920 --> 0:07:19.000 As the Internet of Things continues to blossom, it's everything. Yes, 0:07:19.080 --> 0:07:22.679 I agree, And in that sense, those researchers were trying 0:07:22.720 --> 0:07:26.280 to use something the old school term is called responsible disclosure, 0:07:26.600 --> 0:07:30.400 where they explain some kind of vulnerability that they found 0:07:30.400 --> 0:07:33.360 to the company in hopes that the company will fix 0:07:33.440 --> 0:07:36.520 this problem before it becomes mainstream and before it gets 0:07:36.520 --> 0:07:40.520 out into the wild. In the case of Jeep, I believe, 0:07:40.560 --> 0:07:42.880 if my memory serves me right, that Jeep did not 0:07:43.080 --> 0:07:47.240 necessarily release a patch for this vulnerability. So then the 0:07:47.280 --> 0:07:50.320 researchers decided to go out publicly about the information that 0:07:50.360 --> 0:07:53.200 they found, and then Jeep decided to fix it once 0:07:53.240 --> 0:07:56.600 everybody else knew about it, right, And and sometimes that's 0:07:56.600 --> 0:07:59.240 what it takes. And then and I've had the same 0:07:59.280 --> 0:08:02.760 discussion offline with a mutual friend of ours, Brian Brushwood. 0:08:03.440 --> 0:08:05.960 Brian is a stage magician. He has a show called 0:08:06.000 --> 0:08:08.960 Scam School. It's all about social engineering. One of the 0:08:09.000 --> 0:08:11.760 things I have talked about with Brian is that his show, 0:08:12.040 --> 0:08:15.280 he often shows how to do certain types of scams 0:08:15.360 --> 0:08:19.400 or tricks, but they're mostly in the bar bet world, right, Like, 0:08:19.520 --> 0:08:22.480 not stuff that you would do to ruin someone's life, 0:08:22.560 --> 0:08:24.120 but something that you know you might want to you 0:08:24.200 --> 0:08:29.480 might win a free beer that way. Yeah, And he 0:08:29.560 --> 0:08:31.680 showed off he had an episode where he showed off 0:08:32.280 --> 0:08:36.360 this guy who had had was demonstrating a well known 0:08:36.480 --> 0:08:40.360 vulnerability of a popular bike lock that has been off 0:08:40.360 --> 0:08:43.000 the market for a couple of years because of this vulnerability. 0:08:43.480 --> 0:08:45.680 But that particular vulnerability meant that you could use a 0:08:45.760 --> 0:08:49.200 regular plastic pen, remove the pen part of the pen, 0:08:49.640 --> 0:08:52.600 use the casing, and jam that into the lock and 0:08:52.720 --> 0:08:57.240 pop the lock open. Right. And so people were complaining 0:08:57.240 --> 0:09:01.080 in the comments, they were saying, you're you're you're publicizing 0:09:01.120 --> 0:09:03.760 this vulnerability. And I said, guess what the bad guys 0:09:03.840 --> 0:09:07.960 already know about this vulnerability. What they're doing is publicizing 0:09:07.960 --> 0:09:10.520 it to a public that might be still vulnerable to 0:09:10.600 --> 0:09:14.120 it so that they don't fall victim. And that to 0:09:14.200 --> 0:09:17.280 me is a very important part of hackers across the board. 0:09:17.320 --> 0:09:21.079 They they serve very important purpose to alert folks to 0:09:21.240 --> 0:09:26.920 potential dangers before it gets too late. Yeah. Absolutely, And 0:09:26.920 --> 0:09:31.120 and you're those hackers are the people that are generally 0:09:31.240 --> 0:09:34.320 working to make a better world for consumers, a better 0:09:34.640 --> 0:09:38.360 a better private and secure world for consumers. But then, 0:09:38.480 --> 0:09:41.200 of course, on the other hand, are the batties. Yeah, 0:09:41.320 --> 0:09:43.840 let's talk about some of them. So I kind of 0:09:43.880 --> 0:09:46.720 gave some weird little titles for this when I was 0:09:46.760 --> 0:09:49.079 typing it up, because in the middle of a week, 0:09:49.120 --> 0:09:51.640 I get bored. Shannon has to be honest, and so 0:09:51.679 --> 0:09:53.760 when I was making an outline kind of for us 0:09:53.760 --> 0:09:56.559 to work from, I started coming up with goofy subtitles. 