 Social engineering really is where it ends. I love this con. I consider it an extraordinary honor and privilege to be able to speak here for half an hour at this end of the con. I want to acknowledge what it is that the feds did too. I mean, things have changed, right? The con opened with a panel, number three guy in DOD, and other people from the federal government saying, with top hat and tails, we were at you. It closed with a pitch from NSA, and it's a various wholly owned subsidiaries for you to check out on the websites and consider working with them. It's amazing how fast things have changed. But it's also a testimony of knowledge, and I think to this con, as opposed to all the other great cons that there are in this domain, that they showed up, that these guys showed up and acknowledged that it is so important to them, not just to disarm you, which is one of the agendas, but also to recruit you into their domain because they not only have the greatest toys, but still believe, according to an increasingly obsolete and morphing way of shaping the world, that we can identify the right side and put ourselves on it. This last demonstration, I was so gratified to hear the true spirit of hacking in its purest form. The kind of elegance with which simple nomads spoke of the way to bypass checkpoints defenses. That's the elegance of it, the glove of the skill, the elegant solution, the solving of the puzzle, which is where all this starts and ends. But ultimately, who is owned is a bigger and deeper question than we like to think. It does not end with owning the box. That's where it begins. And when I spoke to Black Hat this year, part of what I talked about was the multiple levels of deception in the world, the overlapping shapes and contours of new organizational structures and identities for which we do not yet have names. And I want to talk a little bit about that, too. I want to go back five years ago because that will, I hope, establish a benchmark of credibility for what I'm going to say about the next five years. Five years ago, there were, what, less than a thousand people? It was still the original DEF CON ethos, i.e., we meet in Vegas because they're building hotels faster than we can use them up. Right? Some of you remember. Now it's a five-year contract. It's a five-year contract. And instead of wink, wink, nudge, nudge, it's thank you for being mature. I mean, things have changed in five years. Five years ago, I titled the talk I gave, Hacking is Practice for Trans-Planetary Life in the 21st Century. I went back and looked at it the other day, and every single thing I said in it that I thought was going to happen has happened. In other words, the real acceleration of time in this domain is something we have to surf and be aware of. It does get harder as you get older, but it's still possible if you make the right allies. I talked about the technology, the way Columbus interacted with the technology of map making. Before he was a discoverer, he was a map maker. And in the process of using the technology of the time to make maps, he internalized a new vision of possibility for humankind, and only then could he get up and go, and that is exactly what is happening by interaction with the network in the symbiotic relationship that is now almost ubiquitous and almost not even seen it is so complete. I talked about Hacking in its truest form, what you heard about today, as the true getting your hands on the leverages and throttles of power in what I called then the next century, i.e. now this side of the Y2K hump, which was really just a blind spot of scaring how fast things were going to move through it. So, the exercise of power in the digital world is what I said it was. Those who have a passion for knowledge, who for example didn't understand some of the complexities of simple nomads, most far reaching analysis, will not get pissed but will go home and say, I don't know. What can I do to find out? How late do I need to stay up? Who do I need to call? Or as Jeff Moss said about five years ago, I can't master it all, so the most important thing I need to know is what I don't need to know. And therefore the next most important thing I need to know is who knows it, so I can get it what I need it. Now for five years I've been using that quote in a talk and attributing it to a mythical hacker that doesn't exist. Because only five years ago it was still an open question of whether we dare to associate the middle class male power world of Jeff Moss with the world in which he had built up the identity of dark tangent as a passport to exercising power online. Today I can say this is Jeff Moss and aren't we proud because that's another symptom or sign of how things have shifted. The hardware structures how we think, that's where the symbiotic relationship begins and the software that rides on it restructures how we think. If you don't see that the filters we are building are simulations then we will come to believe in the simulations as if they are reality. I did a talk not long ago for some investment people. They had incredibly sophisticated simulations of economic life in the lobby and the better they get the more they believe they're dealing with reality. And all I could beg them to do is go to the edge where new emergent realities are showing up, which in the digital world is one of three places usually, it's where kids play. It's why Def Con is the avod guard of what's emerging. What children play with is what a society in advance of itself knows its children need to know in order to function 10 years down the line as adults. So when you buy Legos that are turned into a robot it's a different kind of play because that's the skill you're going to need to have. In addition to children's play you go to war because war matters more than any other thing to securing the perimeter of our lives like it or not and therefore go to the emerging technologies that don't even have names like Neuroavionics are creating a truly cyborg world and the other place to go of course is the online sex industry because that's where people are willing to put their money first and fastest which gives enough cash flow to the R&D of the sex industry online to generate the most advanced technology. When people who can't afford it are paying four bucks a minute to watch a two inch by two inch cyber dial dance then you know this is worth paying attention