 All right, this is me. This is my business card. Those of you that came to my last talk understand where I'm going with this business card. I am a Christian, so those of you that see me drinking lots of water during this convention know that it's not to just keep hydrated. It's because I gotta have a cup in my hand and you guys will taunt me if I don't, so it's water. I am a hacker by trade. That's what I do for a living. I'm proud to say that I get paid to actually break into computer networks and not get in trouble doing that. It's like a dream job. I am a pirate by blood. I'm a direct blood descendant of Sir Henry Morgan. Some of you might know him better as Captain Morgan. The unfortunate thing is I'm not like air to any like big rum dynasty or anything. The rum thing had really nothing to do with him. Either did that whole thing that happened in Jamaica where he sacked the entire joint and looted everything after the war was over. That really wasn't his fault. It was a big communications problem. I think the internet was down so he didn't get the alert that said, hey, don't take out Jamaica. I am currently practicing Bujinkan Buto Taijitsu which is the unarmed combat method of the ninja. Scheduled to get my black belt in April 2009. And I hope to settle once and for all the debate over pirates versus ninjas. Yeah, so if anybody from Jinx is out there let's get this shirt problem resolved by our next DEF CON, shall we? I can't find a shirt that says pirate ninjas are the coolest. Yeah, because that's just the answer, right? You just be both. Forget all this angst. And last but not least, I'm an author by brute force. I just generate so many words and send them to publishers and sometimes they print them and it looks like I write lots of books. All right, this is the cause that I'm supporting this year. This is Invisible Children. Basically there is some really bad crap going on in Northern Uganda. Kids are disappearing by the thousands. They're getting drafted into the militia. They're being killed, they're being tortured, they're being turned into soldiers against their will. And it dawned on me, my wife is actually in Uganda right now so she SMSs me one morning and says, yeah, powers out, we have no hot water. And at the time I was in my suite at Caesars. I sort of glance over at the hot tub and the marble bathroom and I went, man, there's some serious imbalance here. So anyway, I'm supporting InvisibleChildren.org to try to get some money funneled to Uganda. All the associates proceeds generated by click-throughs from my site to Amazon will go to support this program. So if you're buying stuff off of Amazon, or you're not using an associate link, use mine. Give some money to charity, it doesn't cost you anything. Oh, I'm sorry, it's InvisibleChildren.com, thank you. All right, thank you. All right, none of you can read this and sort of that's on purpose. See, the lawyer said that in order to do this talk I'd have to give attribution to every single clip that I was about to abuse. So there it is, all right. Once I get back from the madness of Vegas I'll post all these movies online. Here's what we're doing, okay. What was that, I missed something. All right, here's what we're doing. I wanted to do a talk and I was like, man, making a talk is just a lot of work, you know? I was like, I wanna find a way to do a talk and not do any work, all right? So I was like, okay, what I'll do is I'll watch a bunch of movies and I'll watch movies that really screw up security stuff and screw up computer stuff. And I will taunt them mercilessly in a talk. I was like, so I just sit around and watch movies. I rip clips, throw them into like this thing here and then we taunt them together. Okay, but six months later I'm going, holy crap, this is a lot of work and this really sucks, this talk is terrible. And the reason it was terrible is because we've all made the jokes already. Like none of it was original. So I'd be telling a bunch of jokes that you've already heard. All right, so here's the deal. I am going to prove to you through this talk that Hollywood has the hacking scene figured out. And you fools have so much to learn. Okay, now you gotta stick with me here. Now there's a voting process. So we're gonna have to practice this together. The voting process is two little words. This is the first one. Come on up. Thank the AV guys, they're doing an awesome job. Let's see if we can buy space float. There's some seats right up in front. Have some seats. Yeah. He did come up here though and say that he was gonna kill the buzz. That sounds like a bad thing. He's gonna be some really angry people when you're done killing that buzz. All right, so here's our first word. The first word is lead. So let me hear everybody together. Leads. Sweet, so this is why I love this show. All right, and the other word, of course, is. Excellent. All right, so you guys are ready for the voting. All right, first and foremost, let's talk about the good guys. I'm gonna open with this quote. US cyberspace force, he shouted from the keyboard. Freeze. Okay, first of all, he's shouting from the keyboard. I'm assuming he's shouting into his monitor. Have no clue what that's about. But somewhere in cyberspace, a hacker went, holy crap, it's the