How We Hack The Planet | Jake Davis | TEDxTeen

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] hello I'm one of those scary internet hacking people and with that in mind please make sure if you use the free open Wi-Fi here login to Facebook Twitter do some online banking it's really I've checked it out it's super secure though I'm here hopefully to shed some light on the hacking world and to perhaps change perceptions of it a bit and show that hackers can be a force for good in the future cuz everything's connected to the internet everything's connected together from that screen there and there's like there's like a robot thing down there you'll see in the break that's got Bluetooth in it through everyone's phones and here's to the Wi-Fi every time we walk around the o2 where we're being tracked they can probably get our home addresses just by following our mobile signals so a little bit about how I got into the hacking world I grew up in the Shetland Islands which are here as you can tell there's nothing to do in the Shetland Islands I won a knitting contest in school we had three knitting classes a week and I thought that was that was quite fun a simple life of knitting and herding sheep and in farming peeps but instead I joined a politically motivated global hacking collective instead just kind of the only other option in the Shetlands so I I went under the alias topiary I use the kind of ludicrous ascii horse as an avatar and you can see below we started to use this headless suit with with the question mark the sort of symbol of a we are legion we do not forgive we do not forget we are we are everyone and no when all of that all of that kind of pretentious nonsense we studied some of that and we started putting that stuff up on government websites during the Arab Spring in 2011 Egypt Tunisia Libya Zimbabwe in support of protesters we would deface government web pages we wouldn't release any information or anything like that or try and harm individuals well you just put messages of support up that say we know your government's trying to suppress information to the outside world we know that they don't want you to think you have support but know that the Internet mind the anonymous mask royal here for you so he wrote a bunch of nonsense up there the thing that I'm as opposed most known for which was also the one of the biggest mistakes I made was hacking into this terrible cult called the Westboro Baptist Church racist homophobic cold that pickets their funerals of dead soldiers in the states and we decided well they they declared war with anonymous a very amusing statement and they kind of thought to get media attention or forbidden stuff on the back of the the Arab Spring and so we went to a live radio show with them and hacked their website live which I thought would be a very amusing way to do it and just a way to get across we don't really care about you we've got we've got more revolutionary stuff to get on with but we'll just do it anyway that went viral online and I made this massive mistake of just sort of being quite carefree at the time and not very being a very good hacker and just didn't use any voice modification software so just for how you heard me now is how it sounded on that radio show she's a really really bad idea and I'm most known for just doing stuff like that in tweeting just pretentious nonsense like you cannot arrest an idea just something I tweeted right before I was arrested the following day we've started myself and six others started this group called LulzSec a bit more difficult to explain we used a giant flying cap in space as a logo and the giant boat made out of a ski out and a little stick man with her with a glass of wine in an effort to sort of say yes we've done this hacking under the anonymous banner under the big scary mask etc etc and everyone kind of sees those hacks and go yeah that's it that's that's impressive security is a thing but that's anonymous of course they can do it they've got these big bunkers everywhere there he's super you know super super horde of people around the world what if we a bunch of idiots with a stupid cat and a stick man could do the same thing people started looking at and going hang on what we need to think about security now so we would do things like news websites that ppps disagreed with a WikiLeaks documentary that was made so we just thought okay we've got access to the PBS website let's not do anything we'll just publish a fake story from them saying 2pac and biggie smalls are alive in you and some people to this day think that that's real still and during the phone hacking scandal not a big fan of the Sun newspaper news of the world published an article from the Sun staff writer saying that Rupert Murdoch had died in his garden instead of going to to give evidence at the phone hacking scandal that Leveson inquiry things got a little bit out of hand in that we started targeting government websites the CIA website that went down for a while the Department of Defense the Senate etc and the thing at the time I think this is true a lot of hackers you don't really see the difference between these sites or these targets they look exactly the same they're all through this kind of square let's just screen into this other world taking down the CIA's website to some teenage hacker feels the kind of same as playing a game online or looking at a video on YouTube it'll kind of blend psychologically into the same space and I've come to terms now of sort of what the ramifications of it all were but at the time it just felt it felt like a game which is a very very bizarre and I think and I think a lot of hackers suffer from that we're only after only after it's all put in kind of a nut shell or like an image like this that they realized how hang on no that is this that is the CIA things but we only sort of hit home when the cat there's a stupid cat rather than the stickman figure we all put together in Microsoft Paint ended up on the front page of The Wall Street Journal in the full color print and people started making all like stickers and notes and selling them on red bubble and all of this stuff then some people started dressing up as us for Halloween that was a strange Halloween I like the cat though that's pretty cool then some people got on an actual boat with logos like you