to and I love it. Years ago somebody did a survey of the people who were in the box when they first set up cybercams to show you could toggle back and forth. Left camera, right camera, please do this, do that, do the other thing four bucks a minute. The old question people ask most, I love it, the question the girls were asked most was would you please wave your right hand because the only thing people wanted to know was are you real? Now think about it, you're looking at a two inch by two inch simulation made out of bits and pixels and it could answer any question you ask by immediately accessing a database and showing you a multiplicity of responses without even thinking about it and you're asking that simulation to tell you is it real and the simulation says yes I am by waving its left hand and therefore you continue to engage in the simulations if it's real. The next level on top of the software is where the rubber hits the road and that's the construction of modules of symbolic reality up here where we all live and that's where you are either owned or not owned and that's where it gets a little tricky. It's the human interface, it became clear to a lot of people this year I think that we're doing everything we can to lock down and secure the electronic network but at the interface with the human network unless we apply the same strict standards of security to the human network it is in the, excuse me, it is in vain. Why? Because we're watching every move in the electronic network, we're looking for anomalies, we're pattern matching we're looking for anything that's out of the ordinary unless we move into a society that has ubiquitous surveillance pattern matching looking for anomalies the way we now look at parking lots if somebody walks in a different way to their car we think they're lurking to steal instead of picking up their car we're doing that in every domain of life surveillance is becoming ubiquitous and we are accepting the fact though really may a society not in this day is a big brother you know Stevenson said this at computers freedom and privacy it's not who you think is the enemy that is the enemy there is no big brother out there but because we need a big brother we will project one onto the digital simulation and believe it's there the real big brother are people who have no names the people who are doing the serious crime are not in this room for the most part right because if you're in the room it's a cover but if you're seriously doing serious crime and you're trying to bring down people and you don't care how many people you kill you're not letting people know who you are the human interface is where you're owned all of the information and communication through our technologies is what determines our identity and by interacting with this new way of processing information we are becoming a different kind of person and that's what has to be secured the boundaries are dissolving what used to be nation states i.e. the constructions of political and economic reality that were invented in the 18th and 19th centuries as an appropriate boundary or semi-promeable membrane around our economic units it was appropriate to the kinds of technology we had in the way things flowed through them but those are dissolving and there are new what do you call them? MetaNats MetaNationals Trans Nationals at that stock market conference they tried to talk about a new sector of industry that now exists but they can't get a hold of it quite because it kind of floats like cyberspace tethered in the real world there's a new sector of trans-global entities that do not find themselves beholden to any national structure a name like Bechtel do you know what Bechtel is? you've seen James Bond movies? Ernst Stavro Brofeld that's Bechtel that's the face of a privately held company that is building the world into positions of power in which some of the most powerful people in the world have moved and because it's privately held no freedom of information act is going to extract from it the information we need to know what is going on in it that is where the power to hack i.e. as simple nomads said the power to connect the dots and see the big picture and relentlessly pursue knowledge no matter what unconventionally crossing boundaries and creating rules by which we operate on the go as we make it up for ourselves this will redeem the power of the faceless entities that would, if they could, determine the structures of our lives by creating simulations that they want us to believe are real everything is converging in the digital world like journalism infotainment what we used to call news it's all becoming one thing it's PR you know about Eddie Bernays the father of spin 1920s publishers went to him they said we're not selling enough books we need to ramp it up instead of just advertising to sell more books he went to the leading intellectual lights of the day the Nobel Prize winners the real intellectuals and he asked them if reading was important to civilization they all said of course civilization of topple if they're not a literate society base they all signed affidavits that testified to that then he took those affidavits to meetings he called of architects builders contractors he said do you want to help save civilization they said yes so as a result of signing on to his vision they all agreed to a new way of building houses and apartments and so for the first time literally in human history if you went an aristocrat when you walked into an apartment or house you found first time built in bookshelves and so when you walk into a space into which someone has built in bookshelves what do you do you buy books you don't even think about it you just buy them and put them on the shelf and don't give it another thought I'm using that as a metaphor to say the construction of forms and structures in the digital world is the equivalent of building bookshelves and what people do when they come to the interface is not even think about how they put on the books of meaning, importance, values, and truth into those shelves and then live as if they are real you are the people who are building the built-in digital bookshelves do you know what is the single most important thing users consider when they're talking about security I just read the most wonderful little white paper they don't care about SSR any of the things we think are important they don't