cyberspace force. All right, so anybody read this book, show of hands? I'm sorry. Sorry. Okay, Bruce writes some incredible stuff. This was just not one of them. Okay, we'll start with this quote. Says, I'm gonna get the legal warrants from e-court. Show of hands, feds in the audience that have gotten their warrants from e-court. The feds have spoken, so let's take our first vote. How many people for Leet? How many people for Lame? Lame. Okay, I obviously have my work cut out for me because you're all wrong. This is e-court.org. The warrants are stored in the legal form section. Yeah, all right. So speaking of those e-warrants, how many feds have actually time jumped their e-warrant? Anyone? Happens all the time. Dennehy says he's gonna give you a skin transplant if you time jump that e-warrant, so. I think he means it. I mean, look at the tie. All right, anybody know of any good fed websites? Whitehouse.com does not count. How about the FedSec security monitoring homepage? Anyone been there? Anyone owned that lately? All right. Now, the good guys have a really tough gig. I talked about this in a thousand cuts. How much it sucks to be a good guy, all right? But sometimes it pays off. For example, this guy has to start browsing the online sex ports. Show of hands, how many people have ever figured as much? It's something like IRC, yeah. All right, well, let's vote on this one, shall we? How many people for elite? Ooh. How many people for lame? We're getting there. It's about 50, 50, or it's 69, 69, I'm not sure. All right, I'm gonna show you how to browse the online sex ports. All right, so the first thing you need to do is you run Nmap, you scan the sex ports. I took a guess, one was 69, another one 69, 69. I left one out 69 for two. I left one out. So first we're going to scan the ports to see which one of them is online, all right? And then I'm going to use the links browser to browse the online sex ports. So all of you that thought browsing the online sex ports was lame, there it is. Hollywood wins. All right, as if sex ports aren't bad enough, how about the virtual brothels? Anyone? Show of hands, virtual brothels? And that's what I thought. All right, yes. All right, here's where the good guys live. Can anybody tell me what building this is? It's NSA, but which building? Ops too, there's the Fed. It's really not much of a sport that way, is it? It's just so unfair, all right? So this is Enemies of the State, and yes, that is the National Security Agency. They allowed filming for this. Ask Richard Thiem about Hollywood getting permission to be in federal buildings and the entertainment industry. It'll tell you all about that business. But yeah, this is NSA, notice they took all the antennas off the roof for the filming, or Photoshopped, I'm not sure which. Here's another truth from Hollywood. NSA conducts worldwide surveillance, fax, phone, satellite communication, dead on. Hollywood wins again, Hollywood rocks. All right, so the proof is in the pudding. We're gonna try our first video clip here and you get to see Hollywood in action. Uh-oh, uh-oh. That's okay, he'll fix it. Just pretend that didn't happen. I could narrate all of them. I have these stupid things memorized. Let me hit it again. I think you guys will be okay with the buzz. Bring back the buzz. It's okay to have some buzz. Bring back the buzz. I can pull it out between clips. Let me do that. Oh, that's worse than wearing it into the bathroom. All right, let's try this. Look, I'm gonna get the legal warrants from e-court. Time jump and e-warn again. Legal warrants, e-warn, e-warn again. Your asses are gonna need skin transplants. Jay, your group should start browsing the online sex ports. Tough assignment. Let's not forget the virtual brothels. Ah-hoo! Brathels. Sex ports. Ah-hoo! Skin transplants. Boom! That's sort of what I said. Boom. All right, now let's talk about the look. I've seen some incredible fashion statements at DefCon. I must admit it's impressive, all right? But I really need to school you guys into what the fashion is really all about. First of all, the feds, all right? If you think the bottom picture looks a little bit like Darth Vader, you're probably right. Because this is what feds wear. All right, they're doing a bust. They have the laser pointer and the Darth Vader helmets. Okay, here we have another outfit. This is also what feds wear, the dark suit with the white shirt. Can you tell which eye he has closed? Which eye? Come on. Left. Now, you know why he has his left eye closed? It's the same reason the English drive on the left-hand side of the road. You know why that is? Exactly, you're always facing your enemy. That's part of it. You wear the sword on the left. You draw it with your right hands. You get on the horse with the right leg first. That's why you drive on the left. Sorry, that was a bet that I couldn't work that into the talk. Gotta do what you gotta do. All right, here we go with another dark suit. This particular fed's wearing an iPod. Sure, that doesn't help. Also, this poor fool is under arrest under the Computer Fraud and Abuse Act of 1986. Anyone ever been arrested under that? Yeah. All right, here's a fed. This guy breaks with tradition and wears the red tie with the funny little things on it. He