0:09:56.559 --> 0:10:00.280 So this whole section is titled the Naughty Bits in 0:10:00.320 --> 0:10:03.800 our Notes, And the first one is malware moo law, 0:10:03.960 --> 0:10:08.160 as in people who make money through the development or 0:10:08.200 --> 0:10:11.560 distribution of malware and malware. As I've said on this 0:10:11.600 --> 0:10:14.360 show many times in order to define it, it's really 0:10:14.760 --> 0:10:17.640 software that is intended to do something that is ultimately 0:10:17.720 --> 0:10:20.679 harmful to the person who runs that software on their machine. 0:10:21.280 --> 0:10:27.040 It covers a wide array of different subcategories like, uh, 0:10:27.080 --> 0:10:29.000 you know, this is the sort of term that we 0:10:29.120 --> 0:10:30.839 normally would have in the old days just called a 0:10:30.880 --> 0:10:34.360 computer virus, but computer virus is a very specific thing, 0:10:34.480 --> 0:10:38.920 and malware covers more stuff than just viruses, also worms 0:10:38.960 --> 0:10:41.920 and all sorts of stuff. Yeah, there's there's malware for 0:10:42.040 --> 0:10:44.800 Java and Flash. If you still have Flash installed, I 0:10:44.880 --> 0:10:47.280 highly recommend that you uninstall it if you don't need it. 0:10:47.679 --> 0:10:51.400 There's malware for browsers. There's malware for advertisements online for 0:10:51.480 --> 0:10:54.960 sponsors that you'll see like on on different websites. That 0:10:55.080 --> 0:10:57.160 was a very recent problem that a lot of news 0:10:57.160 --> 0:11:01.080 publications had with Yeah, big name news public Yeah, so 0:11:01.160 --> 0:11:03.280 that was a big one. But you'll see maw. We're 0:11:03.520 --> 0:11:06.800 all over the place. And luckily we do have anti 0:11:06.840 --> 0:11:09.680 mauware software that we can use to protect our computers 0:11:09.720 --> 0:11:12.040 from it, and we can also block certain ports on 0:11:12.080 --> 0:11:14.640 the routers that can hopefully protect you from MAUER. But 0:11:15.440 --> 0:11:19.080 there's also a lot of cases where maure is distributed 0:11:19.240 --> 0:11:23.160 and built so quickly that a lot of those anti 0:11:23.280 --> 0:11:26.880 Mauer software are not updated quick enough. So in that case, 0:11:26.920 --> 0:11:28.240 we need to do the best that we can to 0:11:28.320 --> 0:11:31.920 protect ourselves and keep MAUER from getting out from the 0:11:32.000 --> 0:11:35.040 deep web. Yeah. You know, it used to be, uh 0:11:35.080 --> 0:11:38.560 that you really all you needed to worry about was 0:11:38.679 --> 0:11:41.760 just don't go to the more seedy elements of the web, 0:11:41.800 --> 0:11:44.439 and you were generally all right, right, Yeah, it's kind 0:11:44.440 --> 0:11:48.360 of like avoiding a bad neighborhood. Like, obviously, if you 0:11:48.520 --> 0:11:50.959 don't want to get robbed, there's certain neighborhoods that you 0:11:51.000 --> 0:11:54.120 should probably shouldn't walk around in by yourself at night. 