Top hacker shows us how it's done | Pablos Holman | TEDxMidwest

So this is a hotel room like the one I'm staying in. Sometimes I am bored. A room like this doesn't have much to offer for entertainment, but for a

hacker

it becomes a little interesting because that TV is not like the one in your house. It's a note on a network, that means I can alter it if I connect a small device like this to my computer. It is an infrared transceiver. I can send the codes that the TV remote could send and some other codes, so what can I see? free movies that doesn't matter much to me but I can also play video games Hey, but what is this?

Not only can I do this for my TV in my hotel room. I can control your TV in your hotel room so I can watch you. if you're paying with one of these, you know, TV-based check-in things, if you're browsing the web on your hotel TV, I can see how you do it, sometimes you see cool stuff, fund transfers, fund transfers really great, you never know what people might do. want to do while surfing the web from their hotel room, but the point is that I get to decide if you're watching the Disney report tonight. Is anyone else staying at the Affinia Hotel?

Okay, this is a project I worked on when we were trying. to discover the security properties of wireless networks is called robot

hacker

. This is a robot we built that can drive around and find Wi-Fi users, approach them, and show them their passwords on the screen. We just wanted to build a robot, but you know we didn't know what to do, so we made a gun version of the same thing. This is called sniper yagi. It is for your long range password sniffing action from a mile away. I can keep a good eye on you. network, this is a project that I worked on with Ben Lori to show passive surveillance, so what it is is a map of the conference called computer freedom and privacy and this conference was in a hotel and what we did was, well You know, putting a computer in each conference room recorded all the Bluetooth traffic, so when everyone was coming and going with their phones and laptops, we were able to record it and correlate it and then I can print a map like this for everyone at the conference .

This is Kim Cameron. the chief privacy architect at Microsoft, unbeknownst to him, I was able to see all the places he went and I can show that I can correlate this and show him who he's hanging out with. Was he bored in the lobby with someone? Did anyone here use a cell phone? phones, so my phone is calling, calling with the wrong password, you have to go to text, three messages saved, bye, oh, so we're on Brad's voicemail and I was going to record a new message for him, but it seems like I have Preston on the hook, so let's go ahead and I'll explain how it works another day because we're short on time.

Anyone here uses Myspace. Myspace users, huh, used to be popular. It's kind of like Facebook. This guy, a friend of ours, Sammy was trying to meet girls on MySpace. which I think is what he used to be good at and what he did is he didn't see you, you know he had a myspace page about him, they're all your friends and that's how you know you're cool if someone has a lot of friends on MySpace, well, Sammy didn't have any friends, so he wrote a little bit of JavaScript code that he put on his page so that every time you looked at his page he would automatically add you as his friend and skip all the recognition. response protocol of saying if Sammy is really your friend, but then I would copy that code onto your page so that every time someone looked at your page it would automatically add them as Sammy's friend and change your page to say Sammy is your hero, so in less than 24 hours, Sammy had over a million friends on MySpace, you know, he just served 3 years of probation for that, even better, Christopher, a bad guy, another hacker who was also trying to meet girls on MySpace, but it had irregular results in some of these appointments.

It didn't work that well, so the bad thing he did was write some code to connect Myspace with Spam Assassin, which is an open source spam filter. It works just like your email spam filter. You train it by giving it some spam. training it by giving it some legitimate email and tries to use artificial intelligence to resolve the difference. He simply trained him on profiles of girls he dated and liked as legitimate email profiles of girls he dated and didn't like as spam. and then I compared it to all the Myspace profiles. Oh, spit out girls you'd like to date.

I think you know what I'm saying about a bet. I think there are like three startups here. I don't know why we need Match.com when we could. has dating spam, you know, this is innovation, it has a problem, it found a solution, anyone used these keys to open your car remotely, they are popular and well, maybe not in Chicago, okay, yeah, so the kids on these days they will drive through a Walmart parking lot. a lot of clicking open, open, open boop, eventually you find another Jetta or whatever like yours, maybe a different color that uses the same key code, the kids will just loot it, lock it and leave, your insurance company will betray you because there is no evidence of a theft for one manufacturer we figure out how to manipulate that key so that it opens all of that manufacturer's cars.