says the computer cops make civil liberties people real uneasy. Anybody from the EFF here? But, you know, feds never wear red ties like that. I mean, sometimes I'm stretching the truth a little bit here. Maybe sometimes Hollywood is just plain wrong. Oh, wait, that's a fed with a red tie. Okay, let's talk about storage devices. The best place to store your storage devices is quite obviously in your underpants. Don't know why I didn't think of this. So his floppy is, oops. Well, let's go to the next one. Let's not put floppies in the underpants. Welcome to the new millennium, the electronic umbilical data transfer system. Keeps the floppy out of your... I just got to get away from this floppy thing. Headgear, all respectable hackers wear it. They don't see any of you wearing it. Don't see any of you wearing your handgear either. But see, Hollywood knows exactly what this stuff is. They use real props too. What's that? It's a Nintendo power glove, which judging from the reaction, I think many people in the audience have owned. So that can't be all that bad. What about feds and their headsets? Less is more, the hacker wears the trendy yellow glasses. So here you go. People wearing headgear. This is a real guy. He's like soldering a controller board, like hardware hacking this thing. It's incredibly elite and he's wearing headgear. Look at this, same thing. Headgear, cool smoke, green tools. It's real, folks. All right, screenshots. Now I've seen lots of screenshots go by, like 60 frames a second, right? It just goes by really fast. You're like, holy crap, what was that? Well, I take pride in the fact that this talk took me nine months to build. And I looked at all of the screenshots from these movies. And we're gonna look at them a little closer. All right, because I think you deserve to know. All right, so let's say you're a hacker and you run into one of these. Now, it seems backwards, but it's not. The hacker in this movie, Game Over, ran into this. Now, which button do you think is the one to push? What do you think? Call it out, it's okay. You're all lame. You're actually doing a LOW 503 8NR. See, because it's called system security, I think the buttons were backwards or something. If you click allow, it's like really canceled or something. So you force the 503 8NR and you're good to go. This is a classified screenshot. I can't keep it up for too much longer. The thing I wanna show you here is that they actually spelled offense wrong. Right, so you're only in trouble if you're British. Anything funny looking about this Thunderhead weather technology site? Hollywood, what's the word Hollywood doing there? Well, this same movie actually had lots of other texts fly by in other places that looked like this. Right, now this is like a 30th of a second right here. I mean, it's flying by really fast and you're like, holy crap. What's it look like? It's now, well. Phone number, phone number, McCarty Agency, Foothill Boulevard. So I was like, you know, wouldn't it be really funny if? What do you know? This is actually the talent agency that hired the actors for the movie. This thing was so low budget that they took the director's phone list and like, catted it to the screen to look like computer code. Yeah, exactly, that is a leap. All right, what about this one? Leap or lame? Absolutely, not only is it leap, she's using Trinity using Nmap, but if I remember correctly, this was like an SSH exploit that wasn't even public when the movie came out, or something thereabouts. It's like Trinity throwing down with Nmap and Oday is just, it's a wonderful thing. Hollywood is leap. This screenshot from Antitrust is really hard to read, but what was going on in this movie is like the bad guy was filming the hackers, right? Installing cameras in their houses. And I looked at the system that they're using to do all this, and that's a video feed on the left-hand side and on the right-hand side, they're using an optical character recognition system to scrape the characters off the screen from the video feed. That's hot. I tried to sit down and figure that out, I couldn't get it to work. All right, how about some of this code? This is also from Antitrust, you can't read this one, but how about this one? It's a mount command, does it look good? I think it looks really good. No problems there, Hollywood rocks, how about here? Same thing, right? Directory listings, show all commands, gorgeous. Absolutely, all right. Now, then there's this from the movie Hackers. So let's get a quick vote. How many people for Leet, how many people for Lame? You're getting less committal, you're afraid, it's okay. Well, what's the text, let's look closer, what is it? What is that, say it again. Exactly, yeah. It's an ISN that starts at zero, there's something to be said for that. You've got IP addresses, it's some sort of network trace, it's actual real stuff. The only thing that's screwed up is that funny little border. I mean, I can't go lame on this one right away, we'd have to dig in it. This is actually one for the TCP drinking game, actually. Yep, this'll be back, Mudge. All right, so what's the hardware? Okay, and what's the software? Not the dancing Buddha. What's the OS? Yeah, CDE, Solaris. Software matches the hardware, enemy of the state, Hollywood