0:11:54.320 --> 0:11:56.920 And this is kind of similar in that case where 0:11:56.960 --> 0:11:59.520 you avoid the deep web unless you really want to 0:11:59.520 --> 0:12:03.040 be on somebody's like hit list or something like that. Yeah. Yeah, 0:12:03.080 --> 0:12:04.840 if you're if you suddenly think that you want to 0:12:04.840 --> 0:12:06.840 come across as a big shot, look if you're not 0:12:06.920 --> 0:12:09.800 a big shot, don't do that. It's kind of like 0:12:09.920 --> 0:12:11.760 kind of like walking up to someone who works in 0:12:11.800 --> 0:12:14.320 a carnival and claiming that you're with it and for it. 0:12:14.360 --> 0:12:15.920 If you don't know what that means, you do not 0:12:16.040 --> 0:12:19.360 say that. Okay, I think I just gave terrible advice 0:12:19.400 --> 0:12:23.760 to an entire population of listeners. Um, don't don't. Don't 0:12:23.760 --> 0:12:27.319 talk to Carney's unless you are one, alright, so uh 0:12:27.320 --> 0:12:30.040 and I love you Carney's. I love you all. So. 0:12:30.280 --> 0:12:33.440 The the thing that we're getting across, though, is that 0:12:33.600 --> 0:12:36.719 today that's not as big a guarantee as it used 0:12:36.720 --> 0:12:39.680 to be right, like ten years ago, you'd say, look, 0:12:39.800 --> 0:12:43.800 just be careful. Don't download unusual files, don't don't run 0:12:43.960 --> 0:12:48.320 a file that's linked in your email without checking it 0:12:48.320 --> 0:12:51.360 out first. Don't don't you know, be careful opening up 0:12:51.360 --> 0:12:54.480 emails from things that you don't recognize. Be careful with 0:12:54.559 --> 0:12:59.400 PDF files. Be careful with stuff that especially unsolicited stuff 0:12:59.440 --> 0:13:03.400 that has com to you, because that raises the chances 0:13:03.400 --> 0:13:06.199 that something hinky is going on. It doesn't necessarily mean 0:13:06.240 --> 0:13:10.760 it's definitely a problem, but it's potentially a problem, and 0:13:10.800 --> 0:13:13.560 it's better to be safe than sorry. Make sure you 0:13:13.600 --> 0:13:16.520 have good and uh anti virus software on your computer. 0:13:16.920 --> 0:13:19.080 Make sure you have a nice strong firewall. All of 0:13:19.080 --> 0:13:22.000 these kind of things. Those used to be pretty good 0:13:22.520 --> 0:13:26.320 at keeping of the malware away from you, if you 0:13:26.360 --> 0:13:31.920 were being a fairly responsible Nedicin these days, they definitely help. 0:13:32.160 --> 0:13:35.199 These days, these days, the attacks are are sometimes getting 0:13:35.240 --> 0:13:38.280 like in the case of the advertisements on news sites. 0:13:38.880 --> 0:13:42.480 These are attacks that are going through avenues that you 0:13:42.520 --> 0:13:45.960 want at one point would have considered perfectly safe. Not 0:13:46.080 --> 0:13:48.280 that it's happening all the time, but the fact that 0:13:48.320 --> 0:13:52.960 it can happen tells you that it requires an extra 0:13:53.080 --> 0:13:56.400 level of vigilance beyond what we used to say was 0:13:56.400 --> 0:14:00.280 was sufficient. Yeah. Absolutely, a data collection for a lot 0:14:00.280 --> 0:14:04.880 of this malware is extremely Uh, it's high sensitive in 0:14:04.920 --> 0:14:09.720 the fact that a user's data can get so much 0:14:09.720 --> 0:14:13.080 money on the on the deep web, so much money really, 0:14:13.120 --> 0:14:16.840 particularly a collection of user data. That's where the big 0:14:16.880 --> 0:14:20.240 money is, right. I did an episode once where we 0:14:20.360 --> 0:14:23.400 tried to break down how much is your personal information worth? 0:14:23.440 --> 0:14:27.880 And yeah, it really depends. It depends upon what information 0:14:27.920 --> 0:14:30.640 you're talking about, Like how extensive is that profile on 0:14:30.680 --> 0:14:34.080 a person? But yeah, it's not much in the grand 0:14:34.120 --> 0:14:36.120 scheme of things. Like to you, it's worth a lot, 0:14:36.280 --> 0:14:38.720 right you as a person, Shannon, You as a person, 0:14:38.800 --> 0:14:41.240 that information is worth a lot of money to you 0:14:41.960 --> 0:14:45.200 because it's who you are. To someone else, it's worth 0:14:45.600 --> 