There is one point to make about this, which I barely have time for, but it is that your car is now a PC, your phone is also a PC, your toaster, if not a PC, will soon be fine and I'm not kidding about that. , and the point is that when that happens, you inherit all the properties and security problems of PCs and we have a lot of them. So keep that in mind and we could talk more about that later. Anyone uses a lock like this on their front door. It is fine, me too. This is a Schlage lock.

It is at the entrance doors in the United States. I brought one to show you. So this is my old lock this is a key that fits the lock but it's not cut properly so it won't turn it. No one here has tried to pick locks with tools like this. Okay, I've got some nefarious lockpickers. Well, it's for kids with OCD. I have to put them there and Finnick with them and spend hours getting the finesse to handle the pins, you know, for the D D kids in the house. Is there an easier way. I put my little magic key here.

I put a little pressure on it. there to turn it, hit it a few times with this special mallet and I just opened the lock that we are in, it's easy and I actually don't know much more about this than you, it's really very easy. I have a keychain. made from the same type of key for all the other locks in America and if you're interested, I bought a key machine so I could cut these keys and I made some for all of you so my gift to you will come later and I'll do that. I'll show you how to pick a lock and give you one of these keys that you can take home and try on your door.

Anyone can use these USB sticks. Yes, print my Word document. Yes, they are very popular. Mine works like yours. You can print my Word Document for me, but while you do it invisibly and magically in the background, you're just making a handy backup of your My Documents folder, your browser history, your cookies, your log, and your your password database, and all the things you know you might need. someday, if you have a problem, we like to do these things and throw them in the trash at conferences, yes, anyone here uses credit cards, oh well, yes, they are popular and tremendously secure, well, there are new credit cards that you may have received in the mail. with a letter explaining that it's your new secure credit card, anyone who gets one of these knows it's secure because it has a chip and an RFID tag and they can use it in taxis and at Starbucks.

I brought one to show you just by touching it. The reader, has anyone seen this before. Okay, who has one? Bring it here. There is a prize for you. I just want to show you some things we learned about them. I received this credit card in the mail. I really need some volunteers. In fact, I need one, two, three, four or five volunteers because the winners will get these amazing stainless steel wallets that will protect you against the problem you guessed I'm about to demonstrate. Bring a credit card here and I'll show it to you. I want, I want to try it with one of these awesome new credit cards.

Well, someone can do it. We have a conference organizer. Someone can force people to cooperate. Actually, it is of your own will. the demo gets really awesome I know you guys have never seen what it is, these are really cool wallets made out of stainless steel, okay, did anyone else see the code on the screen at Ted before, yeah, this is pretty awesome, okay, okay, cool , I have volunteers, who has one? these exciting credit cards, okay, here we go. I'm about to show your credit card number to only 350 close friends. Listen for the beep that means someone is hacking your credit card.

What did we get, valued customer and credit card number and expiration date? your new secure credit card isn't totally secure, someone else wants to try theirs while we're here, beep, let's see what we have, so we complained about this and AMEX changed it to no longer show the name, which is progress who can look at mine if it

shows

it, yeah it

shows

my name or that's what my mom calls me anyway. Oh, yours doesn't have it right, so next time you get something in the mail that says it's safe, send it to me, oh wait. one of these is empty, wait, I think this is the one, here you go, you get the one just assembled, okay, great, ok, I still have a few minutes left, so I'm going to make a couple of points, oh, That's my subliminal message.

The campaign was supposed to be much faster, okay, here's the most exciting slide ever shown, Ted, this is the protocol diagram for SSL, which is the encryption system in your web browser that protects your credit card when ships to Amazon and all that, very exciting. I know, but the point is that hackers will attack every point of this protocol. I will send two responses when the server accepts one. I will send a zero and expect a one. I will send double the data. expecting it to take twice as long to respond than i expected just try a bunch of stuff see where it breaks see what falls into my lap when i find a hole like that then i can start looking for an exploit ok this is a bit more what it looks like ssl hackers that's really boring this guy kills a million africans a year he's off leash depends a mosquito carrying malaria that's wrong talk this is a protocol diagram for malaria so what we're doing in our lab is to attack this protocol at every point that we can find well, it has a very complex life cycle that I won't go into now, but at some point it has been in humans, then mosquitoes and what I need is hackers because hackers They have a mind that is optimized for discovery, they have a mind that is optimized for discovering what is possible, you know, I often illustrate this by saying that if you know, you get some random new device and you show it to your mom, she might say, Well, what does this do? and you would tell her, mom, that it is a phone and instantly she would know exactly what it is for, but with a hacker the question is different: what can I do with this?