Rocks. All right, then there's the Worm Generator tool. Now this is version 1.2 because anybody that's worth their weight in the community knows you don't just roll in there with version 1.1. Right, you know. Now I'm gonna leave this one alone, we're not gonna vote on this one yet, we'll vote on this one later. Let's talk about gear. Can anybody tell me what this is? My mom puffed crowd. It's not the howl, 8,000. A listening device? All right, let me show you the back, let me show you the back of the unit. Notice the big analog knob, does that help? No? Nice, somebody in the front row just got it. That is a retinal scanner, folks. I understand the look on this guy's face now. Do you want me to put my what, where? All right, and check out this gear. Talk about Hollywood just ruling. This keyboard is missing something. Yeah, it's missing keys. It's got sunken buttons that you've got a curl of your fingertips into, right? Yes, it was pendulette, very nice. It's missing, you know, letters and numbers, right? So this particular hacker is so incredibly Uber that not only does he not need letters on the keyboard or numbers, but he can type like 80 words a minute while curling his fingers into the holes and making thump, thump, thump noises. Might be Dvorak, who knows? All right, what about this workstation? What do you think? It just looks good to me. Crap everywhere, Post-it notes. Old food, right? This is actually pretty neat for some of the people I've seen. Looks good to me. All right, then there's this. Oh yeah. So let's get a vote on this one. How many people for LEED? LEED! How many people for LAME? LEED! I'm gonna convert you all. It is pretty LEED. Here's the actual hardware and use, the real stuff. It's real gear, real screens, real mounts. Holy crap, those are unclassified stickers. I love the screensaver. It's the general LEED, but it's an import with a Japanese flag and LEED is spelled L-I. Just rocks. All right, let's ponder this hacker for a moment. Now let's work from the top down, shall we? Starting from the top of this still, what's the first problem? No, no, starting from the top. Yeah, there is. There is that grin. No hacker in their right mind would ever have a, well, we'll see an example of that later. All right, but he's wearing a heads up display and looking at monitors. Two monitors. I just don't have the bandwidth for that personally. This guy must be Uber. All right, it is, that's a lot of eyes. All right, so the bottom of the picture, what do we have wrong there? Anything? Yeah, it looks like a VCR. It doesn't have any cables plugged into it. Okay, now, all right. So here's the close up, all right? It's a floppy disk that comes out when he hits the little button and it goes and says no disk as soon as the floppy pops out of the CD-ROM drive. Or I'm sorry, the CD audio drive. So let's vote real quick. How many people for Leet? How many people for lame? Okay, now, this guy took a home CD player, packed it into a floppy drive and made it wireless. You guys call him lame. I'm gonna convert you, you're gonna see. Hollywood has seen the light. All right, how about this one? This is insanely great. It's got a 28.8 BPS modem. Insanely great. All right, let's vote. How many people for Leet? How many people for lame? It's still 50, 50. Okay, now, what is wrong with this quote? How many bod is this, folks? Yes, this is just shy of 30 bod. Anybody in this room ever worked at that pace? All right, so let's vote. How many people for Leet? How many people for lame? You guys aren't getting the point of this talk. I'm sure you've started drinking already, and that's fine. But let's throw it to my friend Frugal. Here's a Frugal search for 28. Yeah, this is, it's pretty, 28.8 BPS modems. They're only like 20 bucks. Even Frugal knows it's 28.8 K. BPS modems. All right, I'm gonna drag you guys along and make you believers. All right, here's the quote. I find VR so much more satisfying than the old emoticon. Now, first of all, he's comparing VR to punctuation marks, which when viewed sideways, look like faces. All right, this is like playing Warcraft in ASCII art. Now, you can't tell me that if you got a mod for Warcraft that made it ASCII art, you wouldn't be all over that, right? I know what an at sign looks like. Okay, now, let's keep going. I mean, with the new codec and the mega modems with compression, I mean, it's all so lifelike. Okay, so let's vote. How many people for Leet? How many people for Lame? Bless America, you're very slow. Okay, the point of the talk, and I'm gonna review this again, is to make you understand how Leet Hollywood is. All right, you're gonna be believers because here's Frugal again, mega modems with compression. Now, this guy's talking about mods to Warcraft that involve ASCII art and he's running with a $20,000 modem. Doesn't get much more Leet than that. All right, and then of course, here's enemy of the state with their gear. Here's a lock-picking gun, which is dead on accurate, long-distance audio and video surveillance using, ooh, a parabolic microphone like that would ever work, and a long-range Canon lens. Looks good to me. All right, let's go to the video. Maybe not the retinal scammy, the retinal scammy, oh yeah, oh yeah. I find VR so much more satisfying than