can't arrest an idea in the anonymous flag we were very briefly according to Google Trends more popular than the boy band One Direction about one day in many ways that was what it was all about just beating them and then we were all arrested not one direction unfortunately sorry sorry Zane so I was arrested in the Shetlands and flown to London on a private police a Learjet because it was the only way to get my me off the island held for four days and they said I'm a threat to national security and you know it shouldn't be released to review a threat to the public etc and I was just like you know whatever I said that the judge the judge looked at me and just went no he's blatantly some kid from the middle of nowhere let him go ban him from the internet and put him on an electronic tag so I spent the next two years banned from the internet which is super annoying with a home curfew of 10:00 p.m. which in combination with being banned from the Internet is especially annoying given I'd moved from the middle of nowhere to a big city like London where finding your way around is hard without Google Maps and then finding your way around without Google Maps and legally having to be home by 10:00 p.m. unless a van van comes to your house and arrest you so I was running about quite a bit and I sprained my ankle running up the angel escalator at 9:59 p.m. in order to get back so I was I ended up standing trial in Southwark Crown Court here in London I was sentenced to two years in prison although because of the time I spent on electronic tag et cetera that was one year of probation and mathematically only seven or eight weeks in prison and so I went to Feltham young offenders which was apparently the most violent prison in the UK it's a very strange place to send hacker but I'm told he told them the way the prison system works is you go to the prison that's closest to the court so that the van doesn't have to drive as far so that's why I was there and when I went in I was I was I was scared but I think I think the hacking thing worked okay in there I think everyone's got this natural icebreaker in prison where you've gone against the system in some way and hacking sort of goes against the system in this very definable way and so people would come up to me and say yeah I've smuggled a blackberry and can you hack it for me or can you do my maths exam and all of this one once mildly scary incident and a new inmate came in and when people come in they seem to have this idea that they need to start a fight to prove themselves which is the worst thing you can do in prison so this guy comes in and he sees me and goes I'm gonna pick on that guy so he comes up to me and it's like oh you wanted you wanna start something etc and I'm just unnaturally kind sarcastic and I'm like Ireland there's not much to start around here we're not gonna I don't know we're not gonna be able to start it and this guy that I've shared a cell with his name is mr. teeth so all he would Ollie would call himself massive guy he basically ran the way he was he was just a teenager's enormous he goes to the gym every day and he just went right up to this guy he went your blood you do not mess with half gainer you know why that he'll be mortgage your house blood urea mortgage your house you won't even know he did it so you don't mess with hacker and this guy was like oh sorry hacker I did I didn't know then all the guards started calling me hacker exception so I was released and I think the thing that sticks me the most about that experience and and young people going through that kind of system was upon release one of the guards said to me oh you'll be back next week because there's a 95% rear fender right and I can see why you're left with a bus fare home and that's it you go you go to probation a horrible system for everyone so nowadays this is five years later hacking has changed quite a lot the culture of hacking has changed quite a lot back in when I was doing this stuff in 2011 even if you epically broke into a company or government and then emailed them saying we found some flaws in your website here's how you fix it they will prosecute you they'll come for you there's there's no way to ethically do that just the other month this 15 year old kid hacked into the Dutch government and he emailed them just saying I hit and found some flaws I've kind of got access to everything and the Dutch government responded I think the best way possible they they said all right that's that's very good tell us how to fix that we're gonna acknowledge you on official government websites media coverage etc and they sent him some swag they sent him a t-shirt that literally said I hacked the Dutch government and all I got was this lousy t-shirt that is I think that is the best possible government response to website because they could have you know it would have been game over for him five years ago they would have come down here without choppers smashing this door ruined his life forever and I thinks nowadays so many governments and companies and individuals are getting on board with this we have these things called bug bounty programs where sites like Facebook Twitter and whomever else can basically sign up to a service and say or you know we have we have a critical infrastructure we have valuable systems if you're a hacker email us with with a bug that you found we'll fix it and we'll pay you I'm so Facebook for example if you hack Facebook they'll give you $500 minimum every single time if they accept it as a security risk and I think this kind of system is fantastic because what you get well you have to look at is hacker motivations why do they do what they do a lot of it is kudos from other hackers and the challenge of doing it the last thing often on hackers Minds even the blackhat hackers that release customer information to the open web ironically the last thing on their mind is releasing customer information to the open web they're thinking oh I've broken into the web site I've got the challenge of doing that I want to prove myself what's the easiest thing to do the easiest thing to do 10-15 years ago was just to cause havoc cause mayhem nowadays you tell the company even if you've fact the more mayhem you caused the better because the more you can prove to their security team what a threat it is and you can