0:14:48.560 pennies on the dollar really, depending upon depending upon the 0:14:48.600 --> 0:14:53.560 amount of information. But the smellware often is giving hackers 0:14:53.640 --> 0:14:58.040 access to massive amounts of info about a huge number 0:14:58.040 --> 0:15:01.680 of people, and a number is there is more value 0:15:01.840 --> 0:15:04.680 and that's where they will sell that. Sometimes they sell 0:15:04.720 --> 0:15:08.440 it to companies that are just interested in getting information 0:15:08.480 --> 0:15:12.040 so that they can do targeted advertising. So it might 0:15:12.120 --> 0:15:16.680 be that the ultimate use of your information isn't as 0:15:16.800 --> 0:15:18.920 bad as it could be. It just means you're going 0:15:18.960 --> 0:15:22.520 to get some adsum but still not fun to think 0:15:22.560 --> 0:15:25.080 about and to think that you know, now these companies 0:15:25.120 --> 0:15:28.320 have access to information about you that you probably would 0:15:28.400 --> 0:15:32.560 rather they not have, particularly in targeted advertising. The famous 0:15:32.600 --> 0:15:36.280 story about Target when they started sending ads to a 0:15:36.280 --> 0:15:39.800 young lady that were related to pregnancy, and then her 0:15:39.920 --> 0:15:42.160 dad got really really ticked off about it. But it 0:15:42.200 --> 0:15:45.280 turned out that little girl was pregnant, yeah, and that 0:15:45.440 --> 0:15:48.120 it was it was because the algorithms had picked up 0:15:48.320 --> 0:15:51.360 through her search habits that she was pregnant based upon 0:15:51.480 --> 0:15:53.960 the search terms she was putting in, and so they 0:15:54.000 --> 0:15:58.240 proactively sent her some coupons for pregnancy related items. The 0:15:58.320 --> 0:16:00.760 dad got very upset. Then the dad ended up apologizing 0:16:00.760 --> 0:16:03.200 to Target, saying that he was unaware at the time 0:16:03.280 --> 0:16:05.960 of the full situation. Well, in that case, it was 0:16:06.400 --> 0:16:10.120 search algorithms. It wasn't a hacker who had gained access 0:16:10.120 --> 0:16:12.240 to stuff and then sold it. But there are other 0:16:12.280 --> 0:16:15.760 cases where that does happen, where you know, just a 0:16:15.840 --> 0:16:18.640 database of info, and a lot of times they will 0:16:18.760 --> 0:16:22.040 release this malware in something that's called an exploit kit. 0:16:22.560 --> 0:16:25.640 So generally, these exploit kits are like a batch of 0:16:26.000 --> 0:16:29.600 similar malware that will work across several different platforms, so 0:16:29.640 --> 0:16:32.560 that whether that's several different types of software like job 0:16:32.640 --> 0:16:35.640 and flash, or several different browsers, it could be several 0:16:35.640 --> 0:16:38.920 different operating systems too, So you might see an exploit 0:16:39.000 --> 0:16:43.720 kit that works on Linux four four but also works 0:16:43.760 --> 0:16:48.120 on Windows XP up through eight or something like that. Right, 0:16:48.600 --> 0:16:50.680 And what's crazy is that when you start looking at 0:16:51.440 --> 0:16:53.200 I mean, this is one of the things that hackers do, right, 0:16:53.200 --> 0:16:55.680 They'll look at operating systems and what the market penetration 0:16:55.760 --> 0:16:58.160 is for those systems because that that's that shows you 0:16:58.160 --> 0:17:00.680 where your target rich environment is. Right, So if you 0:17:00.720 --> 0:17:06.040 have Windows seven, guess what you are prime target for 0:17:06.280 --> 0:17:10.640 for malware because that is by far the largest UM 0:17:10.720 --> 0:17:13.840 that that has the greatest market share of any operating 0:17:13.840 --> 0:17:20.480 system right now, Windows XP still it's number three, number three, 0:17:20.560 --> 0:17:23.119 and it has not been supported by Window formed by 0:17:23.160 --> 0:17:27.800 Microsoft for two years. This, by the way, bad thing. 