the old photo time compression. I mean it's, it's also lifelike. In the old photo time, mega modems with photo time with compression. It's also lifelike. Oh yeah. Lifelike. Do, do, do, do, do, do. Insanely great, it's insanely great. It's got a 28.8 BPS modem. It's also lifelike. Oh yeah. It's also lifelike. All right, I'm gonna drop tech on you now. Let's move to the next section. We're gonna talk about stealth. All right, Hollywood's got a thing or two to teach you all about being stealthy. So to avoid being too technical, I'm gonna start a little lightweight here. Let's talk about jump off points. All right? The quote is, okay, I got six jump off points set up. If someone tries to track you, it'll take at least three minutes to get here. Jump off points. Jump off points. All right, so let's vote. How many people for Leet? Leet. Better. How many people for Lame? Just keep grabbing in with those fingernails so you don't fall off. All right, let me tell you how this works. Jump off points. They allow an attacker to avoid being traced. All right? Instead of connecting directly to the target, are you following? An attacker connects through jump off points. See the diagram? There's your source on the left, your target on the right, jump points in the middle. Each jump off point gives you 30 seconds of protection. All right, now, the beauty of these, I know you're all thinking like internet. You need to free your mind. Think like Hollywood. Hollywood is Leet, right? Hollywood lets you jump off the internet, right? So you can have a jump off point over there on Mintel. Another one on Merck Global, one in HK Bell, one in Pacific Bell. We are hopping networks, folks. Trace that. All right, so let's vote again. How many people for Leet? Leet. How many people for Lame? Lame. Woo, they're dying off. How many people have used Firefox? Am straight. All right, here's version 1.5 of Firefox. For all those people that cheered, you should be ashamed of yourselves because you should know better. Firefox has a new feature. Configure internet jump off points. They're sorta like proxies, except they've been photoshopped. Lesson two, and this is an easy one, always deactivate the satellite tracking, right? If you're trying to be quiet, you can't have that annoying satellite tracking you, right? So it's a very good stealth technique, yes? How many people for Leet? Leet. How many people for Lame? Lame. Oh boy. All right, well let me show you how to do it in Linux, this is the Predict program. You can predict satellite passes, solar illumination predictions, lunar pass predictions, you can disable your satellite tracking from here as well. So that's how you do it in Linux. And here's the part where I dropped the ode. You need to keep this to yourselves, all right? But I found a way to do this with Amazon.com. It's like Google hacking, but not. All right, so now the way this works we're gonna disable our satellite tracking. You go into Amazon and you get your satellite from Amazon, all right? This is Toshiba's version of the satellite, but you know, there's other brands. And then you purchase the satellite and you get this little spot here where you can track your order. And you can go in there and turn off the tracking for your satellite, like Google hacking, but better. All right, let's take a look at this screenshot. Okay, so we're telnetting. Telnetting to a what? All right, we're telnetting to an email address. It's got something to do with a bank. All right, so let's vote on this one. How many people for Leet? Leet! How many people for Leim? Leim! Okay, all of those that think it's Leim. How many of you have ever actually seen in your IDS logs an attacker telnetting to an email address? Anyone? Mudge, you don't count. No, you don't see people telnetting to an email address because it's a stealth technique and Hollywood knows this. If you telnet to an email address, it's not gonna show up in the logs. A little more advice, don't hack a bank across state lines, you'll get nailed by the FBI. Here's another piece of advice. It's about, no, you gotta look lower. The part you're supposed to be looking at is on the bottom. This is about UWBs and UWBs are relays in a closed comnet. They're very different than the relays in the open comnet, these are UWBs. They carry multiple messages, not just one, multiple messages, and even decoys. It makes you invisible, all right? So let's, it's down at the bottom. All right, so here it is. Hacker skills, stealth and recovery, here we go, use jump off points, 30 seconds each hop, deactivate your satellite tracking, don't telnet to ports, always telnet to email addresses. Don't hack banks across state lines and for God's sake, use a closed comnet with multiple messages and decoys. You heard it here first. All right, let's talk incident response for a moment. Let's say you've got a hacker that's bothering you. You've got some options. Hollywood's got most of them figured out for you, but all right, here we go. You've got a hacker, should you, A, insist on more strenuous action, B, flag it, run a trace, put it on a code priority, C, echo 23, see what's up. D, try to go to emergency override, might not work. If that doesn't work, you could E, error out the emergency system altogether. You could