get paid for it you can get put on a leaderboard of with other hackers you get a point system where you get like 50 points for hacking Twitter 75 points for hacking Facebook and I don't I don't do this stuff very often anymore but I've got bug bounties in with Apple Facebook Google they're all great you emailed them and Apple the other month got back within a day just saying okay we've acknowledged you in the next ayah a SUP date so I think there's this this gap that's being bridged which er it's fantastic and I think that's definitely the way forward and to illustrate that I'd like to talk a little bit about this guy his name is Aaron Barr and he was one of the targets of of our hacking in 2011 he owned a cyber security company and he said to the Financial Times that he had discovered the leaders of anonymous it's a very very funny statement and we thought okay well we'll go hack him and have a look at who he thinks the leaders of Anonymous are and so we got we hacked him got his entire company got this document that was all just nonsense so we just published a document ourselves instead of letting him publish it and give it to the FBI and in the meantime we saw his email inbox 50,000 company emails the reason that we've managed to get into that was because he used the same password for his World of Warcraft account and his company's entire email account it's not great it also wasn't a very strong password I want a recite it letter by letter I mean it wasn't mostly just letters and we found out through their emails that they were the kind of developing kind of sketchy malware and you know you're trying to discredit journalists like Glenn Greenwald who are in support of WikiLeaks at the time and they almost had a congressional hearing into the company he claimed there was 10 million in damages the company dissolved he got fired and then from his next job etc and so and then I then I went to trial three including this and so in many ways both of our lives were kind of melted down and reformed and shattered in many different ways and emotionally and otherwise because of this stuff and we both made my probably made slightly more mistakes than he did but we I messaged him on Twitter just last year saying this this is weird is it I mean it I thought I saw him previously on the Stephen Colbert show not in person but just this picture of him and Colbert was just looking at him mocking him he was kind of the face of bad security alleged to have entered the hornet's nest of anonymous and gotten stung so I messaged him on Twitter just saying this is this is this has been a strange time let's meet up and it was a while and we did we met in a in a pub in London I just did the only thing I knew how to do which was buy him a whiskey and I got him another whiskey and we started playing Pokemon go it just come out at the time and he he has much better Pokemon than I do and so I think I think he wins in that regard it was a strange chat we started chatting about security and you know it was weird to see someone in real life that I'd only have these kind of vague notions of online my only perception of him was this kind of online chats in these emails and we'd be kind of at war together but at war in the same way that anything is a war through the internet whether we had Twitter flame war I'm taking down the CIA said it was very hard to combine the two images in my head and so we just ended up getting really drunk and we were talking about Edward Snowden I massively agree with Edward Snowden he doesn't so that was good debate conversation caught the attention of someone at the bar you just came up to us and said look sorry to ask but how do you guys even know each other and Aaron said the best thing he just looked down at his whiskey and just ship it around and said well we met online I just took a long long that's not actually what he sounds like I don't know why I gave him that voice just now Aaron bar I cyber security expert know so I ended up falling asleep just in his hotel room I needed a place to crash and when I woke up in the morning he was gone he'd flown he was vanished all this stuff was gone he'd flown to America to consult or go to a conference I just was woken up by there by the room service coming in very strange experience I was first the first thing that went through my head was I've read this guy's email six years ago I know he's an expert on bugging software and planting bugs in people so then I was in the shower that day just checking making sure he has it he wasn't formulating some like six year long revenge but it turned out he wasn't we continued playing Pokemon go we continued to chat I think really excellent game what what I think I some what I'm trying to say about that is this is someone that was on the other end the target of anonymous the target of LulzSec someone that we just we've seen this image of and that is the face of the corporation sort of greedy cyber school corporation we were against and there's so many similarities between us creatively and I think hackers security experts the musicians theater goers creatives all have the same kind of feeling or wanting to deconstruct something put it back together understand it understand the ins and outs of it and that's one of my best collaborations have come from those people and so I think we shouldn't be afraid to engage hackers I think we should look through the hyperbole of of of the media the word cyberattack which is applied to literally everything from a country's website going down to that someone's DDoS is their friends minecraft server and that's considered a cyberattack it's all put into this one thing in it it's horrible doesn't make any sense and it vilifies it adds a stigma to it so I think we shouldn't be afraid to engage hackers if you work for a company just hire them make a bug bounty program go to these hacker conferences they're absolutely amazing I think hackers can be a force for good in the future and we definitely need them so thank you to hack the planet you

Info

Channel: TEDx Talks

Views: 50,355

Rating: 4.9430604 out of 5

Keywords: TEDxTalks, English, United Kingdom, Technology, Connection, Digital, Global issues, Hack, International Affairs, Life Hack, Youth

Id: 75gNBrZH2WA

Channel Id: undefined

Length: 17min 0sec (1020 seconds)

Published: Tue Aug 01 2017