care what icons of locks or keys are on the website do you know what was identified as that which creates a feeling of security in the user most? usability usability in a website so that if you interface with it seamlessly like putting books on bookshelves and don't even notice how you click through the space making yourself more and more at home in the space until you get to the place where it says buy and you click yes and do whatever it tells you if you feel secure people feel that they are secure so given that when I look back I saw that what I said was coming in five years is in fact here what do I think is coming in the next five years when I look ahead some of this is going to sound pretty bizarre but then again I do and I've learned that things really start on the edges by the time everybody believes something it's over you know Robert Galvin great mind at Motorola they said to him what are the ideas that in the history of your tenure at Motorola made the biggest difference in terms of a breakthrough idea and he said you know what looking back wisdom and perspective he said every idea that made a critical difference in the life of this incredible enterprise began its life as a minority opinion it was said by one person on the edge because he saw already that the edge is the new center if somebody said it nobody heard it and if somebody didn't say it again it would surface through another mouth because when an ideas time has come it will find a way out into the biosphere and someone said it and said it and would said it and was ridiculed first people laugh at it if they hear it at all they can't hear it you know like how many of you think women should not get equal pay for equal work please raise your hands alright so there's only about six back here taking names, kicking ass that's why nobody raises their hand people may believe something in their hearts but big brother is watching thank you I wanted to see if you were paying attention that was very good alright so I remember I'm old enough to remember when Gloria Steinem first said women ought to be paid the same amount of money for the same work people didn't think she was serious it was such a radical and impossible to hear idea and so they did to her what we do to all ideas on the edge they didn't hear it then they laughed then they ridiculed her then they hired 60 minutes to do an expose of her and then they arrived at the final stage which is everybody believes and says that they've believed it all along and that's how you know an idea has arrived at a condition of consensus reality and by the time consensus reality has arrived it is no longer true that's why you have to constantly go to the edges war, sex, and children to see what they're playing with to see what is emerging in the in the world that's why Defconn has been such an incredible incredible aperture or opening under the human soul pouring its contents into the digital world so what's coming cyborg life is coming it's coming step by step nobody gets excited when you put in a pacemaker big deal so you put in a plastic knee so you place a hip so you put in an eye so you put in hair so pretty soon you're replacing every single part you can replace a kid works in Silicon Valley visited a friend's warehouse yesterday loads of troughs all with headless frogs in them sustained in broths of nutrients and animated by wires no brains except the stem that keeps the organism kind of functional never had a brain they just grew them from embryos and they're using them to harvest frog organs why? prototype what do you call it? a pilot project and they're doing frogs because even though it makes your stomach turn over you can handle frogs you walk into a warehouse and see 400 human beings without their heads in troughs and nutrients and animated by wires you think the abortion fire is something but that's that's what's coming I know friends who want kidneys they haven't got kidneys and they're going to die why not grow them in a headless body in a trough and harvest their organs why not grow only 40 or 50 kidneys in a body and grow lungs in another body grow them on pigs and figure out a way to harvest the wisdom of our tribe sensory extension you know already people are talking to themselves wearing headsets you know what's coming you know there's going to be ubiquitous connectivity through embedded wires and wireless connectivity you know there's going to be chips in us you know the whole environment is going to be a seamless wraparound digital environment and so how are we going to communicate not through primitive keyboards but there's going to be a subaudible text like the background noise in any room and when you turn to it you can listen to the feed or not and you can have a projection screen here and the sensory extensions can take you into ultraviolet or infrared dimensions what it means to be a human being in cyborg time is going to be changed completely and Blade Runner reality is going to be ours the only way you know yourself is through memory and persistence memory is already being manipulated, managed and created by the interface with the media how many huge conglomerates of media are there only 17 and yet 85% of the interface of the entire world through various media is somehow or other in the hands or in the control of those 17 transnational or meta-national conglomerates so when people go to work for journalism what is it they're taught to fight for truth and justice if they at least have a burning passion for those things in their hearts so they see a story like Gary Webb saw a crack coming into LA under the auspices of the CIA with the blessings of the NEA and so he told the story so what happens when you see Gary Webb's head put in a spike in front of the city gate the socialization of a reporter according to Michael Perini who knows is that you see a story like that and you run back to your paper and you say I've got this great story full of truth and justice and you're told by your editors we don't do that kind of story here so the next time you're out and you see a story like that you come back but you don't tell your editors because you know you don't do a story like that here and the third time you're out and you see a story like that you notice the story and you don't even see that it's a story anymore because you've been socialized integrated, assimilated and transformed into the face of the