F, terminate the diagnostic, got a hacker, terminate the diagnostic, you're following. You could G, switch to auxiliary, or you could H, all of the above. You're getting better, okay. Here's your A, insist on more strenuous action. Those hackers try to get into our system again. At this point, I insist you take more strenuous action. This should work. Here's your B, hacker, could be, flag it, run a trace, put them on a code priority. Sounds like good advice. Here's your C, echo 23. Let's echo 23, see what's up. I would have totally botched that one. I'd have been all over 22. Here's this one, emergency override. Now this poor guy, he's sitting at the IDS console, minding his own business. The red lights start going off, which is the obvious flag that you've got a hacker. His monitor goes out, his monitor stops working and everything goes to the wall behind him. Definitely a sign of a hacker. He's like, holy crap. Now the boss doesn't pick up on this. The boss is busy looking at the monitor. The female agent is trying to figure out why the kid's turned around, but the boss has some advice. Can't you go to emergency override? This is his advice, poor guy. All right, how about this, the emergency system? Let's override the emergency system, error it out. This is what Trinity did with their SSH exploit, that's your E. How about F, terminate the diagnostic? I've got an intruder, I'm terminating the diagnostic. Now what I think was the problem here is it was just taking up too much CPU, the diagnostics. So to get his strike back stuff running, he had to get rid of the diagnostic, obviously. Now this poor fool once again, not only did the hacker put his monitor behind him on the wall, the hackers now turn the lights off, obviously. So the guy's sitting in the dark. So what you wanna do is you wanna switch to auxiliary. His problem though is he doesn't know how stable the connection is, whatever that means. I don't know what he's talking about, but I zoomed in on the text on that back wall and here's what it is. It's autoexec.bat file. Think I figured out the problem with this connection. All right, so let's go to the clip. Those hackers tried to get into our system again. Hacker? To me. Flag it and run a trace, run a trace. You must be the brains of this operation. Run a trace, flag it and run a trace. Put them on code priority, code priority. At this point I insist you take more strenuous action. Let's echo 23, see what's up. You must be the brains of this operation. Run a trace, initiating immediate trace on hacker. Get an intruder, I'm terminating the diagnostic. Can't you go to emergency override? Okay, there we are. Our experts are not as smart as they are. To me. I'm terminating the diagnostic. Not as smart as they are. Flag it and run a trace. Put them on code priority, code priority. Players in the game, players in the game. Not as smart as they are. To me. So a major malfunction would be all over that badge, wouldn't it? All right, well the hacker's persistent, so we've got to continue with our incident response. Now what? Do we A, use authority? We forgot that one, that was obvious the first time. Do we B, treat the network like a Windows box? Do we C, put up an electronic barrier? Do we D, jam it? Or E, call tech support? None of you guys work in tech support, do you? That's not a problem. Okay, here's your A. Five minutes? Really? Okay, we got the five minute warning. He's looking stern. All right, I will move along. Agent X, they're out of my control, really. It's just, it's nothing personal. I'm gonna use authority. All right, so here's the net force authority, I'm glad I've never had that used on me. So what do you do if your Windows box isn't working? Exactly, but this guy is using it to reboot his entire network. No response, I'm gonna have to do a full reboot. Now I like this chick's style, right? She's got a hacker, so the boss is like, deal with it. She's like, we should put up some sort of electronic barrier. Now, it's very subtle. She didn't say firewall, right? She didn't say switch, she didn't say IPS. She didn't say any of this stuff. She just said some sort of electronic barrier so that when the boss goes and gets the firewall and puts it in, the hacker comes back and he goes, that firewall didn't work. She can be like, I didn't say to put a firewall or some sort of electronic barrier. All right, so if the hacker's deleting stuff, the obvious choice is to jam it quick. Here's your E, call tech support, you know him. He's the guy with the skateboard and the trench coat. Here's the video. Use net force authority to override now. And a cat. Net force authority, net force authority to override now. Response, we're gonna have to do a full reboot. Full reboot. Put up some sort of electronic barrier. She's plugged in, totally wired, totally wired. Electronic barrier. Totally wired. Jay, they're deleting already. Quick, jam it. Never fear. I is here. All right, just to make the goons happy, I'm not gonna do questions and answers. We're just gonna eat up every minute of this hour. All right, so let's talk about angry hackers. What do hackers do when they get angry? The obvious thing, they use viruses. All right, this guy's using the Da Vinci virus. Clever, outdated, yes. But then there's this guy. Talk