I'm going to remove all the screws, take off the back and break it into many small pieces, but then I'm going to find out what I can build from the rubble, that's a discovery and we have to do it in science and technology to find out what is possible and So in the lab what I'm trying to do is apply that mindset to some of the bigger ones. problems humans have we worked on malaria thanks to Bill Gates who asked us to work on it this is how we used to solve malaria it's a mock ad from the 1940s we eradicated malaria in the US by spraying DDT everywhere In the laboratory, what we do is a lot of work to try to understand the problem.

This is a high speed video. We have an amazing video camera trying to learn how mosquitoes fly and you can see that they look more similar. swimming in the air, we actually have no idea how they fly, but we have a cool video camera so we know that yes, it costs more than a Ferrari anyway, we came up with some ways to take care of mosquitoes, let's shoot with laser beams, this is what happens. You know, when you put a jack of all trades scientist in the room and a laser junkie, people thought it was funny at first, but we realized we can build this from consumer electronics, using the CCD of a webcam and laser. like a blu-ray recorder, the laser girl tilts from a laser printer, we do motion detection on a GPU processor, like a video game system, everything follows Moore's law, so it won't actually be so expensive to do.

The idea is that we would place asimilar perimeter of these laser systems around a building or a village and we would just shoot all the mosquitoes in their path to feed on humans and maybe we want to do that in our backyard, we could do that too. do it to protect the crops, our team is working right now to characterize what they need to do the same for the pests that have wiped out about two-thirds of the, I think it's about two-thirds of the orange groves in Florida, so that people laughed. First, this is a video of our system working, we are tracking mosquitoes live as they fly, our computer puts those sights there, just watches them, finds them moving and then points a laser at them to sample the flapping frequency. that's a mosquito, that's a terribly rigid New Zealand, it's female and if all of that is true, then we're going to shoot it down with a lethal laser, so we'll have it running in the lab, what we're working on, taking that project into the field, now all this.

It happens at the Ventures think tank in Seattle where I work and we're trying to tackle some of the toughest problems humans have and this is the opportunity to make money, as you can see we just burned off its wing with a UV laser and it's not coming back. It vaporized. their wing right there, yeah, they loved it, I mean, you know, PETA or anyone else called me, I mean, it's the perfect enemy, there's just no one to come to the rescue of mosquitoes, sometimes we go overboard, yeah, so anyway I'm going to get off stage, this is the Ventures intellectual lab where I work, we basically use every type of scientist and one of every tool in the world to work on crazy invention projects, so thanks, but it's not very Exciting, I know, but the point is that hackers will attack every point in this protocol is correct.

I will send two responses when the server accepts one. I will send a zero and expect a one. I will send twice as much data as expected. It will take me twice as long to respond. I hope to try a bunch of things, see where it breaks, see what falls into my lap, when I find a hole like that, then I can start looking for an exploit, okay, this is a little more of what SSL looks like, hackers, that's really boring. This guy kills a million Africans a year. The Sana'a fleece depends on a malaria-carrying mosquito.

Is this the wrong talk? This is a protocol diagram for malaria, so what we are doing in our laboratory is attacking this protocol at every point we can find. It has a very complex life cycle that I won't go into now, but it's been some time in humans, some time in mosquitoes and what I need is hackers because hackers have a mind optimized for discovery, they have a mind optimized for discovering what It's possible, you know, I often illustrate this by saying that if you know, you get some random new device and you show it to your mom, she might say, well, what does this do?, and you would say, mom, what's it? a phone, and instantly she would know exactly what it was for.