0:17:27.880 --> 0:17:30.280 If you want to be really secure with your your 0:17:30.320 --> 0:17:32.440 computer information, you don't want to be using and operate 0:17:32.480 --> 0:17:34.960 system that no longer gets support from the company that 0:17:35.040 --> 0:17:38.800 made it. UM because because that means no vulnerabilities will 0:17:38.840 --> 0:17:41.119 be patched. From that moment forward, you're pretty much on 0:17:41.160 --> 0:17:43.720 your own. You have gone into the dark forest, and 0:17:43.760 --> 0:17:48.199 you forgot to bring your flashlight. It's pretty dangerous. Um. 0:17:48.320 --> 0:17:50.560 One of the things that you kind of uh that 0:17:50.560 --> 0:17:53.040 that I think leads in from what you were saying 0:17:53.080 --> 0:17:56.360 before with these exploit kits. One of the most terrifying 0:17:56.560 --> 0:18:00.280 aspects of this type of malware and and the fact 0:18:00.320 --> 0:18:03.639 that that people can use it for nefarious purposes and 0:18:03.720 --> 0:18:07.639 monetary gain, is that you also have a population of 0:18:07.720 --> 0:18:10.639 people who don't even understand how the malware works. They 0:18:10.680 --> 0:18:14.959 don't even Script kitties is what I'm getting at. Script kitties, 0:18:15.040 --> 0:18:19.400 that's the term we use for people who are, uh, 0:18:19.440 --> 0:18:23.600 they're benefiting from the the work that hackers have done. 0:18:23.640 --> 0:18:26.720 Hackers are the ones who are actually putting together the software. 0:18:26.720 --> 0:18:29.720 They're the ones who have identified the vulnerability and then 0:18:29.800 --> 0:18:32.600 exploited it in some way. Script kitties are the ones 0:18:32.640 --> 0:18:36.320 who essentially they're given a set of skeleton keys, and 0:18:36.400 --> 0:18:40.520 they didn't make the skeleton keys, they're just using them. UM. 0:18:40.560 --> 0:18:43.920 And it's scary because you don't need a level of expertise. 0:18:44.080 --> 0:18:46.280 You might think, oh, well, I'm kind of safe from 0:18:46.320 --> 0:18:49.120 hackers because how many people are actually hackers? How many 0:18:49.119 --> 0:18:53.119 people really know how this system works. Well, you don't 0:18:53.160 --> 0:18:55.000 have to really know how the system works if you 0:18:55.040 --> 0:18:58.240 have a tool that exploits a vulnerability. Oh absolutely. Although 0:18:58.240 --> 0:19:01.080 I really hate the words of Katie, I will put 0:19:01.080 --> 0:19:04.080 it out there because I feel like if you're interested 0:19:04.240 --> 0:19:08.240 in information security, and if you're interested in becoming a 0:19:08.240 --> 0:19:11.960 good hacker, then you do start somewhere, and everybody is 0:19:12.000 --> 0:19:14.120 going to start with the easy tools that are out 0:19:14.119 --> 0:19:17.040 there and that are available for free. For example, one 0:19:17.080 --> 0:19:19.200 thing that I learned how to use a couple of 0:19:19.240 --> 0:19:22.240 years back was this tool called wire shark. It easily 0:19:22.359 --> 0:19:25.479 lets you see everything that's happening on your wireless network, 0:19:25.560 --> 0:19:28.840 or you can use it for um, any computers that 0:19:28.880 --> 0:19:31.280 are on your on your network, like behind your router, 0:19:31.600 --> 0:19:33.639 so you can see everything that's going on and you 0:19:33.680 --> 0:19:38.439 don't necessarily have to learn or understand what's going on 0:19:38.480 --> 0:19:41.560 behind it to be able to read what's on your 0:19:41.600 --> 0:19:44.560 screen happening right in front of you. I think it's 0:19:44.600 --> 0:19:48.840 really important though, for people who might be called script 0:19:48.880 --> 0:19:53.080 kitties to look at as being beneficial and that they 0:19:53.200 --> 0:19:56.240 can grow from that process. They can start from being 0:19:56.280 --> 0:19:59.000 a beginner and say, okay, well I need to understand 0:19:59.040 --> 0:20:01.280 the theory. Now I can move on from being a 0:20:01.280 --> 0:20:04.760 script kittie quote unquote to becoming somebody who is an 0:20:04.800 --> 0:20:09.240 expert in some kind of information security out there. Yeah. 0:20:09.280 --> 0:20:11.600 I when I think of the term script kitty, in 0:20:11.640 --> 0:20:13.720 my mind, it's a very it's a subset of the 0:20:13.720 --> 0:20:17.800 people that typically get labeled as such. That subset being 0:20:18.280 --> 0:20:20.880 people who have little to no interest in actually learning 0:20:20.960 --> 0:20:25.280 how to hack or program. Uh, people who want a 0:20:25.400 --> 0:20:30.560 very very fast track way to gain either a reputation 0:20:31.240 --> 0:20:34.280 by being the person who took down a system by 0:20:34.359 --> 0:20:37.840 whatever means, or by making a whole lot of money 0:20:37.880 --> 0:20:41.640 really fast for relatively little effort. Those are the ones 0:20:41.720 --> 0:20:44.000 I specifically think of when I think of script kitty. 0:20:44.040 --> 0:20:46.600 But you are absolutely right, you have to start somewhere 0:20:46.720 --> 0:20:49.119 if you're interested in this is I'm kind of defensive 0:20:49.160 --> 0:20:51.400 with that because I I was called a script kitty 0:20:51.440 --> 0:20:54.920 when I first started up started off learning about hacking 0:20:54.920 --> 0:20:58.520 and information security. People would be like, Oh, she's just 0:20:58.560 --> 0:21:00.760 a script kitty, and I'd be like, I actually want 0:21:00.760 --> 0:21:02.840 to understand the theory. I want to learn how to program. 0:21:02.840 --> 0:21:04.760 I want to learn how to code. I'm no longer 0:21:04.840 --> 0:21:07.720 called that because I have learned how to write certain 0:21:07.800 --> 0:21:10.040 kinds of code. I have learned how to program. I 0:21:10.080 --> 0:21:12.640 can make my r doin no, do whatever I want. 0:21:12.960 --> 0:21:16.000 So at this point in my stage, I've surpassed that 0:21:16.040 --> 0:21:18.960 moment of being a nube and I've gone on to 0:21:19.760 --> 0:21:24.520 learning things and being able to understand specific tests and 0:21:24.560 --> 0:21:25.919 get them to do what I want them to do 0:21:26.000 --> 0:21:29.119 without finding tutorials online. Yea, so now I make my 0:21:29.160 --> 0:21:32.480 own tutorials. Seeing Now that's nice because when I started 0:21:32.480 --> 0:21:34.960 at how Stuff Works, they call me that weird bald guy, 0:21:35.400 --> 0:21:39.439 and today they still do. So some labels just stick, 0:21:39.880 --> 0:21:42.160 is what I'm saying. So yeah, So, so that kind 0:21:42.160 --> 0:21:46.400 of covers the malware approach. People can make money through malware, 0:21:46.400 --> 0:21:50.280 either by selling your information UM, they might do so 0:21:50.520 --> 0:21:54.960 by another method, which kind of leads into this idea 0:21:55.000 --> 0:21:57.840 of ransomware. So this would be malware specific type of 0:21:57.840 --> 0:22:02.280 malware that UM locks down your machine in some way 0:22:02.320 --> 0:22:04.560 so that you can no longer access it, and then 0:22:04.600 --> 0:22:06.640 you essentially get a message saying, hey, if you want, 0:22:06.720 --> 0:22:08.840 if you want your data back, if you want access 0:22:08.880 --> 0:22:10.919