about facial expressions. I think the problem is he's caught his own retro virus. All right, so I'm flexing my coding skills. All right, I'm writing this code I've got this, like zero damn, like, is so sweet. And all of a sudden, my monitor goes off, my screen goes to the wall behind me, and there's red lights. And I'm like, holy crap, it's a hacker. Next thing I know, my code disappears and in less than a year, this movie comes out and I am pissed. All right, so what's the script do? It is a zero day, yes. Kills the mainframe. But what key is it looking for? The escape key. It's clever, isn't it? I thought so. You press the escape key and the mainframe dies. And Sandra Bullock played the leading role. I'm like, that should have been me. So hackers get spammed too, but hackers deal with them in interesting ways. For example, they use the Flotsam virus to redirect all spam to the net police. How many people for Leet? How many people for Lame? Ah, all right, well here's my Gmail account. This is the spam area. And you'll notice here, there's a new feature in Gmail. Use Flotsam virus. So you select all your mail and you use the Flotsam virus and then you click this button, send to net police. You guys really need to keep up on your own technology. Here's a quote from a book. We are attacking that iridium satellite. So the guy says, won't people miss the internet when you throw it up into space? Okay, I left stuff out, but hang with me. And the answer is it's all spam. I'm attacking the satellite with laser spam. Now I gotta have a respect for a guy that can write books and all this stuff. And he writes for wired, but give me a break. How many people for Leet? How many people for Lame? Oh boy, here's my Gmail account. This is the spam section. There we go, is send up to space, laser. Okay, that's another feature Gmail's implemented. I actually like what Gmail's suggestion was with my spam and make cheesy spam broccoli casserole. I'm not sure how to get the spam and the cheese together other than printing it, but I could use lasers. That's right. All right, so got a hacker, got a hacker and the hacker found an override tap. Hate when that happens. And their computers might be back up. So the boss shows up, it's always the boss, right? Shows up with his brilliant suggestion looking all like Bill Gates and thinking like him too. He says, well, let's run an override algorithm. Why didn't I think of that? So the guy can't just do what the boss says. He has to one up him by running a super override program. And let's go to the video. But they're hackers, but don't worry. All we have to do is launch the Da Vinci virus, the Da Vinci virus. That's impossible, the Da Vinci virus. Use the float some virus, use the float some virus to redirect all spam to the net police. That's impossible. My retrovirus would have wiped them out. My retrovirus would have wiped them out. I gave it a cold, I gave it a virus. I gave it a cold, I gave it a virus. Computer virus, virus. So what we need from you Stanley is a worm, the worm. A worm and a virus. A worm. A retrovirus. A virus. The Da Vinci virus. Quad thickens, thickens. My retrovirus, retrovirus would have wiped them out unless they had our manual memorized and factored. It should only take a couple of years. Never thought of memorizing the manual and factoring it, but hey, that's why I'm up here and there in Hollywood. Hacker challenges. So let's say you're a distracted hacker. I guess you guys like him. So anyway, let's say you're a distracted hacker, which is really the only way a real hacker would ever have that face. And you're presented with a challenge. Break into this in 60 seconds. Department of Defense. Des, 128-bit encrypted security. What are you laughing at? What's your key length in Des? Bet you never ran with 128-bit Des. Okay, but anyway. So you need to crack Des and you're probably gonna use a C program. So how should we find a program to crack Des? Thank you. Anybody know anything about Google? Here's the search, cracking-des, file type colon C. First hit. So C program has something to do with cracking-des. So let's look at the code. Here it is. Long read config, char star buffer 200. All right, let's flip to the movie clip. Long read config, char star buffer. So this guy, under duress and being very distracted, had Google in his head. Googled for the Des cracking program, typed it out by hand in less than 60 seconds and got in. That's pretty lead. All right, he's here to protect our last couple of minutes. So give it up. Lead. All right, here's another quote from another. No, actually this is the same book. When he runs out of all the windows holes he knows, then he'll start with his complete list of UNIX vulnerabilities and he tries them all. Cookbook style, manually. Look at him backspacing there. And this guy's reaction is pretty much the same as mine. Wow. Okay, here's hacker challenge number two. So what we need from you Stanley is a worm, a hydra actually, a multi-headed worm to sniff out digital footprints across an encrypted network. Now I almost thought about just having a black hat talk entitled sniffing out digital footprints across an encrypted network. Easily half of the people that read that wouldn't even know what it was. And I could probably