But with a hacker the question is different: what can I do with this? I'm going to remove all the screws, take off the back and break it into many small pieces, but then I'll find out what We can build from the rubble, that's a discovery and we need to do it in science and technology to find out what's possible, so In the lab what I'm trying to do is apply that mindset to some of the biggest problems that we humans who work with in malaria have. thanks to Bill Gates who asked us to work on it, this is how we used to solve malaria like a mock advertisement from the 40s, we eradicated malaria in the US by spraying DDT everywhere in the laboratory, what we do is a lot of work to try. and understand the problem this is a high speed video we have an awesome video camera trying to learn how mosquitoes fly and you can see they are more like swimming in the air we actually have no idea how they fly but we have a cool video camera, so we know you cost more than a Ferrari anyway, we came up with some ways to take care of mosquitoes, let's shoot them with lasers, this is what happens, you know, when you put one of each type of scientist in the room and a laser. addicted, so people thought it was fun at first, but we found out that we can build this from consumer electronics.

She's using the CCD of a webcam, the laser as a Blu-ray burner, the laser girl leans in from a laser printer. the phone is ringing ringing I hear you Preston wrong Kate you have to skip the message in three messages of faith bye Oh, so we're on Brad's voicemail and I was going to record a new message for him, but it looks like I pressed end, so we'll continue Go ahead and I'll explain how that works another day because we're short on time. Anyone here uses my space, my space users. Oh, it used to be popular, it's kind of like Facebook.

This guy, a friend of ours, Sammy was. trying to meet girls on MySpace, which I think that's what he used to be good at and what he did was not see, you know he had a MySpace page about him, they're all your friends and that's how you know you're someone's. The good thing is that they have many friends on MySpace. Well, Sammy didn't have any friends, so he wrote some JavaScript code that he put on his page so that every time you looked at his page he would automatically add you as his friend. would skip the whole acknowledgment response protocol of saying yes Sam, you really are your friend, but then copy that code to your page so that every time someone looked at your page, it would automatically add them as Sammy's friend and change your page to Di that Sammy is your hero, so in less than 24 hours Sammy had over a million friends on MySpace.

You know, he just served three years of probation for that, even better. Christopher is bad. This guy, another hacker who is also trying to meet girls on MySpace by cutting Spotty in half. The results for some of these dates didn't work out so well, so the bad thing I did was write some code to connect Myspace with Spam Assassin, which is an open source spam filter that works just like the spam filter on your email training. giving it some spam, train it by giving it some legitimate email and try using artificial intelligence to figure out the difference.

Well, he just trained it on profiles of girls he dated and liked as legitimate email profiles of girls he dated and disliked as spam and then compared it to all the MySpace profiles. Now let's spit out girls you'd like to date. I think you know what I'm saying about a bet. I think there are like three new companies here. I don't know why we need them. match.com when we could be dating spam, you know, this is innovation, it has a problem, it found a solution, anyone used these blue keys to open your car remotely, they are popular and well, maybe not Chicago, okay, yeah, secure a credit. card, anyone gets one of these, you know it's safe because it has a chip, an RFID tag and you can use them in taxis and at Starbucks, I brought one to show you just by tapping the reader, anyone who's seen them before, okay, okay? who has one?

Bring it here, there's a prize for you. I just want to show you some things we learned about them. I received this credit card in the mail. I really need some volunteers. In fact, I need one, two, three, four or five. volunteers because the winners will receive these awesome stainless steel wallets that will protect you against the problem you guessed I'm about to demonstrate, bring a credit card here and I'll show you what I want, I want to try it on one of these amazing new credit cards , okay, then someone can do it. We have a conference organizer.

Someone can force people to cooperate. Actually, it is of his own will. I've never seen what it is, these are really cool wallets made of stainless steel, okay, did anyone else see the code on the screen at Ted before, yeah, this is pretty impressive, okay, cool, I have volunteers, so who has one? of these exciting credit cards? Well, here we go. I'm about to show your credit card number to only 350 close friends. I hear the beep that means someone is hacking into your credit card. What did we get? Valuable customer and credit card number and expiration date.