values of the media which is ultimately in the direct control of the people who own the pieces of the media so what do you do you have to redeem the truth and justice which is why it's worth fighting for small cells of trusted neighbors and friends in cyberspace it's where this community started but why did this community come out of cyberspace 8 years ago about 100 mostly guys who met and lived online why did the Buddha move east why did the Buddha get up and move as a clan, why did Defqon come out of cyberspace and get sucked in the meat space to come to Vegas to hang out because this is where we live cyberspace may be transforming and reforming us, it may be a matrix of transformation and re-identification but we come out of it into our flesh and into our bodies that's changed but this is where we live and this is why we continue to come together so cyborg time is coming with neural avionics you know about those right connecting fiber optics to the optic nerve of the mind the optic nerve of the eye so that you can control the armaments of an airplane going beyond biometrics by thinking when we are fused seamlessly with our machines who are we you own the box but who owns you I called it Transplanatory Culture for a reason, you can't talk about this stuff I'm not going to talk about it when things are anomalous and out on the edge nobody can hear them they're ridiculed and they sound ridiculous when I run into people from various agencies of government and we talk off the record in the bar and we all agree that we've heard the same stories from the pilots from the intelligence people from the commercial pilots from the people we've interviewed on the ground we know that we've been engaged in a contact scenario with other civilizations for at least 50 years it's been managed beautifully so that even to talk about it like this makes you suspect as a crazy or the worst thing you can say about somebody a conspiracy theorist conspiracy theorist is the new term for what we used to call a journalist it is it is honest to God it is so the night I get an email from a hacker way back when, way back when somebody in LOD, remember that acronym? LOD God when we were children and our hearts were young and fresh and somebody from LOD had checked out a telecast system for me to see if the tones I had recorded had originated there or as the strange crazy person said from something hovering above her house well you can't prove the negative but you can prove that they didn't originate inside the system and somebody sent an email out of the darkness one midnight that said the people inside White Sam's are communicating to me what I used to find out when I hacked the old Millnet system they are here and I don't think they are benign ok now midnight when you're alone over your monitor that's a chilling thought but when you share it in the daylight of Vegas at 113 degree heat it seems remote and distant no joke trans planetary culture whether we go there or they come here is going to make the cantina scene in style wars look like a Sunday school picnic it's what's here now and therefore I can say it's what's coming because all I'm seeing is what's so and saying what's so and then when it shows up on the edge Nietzsche said original thinking, creativity is nothing but leaning your head about two inches further than the herd over the horizon to see the rising son of new truth and giving it a name most of the things about which we speak to each other in this place did not have names ten years ago dot com was not a name recognizable by anybody as a thing when the first DEF CON met so alright that's the introduction and I'm out of time so what I'm going to do is just I'll just skip ahead to one little module that I did at Black Hat because it was about Sun Tzu because it illustrates the problem we're up against Sun Tzu said that all war is deception he said the way you wage war is by scooping out the mind of the enemy he said you determine who it is and then you understand them and then you use every kind of intelligence counterintelligence and disinformation what we call PR you know or what Bernays called PR Bernays invented the term public relations it didn't exist before he gave it a name it's a nicer name now there are schools of journalism and public relations it's like we have schools of black and white because there used to be schools of journalism the purpose of which was to discover the truth and there were schools of public relations the purpose of which was to obscure and distort the truth like the time as example when I read an article I wrote in a thing in England and they called up and said you want to do some web defense for one of our clients I said what exactly do you mean by that and they said well for example say it's a tobacco company and somebody attacks them we want you to go up and set up a whole bunch of websites and I said oh defending the tobacco company he laughed at mine I avatain no no no attacking the tobacco company we want to set up six to eight other kinds of attacks each subtly different from the other and we will seed each site with enough information to make them seem credible but never give you the information that would hang our client so that all those people who want to attack our client will come to those websites and therefore they can be led quietly off a slant of the truth or the pursuit of truth we want you to go up into all the chat rooms we want you to go into what then it was just using that groups we want you to have multiple identities sometimes even argue with yourself through various identities in order to disrupt, distract and obfuscate it's a good job you said it pays well so that's what I mean by the difference between PR and truth so Sun Tzu said our war is deception multiple levels of deception exist in the digital world from the ground up interleaved like planes of luminous symbols and we kind them like in the matrix trying to figure out what's real only if we have a single common point of reference can we ever discern anything what we used to call the truth Sun Tzu also said that there is one thing above all factors that make the commander of troops potent and that is moral and intellectual force it's what Martin Luther King Jr. or Gandhi called so force it means using or surfing the power of the universe that no one can withstand and I'll distinguish it from some hacking attempts so force means