write the CFP out so it sounded vaguely accurate. Okay, excellent. Thank you, we have a full eight minutes at rocks. All right, so how hard can this possibly be? Those of you that saw the movie, what do you think of the solution? Leet or lame? Of course it's Leet because he's got the worm generator tool. Version 1.2, complete with hunt screenshots on the left hand side. He's thrown down with hunt and a worm generator. So here's how you build that worm. First you assemble the replicator objects. All right, there's a lot of objects here and a lot of assembling object oriented. It's very nice. There's something with a password file. I don't exactly know what, but it's not really a hack unless you've got a password file somewhere, I guess. So what he does next is drinks. He assembles his port scan objects. Gotta assemble those port scan objects, I guess. He assembles his crypto algorithm. Now, let me clarify this for a moment. This is no ordinary algorithm. This is not some white boy trying to get his groove on algorithm. This is like an algorithm with soul. This is an algorithm. You're gonna use an algorithm, use one with style. So once he got that funk on, he decided to drink and he assembled his transmitter objects, compiled his objects, drank, stood up funny because he hasn't gone to the bathroom in a long time. And here's his completed worm. Let's see it in action. Ooh, pretty. He's got his port 22, he's got his port 120, he's got his trace route, his sys line, his ICMP query, his password, database query, and his patch finder. He's written a worm with a patch finder. Holy crap, who did Microsoft, I didn't say that. Hacker challenge number three. You have 30 minutes to learn the encryption. So, if you have 30 minutes to learn the encryption, where should you go? Google, all right. Here's our Google query, learn the encryption, spend a half an hour on how stuff works, reading about how encryption works. Once you're boned up on that, you get your second part of the challenge, which is stealing a code called LiveWire, all right. Here is LiveWire, it's an investigator tool, law enforcement only. Let's do a quick Google search for LiveWire serials with a Z. Okay, here's our last challenge, hacker challenge number four. The accounts are encrypted with a 1024 bit cipher, even I can't break through their firewall. Here's your last chance to prove to me you got the point of this talk by voting correctly. How many people for LEET? I shouldn't even ask, how many people for LAME? You're killing me, I'm not reaching you people. All right, this isn't so hard. All right, so I SSH into my firewall. I check my key length with GPG and I find that I have a 1024 bit cipher. So the user accounts, where do they live? Etsy password, so I'm going to encrypt the accounts with a 1024 bit cipher. So I'm gonna encrypt Etsy password and overwrite Etsy password with the output of the GPG encrypted version. I have encrypted the accounts with a 1024 bit cipher, and then I add this firewall rule. IP tables, dash A, input, dash J, drop. Even I can't break through the firewall. Now the funny thing was though, after I typed that last command, I lost my session. That's the part that really sucked. All right, and last but not least, I just have a clip that shows just the things that I couldn't categorize. I call this the purely moronic stringing together of words. And the purely moronic stringing together of words. And the purely moronic stringing together of words. And the purely moronic stringing together of words that many of the studio's term is pros. Drexel is the first of its kind to convert data directly into holographic plates. Holographic plates. Drexel is converting all digitally stored data, digitally stored data into DAG and 12 energy pulses. DAG and 12 energy pulses. How the hell can it store that much? It store that much. Lots of key info running through the brain chaining, brain chaining. In fact, the last UWB may have leaked some highly confidential info, confidential info. We own them, own them. I didn't think it was possible with all the safeguards. All they have to do is shut off the usual data stream, data stream, and replace it with one of their own. That's not entirely accurate. Replace it with one of their own. All passwords, system grids, system grids, all your tricks. It's universally stupid, man. System grids. It's universally stupid, man. You're the two idiots who hacked my system, hacked my system. I used to hack, hack. Then I got a life. See, I learned to respect programmers instead of being an anti-social loser, loser. Loser. Well, he just broke through all your security systems, security systems, so I guess that makes him a smarter loser than you are. He just broke through all your security systems, that makes him a smarter loser than you are. And that's the point of my talk, isn't it? Being a smarter loser than I was. All right, the TurboXUN. Thanks to God for the gift of life, my family for the gift of love, my kids for the gift of laughter, my friends for filling in the blanks. Thanks to you people for making me feel at home. Here's the clips. You can read those, right? Oh boy. Don't forget, I'm supporting Uganda. If you guys do click-throughs, please visit my site, help these folks out, and have a good night.