Wiretapping the Secret Service can be easy and fun | Bryan Seely | TEDxKirkland

Video Statistics and Information

Captions Word Cloud
Translator: Araminta Dutta Reviewer: Queenie Lee Last year, a hacker recorded over 40 calls to the Secret Service and the FBI in one day, without anyone finding out. I think most people in here would agree that that was a bad idea. People on Twitter and the news talked about it, and some people even accused him of being a fraud of a government agent. Some people called him a moron. My friends call me Bryan. (Laughter) The point is not that sensational headline, albeit it is kind of sensational. It's why I did what I did and for why I'm here. Wiretapping the Secret Service can be easy and fun. If you haven't figured out that that is satire, then we need to have a whole other discussion. This was the front-page article on Valleywag. It made it to KOMO and a variety of different places. The reason all of this came up was because of this. What you see on the right is a common map search for a local business - an auto-glass repair category. On the left - same search, same city in Orange County - auto-glass repair. There are fake businesses in these listings, and they look just like the real ones. There isn't a person in this room who'd probably be able to make an educated guess as to which one is which. On the left, there are six fake businesses in the Google listings, and on Whitepages, anyone care ...? Ten out of ten - they're all fake. They're all controlled by one person. This one person found a way to manipulate the variety of local business systems, like Yelp, and Angie's List, and Bing, and especially Google Maps, which is the target. They have the most traffic, they generate the most business - if you're on Google, you're set. So what happens? They bumped off the original ten placeholders, and they no longer get the phone calls they rightly deserve. This is a scam. This has been going on since directories even started. Before the internet, there were actually people in Yellow Pages doing the same thing with alphabetical listings. They would all name their businesses "AAA," "AA," "AAAA," to get at the front of the category. People have always found a way to game the system. Problem is now, no one knows it's happening, and it's happening in every city, in every country, every category that services businesses and consumers, and there are over 50 major categories that this is just epidemically bad. Another problem that's actually come to light recently is - What you might be familiar with in a typical Google search is at the top, there’s a Google AdWords. These are the advertising results that people in businesses have paid for. And what you see here, and it's a little blurry, my apologies, it says, "$15 locksmith service. 24 hours a day, 20 minute response time." I don't know a single locksmith in this country that will drive to you and service you for $15 for any type of - They wouldn't even give you a handshake for $15. It's not worth the gas, it's not worth the labor. This is bait and switch. It's a very common thing in fraud textbooks. It's a price they have absolutely no intention of fulfilling, and they will charge you through the nose because you can't afford not to pay them, or they've already done the service, and then they use intimidation. You're locked out of your car. It's 11 o'clock at night. You're in a bad neighborhood. They show up because you clicked on an ad that said "$15 service," and now it's 350, and they make you go to the ATM and pull money out. What if it's your grandmother? Your wife? Your sister? This happens and it's been in the media, but no one picks it up because this problem is so complex, and big, and multijurisdictional, the FBI and the Secret Service don't want to touch it, the attorneys general; there are so many different pieces, and we have to start at the original root of the problem. This man ran a business called the Serbian Crown; this is in Wired magazine. Hackers who didn't like him turned his business hours for the weekend to nothing. They just deleted his availability on the weekends, and it single-handedly killed his business in less than a month. He had to shut his doors. He was open for two decades or more - I think even longer. So I approached Google. I told them all of the different methods that these guys are using - the exploits, the ways that they beat the ranking systems - and I was pleasantly surprised by them doing absolutely nothing. So I started creating some funny listings to maybe get some social following, and this one was my personal favorite: the Snowden Super Secret Hiding Place on the White House lawn. (Laughter) You can see why they chose that for the main website image. So I walked into the Secret Service office after recording phone calls. I didn't have a lawyer with me. I had no idea what was going