Turns out it's a new secure credit card. I'm not totally sure. Anyone else want to try yours while we're here? Beep let's see what we have so we complained about this and AMEX changed it to no longer show the name which is progress. You can see mine if it shows it, yes. it shows my name on it or that's what my mom calls me anyway. Oh, yours doesn't have it right anyway, so next time you get something in the mail that says it's safe, send it to me. Oh wait, one of these is empty. Wait. I think this is the one that does, here you go, you get the one that was just put together, okay, great, I still have a few minutes left, so I'm going to make a couple of points, oh, that's my subliminal messaging campaign, se I assumed it was going to be a lot. faster, okay, here's the most exciting slide ever shown, Ted, this is the protocol diagram for SSL, which is the encryption system in your web browser that protects your credit card when you send it to Amazon and, wow, kids these days will drive through a In the Walmart parking lot, clicking open, open, open, Boop, eventually you'll find another Jetta or whatever like yours, it may be a different color that uses the same key code, kids will just loot it, lock it and leave, your insurance company will overlook you because there is no evidence of a theft for one manufacturer, we figure out how to manipulate that key so that it opens all the cars of that maker.

There is one point to make about this, which I barely have time for, but it is that your car is now a PC. your phone is also a PC your toaster if it's not a PC you will soon be fine and I'm not kidding about that and the point is when that happens it inherits all the properties and security issues of PCs and we have a lot of them , so keep that in mind and we could talk more about that later. Anyone uses a lock like this on their front door. It is fine, me too. This is a Schlage lock.

It is in half of the entrance doors in the United States. I brought one to show. So this is my old lock. This is a key that fits the lock, but it is not cut properly, so it will not turn the lock. No one here has tried to pick locks with tools like this. Well, I have some nefarious lockpicks. Well, it's for. kids with OCD you have to put them there and Finnick with them and spend hours getting the finesse to manipulate the pins, you know, for the D D kids in the house, there's an easier way: I put my little magic key here and put a little of pressure there to turn it, hit it a few times with this special mallet and I just picked the lock that we're in, it's easy and I actually don't know much more about this than you, it's really very easy.

I have a keychain that I made with the same type of key for all the other locks in the United States and if you are interested, I bought a key machine so I can cut these keys and I made some for all of you, so here is my gift. Then I'll show you how to open a lock and give you one of these keys that you can take home and try on your door. Anyone can use these USB sticks. Yes, print my Word document. Yes, they are very popular. Mine works like yours. You can print my Word document for me, but while you do it invisibly and magically in the background, you're just making a handy backup of your My Documents folder, browser history, cookies, log, and your password database, and all the things that I know you might one day need if you have a problem, so we like to make these things and throw them in the trash at conferences.

Anyone here uses credit cards. Oh well, yes, they are popular and tremendously safe. Well, there are new credit cards you may have gotten. in the mail with a letter explaining that it's new, so this is a hotel room like the one I'm staying in. Sometimes I get bored, a room like this doesn't have much to offer for entertainment, but for a hacker it gets a little interesting. because that TV is not like your TV at home, it's a note on a network, okay, that means I can alter it if I connect a little device like this to my computer, it's an infrared transceiver.

I can send the codes that the TV remote control could send. send and some other codes, so I can watch movies for free, I don't care about that so much, but I can also play video games. Hey, but what is this? Not only can I do this for my TV in my hotel room, I can control it. your TV in your hotel room so I can see you if you're paying with one of these, you know, TV-based check-in things, if you're browsing the web on your hotel TV, I can see you doing it, sometimes you see interesting things, funds transfer funds transfersReally great, you never know what people might want to do while they're surfing the web from their hotel room, but the point is that I can decide if you're watching Disney's report tonight about someone else staying at the hotel.

Affinia, okay? This is a project I worked on when we were trying to figure out the security properties of wireless networks. It's called a hacker robot. This is a robot we built that can drive around and find Wi-Fi users, approach them, and show them their passwords. on the screen we just wanted to build a robot but you know we didn't know what to do so we made the gun version of the same thing this is called yagi sniper it's for long range password sniffing. action a mile away. I can observe this network well. This is a project that I worked on with Ben Laurie to show passive surveillance, so what it is is a map of the conference called computer freedom and privacy and this conference was in a hotel and what.

What we did was put a computer in each conference room that recorded all the Bluetooth traffic, so that when everyone was coming and going with their phones and laptops, we were able to record that correlation and then I can print a map. So for everyone at the conference, this is Kim Cameron, Microsoft's chief privacy architect, without him knowing it. I got to see all the places he went and I can prove that I can correlate this and show you who he hangs out with. He got bored? things in the lobby with someone, someone here, their cell phones