that when you break a law you accept the consequences in order to cause outrage in the hearts of those who witness the consequences and realize it is an unjust law that's not the same as breaking the law and running because that accomplishes nothing it contributes and reinforces that which you think you are bringing down and attacking so two things in war all war is deception and is aimed at the mind of the enemy both of the battlefield the battle should be already won and no force or battle weapons should ever even need to be used and you command the loyalty of your troops by treating them well treating them like your own children so that they get that they are absolutely respected and will follow you not only to the end of life but to death itself those two things are necessary now after world war two an interesting thing happened you know that under the cover of the cold wall that was emerging what was the RSS some of you work for the organizations that emerged from that time a number of multiplicity of intelligence agencies came into being they also were part of a larger matrix what Eisenhower who is no knee jerk liberal called the military industrial complex which is really the military industrial educational establishment research establishment complex which he saw as an interlocking converging network of mutual self-interest that was growing bigger and the ability of any government to manage or curtail it and we gave permission to the intelligence community and establishment in the aggregate as a whole now we need secrets there are bad guys in the world you heard from some of the people who fight them here really bad guys people who would not hesitate to release a toxin in this room and shortle as you all keel over in three to six seconds so we need people to hold and keep secrets but it also gave power to a vast unit of government that had no other place for truth and accountability but itself and in some ways it became loyal to itself operation paperclip is an example of what happened operation paperclip bringing Nazi scientists over here 1945, 46, 47 first we said to build the rockets but then we also said to build our chemical and biological warfare capability and that meant expunging the records of war criminals who had killed people at Dachau with high altitude and freezing and toxin experiments bringing them into our own apparatus of research universities government and business in order to continue our own biological and chemical warfare keeping the Nazis toning down the experiments some continuing to use enlisted people without advice or consent as guinea pigs in our experiments as we did for a couple of decades without truth there is no accountability without accountability there is no justice so I'm just telling that story not to say that's how it is and where always that's not all it is but who owns you I mean who do you work for ultimately who really owns you so apply the lesson of sense to that deceive the enemy but command the loyalty of the people what do you do if they're the same people what do you do if the people whose loyalty you must have are the very people you have become habituated to constantly deceiving through multiple levels of duplicity then there has to be a standard of truth and justice to which we I hope will never surrender our claim it sounds idealistic but if we do not use the boxes that are connected to connect the dots to build the bigger picture we're never going to redeem the truth coming around to what I said at the beginning the obsolete trust model where the rubber hits the road is how can you secure things in a world in which social engineering are convincing somebody else I am who I present myself to be which is all we're doing here for three days of DEF CON how can you convince others that they should trust you in such a world and immediately engage in a bigger conglomerate or network a complexity of relationships where does deception and trust make common ground I don't have any answers for those questions I don't think anybody does but I think we've got to keep raising the questions you have to know what you are ultimately loyal because that's who owns you and so when you own somebody else's box the big question is what are you going to do with it to what purpose are you going to dedicate your extraordinary hacking talents the guys who came here to recruit really mean it I don't know if I'm a cop pretending to be a criminal said the guy in the movie or a criminal pretending to be a cop Bruce Schneier told me for an interview that you don't have to do hard crime but you can't do security unless you can think hard crime the same way a criminal does you have to nurture the larceny and duplicity in your heart you have to remain true to the power rush that gave you the buzz in the middle of the night when you broke in and saw something that let you say to somebody else gray material mill net they are here I don't believe they are benign and this is how I know I have this document from mill net from 19 whatever to show you we have to redeem the truth but we have to remember where we put it if you don't remember where you put it it becomes a half truth and then we are not lying to others which is one of our necessary tools we are lying to ourselves and then we have lost ourselves completely okay you know I love this talk and I would love to give it but this is all I'm going to say Timothy Leary one of our heroes right said you can never find out what's happening from the company bulletin or the adult press the evolutionary truth what's really happening always comes from outcasts what has happened to deaf cononate ears is amazing outcasts who experienced and loved our outcast status have become the establishment and now holding their hands positions and numbers of real power but if you don't remember the outcast that in your heart you always will be you will never remember how to tell the truth that only the outcast knows and go again and again to the edges where consensus reality breaks and where everybody in the big hump of the bell curve heard thinks you're crazy because you're willing to dare to tell the truth that nobody else has the eyes to see so keep looking keep coming back remember who you are and be true to your roots and the purity of the hacking efface it's where we are most at home it's where we really live thank god thank you for your attention I appreciate it very much