to happen other than I kind of needed to be there because if I got caught, I think it arguably would have been a first-class vacation to Guantanamo Bay, and although I was in the Marines, I don't want to be reunited with them there. (Laughter) And orange isn't exactly my color. (Laughter) What I did was very simple. I created a very identical Secret Service listing with a different phone number, and as you can see, this one at the top has three reviews, 202 area code, this one has a 425 area code, same address, more pictures. I deleted their reviews in less than five minutes, and I added reviews of my own that were fake. Took less than 20 minutes, beginning to end. The positions switched because mine suddenly had more "hidden points," which then meant anybody who looked for the Secret Service, anywhere in the country for this specific one, got mine, and that phone number forwarded to them, and I could record both sides of the conversation without ever touching their systems. It's not even technically hacking. It's just stupid, really. (Laughter) You seem to think it's a bad idea. Where were you? This was me waiting. (Laughter) Might never use a phone again, so might as well take a selfie. (Laughter) While I was sitting in the Secret Service office, waiting for the guys to show up, they walked out, they all rolled their eyes. They all thought I was crazy because I'd just literally called them and said, "Hi, I might have just recorded a bunch of calls to you guys trying to prove something. Can I come in and show you?" "Oh yeah. Yeah, sure. Yeah, come on in." It sounded crazy. So I'm standing there with the agents in the Secret Service office right after I took those initial photos, and the agent goes, "Look, I don't believe you. This isn't really happening." I said, "Okay. Do me a favor, and I'll prove this right now. Call the Secret Service office in Washington, D.C., and I'll prove it." Pulls his phone out, says his name - He knew the guy on the other end. Maybe they were roommates at the academy, if they even go to an academy. I don't really know. (Laughter) Who does know, I mean, really? (Laughter) They hang up after about five minutes, and I open my laptop. I push play, and it played back the conversation I'd just heard, because he was standing next to me, and the full audio of the guy we didn't hear. And their eyes suddenly stopped rolling. And it got very quiet. And they handed me a statement saying, "These are your Miranda rights. You are not under arrest but we need to search you, and we would like you to accompany us to the guest suite - (Laughter) this luxurious, closet-sized suite with no windows, in which you'll be staying an undetermined amount of time. You're not under arrest, but we really don't want you to leave." (Laughter) Obviously, I was there of my own accord. Obviously, I was there because this was the right thing to do, because there was something bigger at stake, because there are people being affected, and so I took a risk. I took a risk of never seeing my kids again. I took a risk of a misunderstanding. There have been people jailed for far less, who are completely innocent. I didn't have any criminal intent. I walked in immediately and went like, "Ha ha ha, I'm sorry. I'm an idiot. And here you go. This is a problem, fix it." They couldn't ever bring a case against me saying, "He was going to sell this." The first people I called was them! While in the room, they called Google and said, "Okay, he's been telling you," and they go, "Oh, but we didn't believe him," and then ... I don't know whatever they were saying, I wasn't monitoring that call. (Laughter) What ended up happening was they said, "Delete the listings. He needs to delete the listings," and then the Secret Service said, "Google, shut it off until you guys fix the problem," and they said, "Okay, got it." So they hung up, and he walks in and goes, "You're a hero for bringing this to our attention not knowing what the results would be against you. This is a national security problem. There were phone calls that had sensitive or potentially investigation-compromising information on them." I stopped listening - I didn't want to hear anymore. I didn't want to be like, "Oh man, like, President Nixon," and, "He totally did something stupid." (Laughter) "I'm going to end up in a bag in a river! Why did I do this?" (Laughter) So they said fix it. Six weeks, Google shut off phone verifications for new businesses. They shut off a lot of the little methods that I required to be able to do this kind of thing. I thought it was fixed. Six weeks later, they turned it back on with not a single change made. They had just paused. The news had died down. The Secret Service had closed the investigation because when the Secret Service tells you to do something, I think they're pretty used to people doing it. I mean, it's not like, "Please put your hands up, if you don't mind," and, "Would you mind not shooting at the president, today?" Like, they don't make requests, they make demands because it's a very clear, black-and-white thing for them. The reason I know it's still broken is because I built this with no one's permission on Northwest University's campus last week. The cell phone for that number - it's in my dressing room. Postcard verification is required to establish new business addresses. I obviously don't get mail at the university. I didn't go. This was built yesterday. It's a snowboarding shop in the Oval Office called Edwards Snow Den. (Laughter) (Laughter) (Applause) Yeah, they didn't fix the thing. Google lied to the Secret Service. They said they would fix it, then turn it back on. They just waited for the media to die down. What we can do now. I'm the authority on this subject. The largest tech publisher in the country let me write a book that's coming out in August. That book is designed to raise awareness for all of the businesses and all of the consumers - all of the victims of this horrible scam that people don't even know is happening. All you know is your American dream of owning your own home is slowly being taken from you, but you don't even see the guy who's taking your money. You just got less calls last month. You can't pay for your kid's braces. Suddenly, you can't make your mortgage. I've talked to well over 20 different people whose families all live with their in-laws. They lost their business; they lost their bond; they lost their insurance; they lost their work truck. Whether it's a locksmith or a carpet cleaner, these are hardworking Americans. These are small business owners. They're complaining to Google, and Google's going, "Nah, it's not us." They don't have a chat support line. Their forums are just empty of admins. There's nothing really going on on Google's end, and the worst thing is - Remember those advertisements I was showing you? The scammers pay Google for those ads by a click - every time they click. So when you click for that $15 service, the scammer pays Google 25 bucks. Doesn't make sense. If they were originally going to charge 15, how can they spend more on the ad than what they were going to bring in? Because they were never intending on that. Google knows they're doing this because they just fought a lawsuit and got it dismissed under a law that's not designed for doing this. They're hiding behind their army of lawyers and their motto of "Don't be evil," and they're cashing the check of the guys who are robbing from the consumers and their clients. I don't know a clearer way to say it. They're happy to cash the check. They don't want to fix the problem because they're making a lot of money. There are hundreds of thousands of these fake businesses across the country. For example, you can fit, in one category, three to five auto-glass shops in a city of 100,000 people or more. There are over 299 cities of over 100,000 population in the United States as of the 2013 census. How I know that is because I used to be working with these kinds of scammers. I have detailed files from all of the different things that they've done. They pay for bulk reviews written by professional authors and writers - 20,000 bought at a time. They are so good at gaming the system that you are so ill-equipped to even notice because you're in a hurry. You're not looking for a plumber because you might have something wrong next week. Your basement's full of water and everyone's going to drown. Call the plumber now; you don't need to price check, and they're counting on it. Stop using Google for this product. Now, don't get me wrong; I love Google. I use their Gmail service, I love the way they invest - clean energy, SpaceX, self-driving cars - they are a great company. This one piece is a cancer. It's a blight, it's a shame, and the way this stops is them going, "Okay, we're going to fix it. Let's see what we can do and make this right. Somebody's making money and somebody's covering something up." And until that day comes to light, I'm pretty good at being loud, and I'm pretty good at being obnoxious, and I'm pretty good at getting away with some really, really obnoxious stuff. If you want to go and look those businesses up, they're live on Google Maps, prominently displayed for the whole world to see. So if you're in the Oval Office and you need a snowboarding shop, I might know a guy. (Laughter) Thank you. (Applause)
Channel: TEDx Talks
Views: 2,871,553
Rating: 4.8699436 out of 5
Keywords: TEDxTalks, English, United States, Technology, Big problems, Computers, Cyber, Government, Hack, Intelligence, Internet, Life Hack, Terrorism
Id: 5c6AADI7Pb4
Channel Id: undefined
Length: 17min 46sec (1066 seconds)
Published: Mon May 04 2015
Reddit Comments
Related Videos
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.