Top hacker shows us how it's done | Pablos Holman | TEDxMidwest

TEDx Talks
30 Aug 201217:50
EducationalLearning
32 Likes 10 Comments

TLDRThe speaker, a hacker, shares entertaining and alarming anecdotes about exploiting security vulnerabilities in hotel TVs, MySpace, car keys, and USB drives, illustrating the ease of hacking various technologies. He then transitions to a serious discussion on applying hacker mindsets to scientific problems, showcasing a project using lasers to eliminate malaria-carrying mosquitoes. The talk highlights both the humorous and serious implications of hacking and innovation.

Takeaways
  • ๐Ÿ˜ฒ The speaker demonstrates the potential for hacking into hotel room televisions to control them and spy on guests, highlighting the security vulnerabilities of networked devices.
  • ๐ŸŽฎ He shows how to manipulate an infrared transceiver to control the television for free movies and games, and even watch others' activities through their hotel TVs.
  • ๐Ÿค– The 'Hackerbot' project is introduced, a robot designed to locate Wi-Fi users and display their passwords on a screen to illustrate the risks of wireless networks.
  • ๐Ÿ”ญ The 'Sniper Yagi' device is mentioned for long-range password sniffing, capable of monitoring wireless networks from up to a mile away.
  • ๐Ÿ—บ๏ธ A passive surveillance project maps out the movements of conference attendees by logging Bluetooth traffic, revealing the privacy risks of such data collection.
  • ๐Ÿ“ž The speaker humorously recounts an incident where he accessed someone's voicemail, emphasizing the ease with which personal data can be compromised.
  • ๐ŸฆŸ The Intellectual Ventures Lab is working on innovative solutions to eradicate malaria, including using lasers to kill mosquitoes, showing a different application of hacking mindset in science.
  • ๐Ÿ”’ A Schlage lock is shown to be easily picked with a simple technique, suggesting that even common security measures may not be as secure as believed.
  • ๐Ÿš— The speaker points out that as more devices become computerized, they inherit the security issues of PCs, a trend that should be considered by consumers.
  • ๐Ÿ’ณ RFID chips in new credit cards are shown to be vulnerable to hacking, with the speaker demonstrating how to extract card information using a reader.
  • ๐Ÿ› ๏ธ The presentation concludes with an invitation for attendees to learn lock-picking techniques and receive a universal key, emphasizing the accessibility of such skills.
Q & A

  • What is the main theme of the presentation?

    -The main theme of the presentation is the exploration of various security vulnerabilities in everyday devices and the innovative approaches to address these issues, including the use of technology to combat malaria.

  • What is the 'Hackerbot' project mentioned in the script?

    -The 'Hackerbot' is a robot designed to drive around, find Wi-Fi users, and display their passwords on a screen, illustrating the potential for hacking into wireless networks.

  • What is the purpose of the 'Sniper Yagi' device?

    -The 'Sniper Yagi' is a device for long-range password sniffing, capable of monitoring wireless network activity from about a mile away.

  • How did the presenter demonstrate the vulnerability of hotel room televisions?

    -The presenter demonstrated the vulnerability by using an infrared transceiver to send codes to the television, allowing them to control it remotely and potentially spy on guests' activities.

  • What is the significance of the 'Computers, Freedom and Privacy' conference map?

    -The map is a visual representation of passive surveillance, showing the movement of conference attendees tracked through Bluetooth signals logged by computers placed in each room.

  • What was the outcome of Samy's MySpace exploit?

    -Samy's exploit, which automatically added visitors as friends and propagated his code to their pages, resulted in him gaining over a million friends on MySpace in under 24 hours and serving a 3-year probation.

  • How did Christopher Abad's MySpace code work?

    -Christopher Abad's code connected MySpace to Spam Assassin, an open-source spam filter, training it with profiles of girls he liked and disliked to identify potential dating matches.

  • What is the security concern with car remote key fobs?

    -The security concern is that they can be easily manipulated to open any car from the same manufacturer, as demonstrated by the presenter's ability to open every car using a manipulated key.

  • What is the presenter's gift to the audience regarding lock picking?

    -The presenter offers a keychain with a 'magic key' that can easily pick certain locks, as well as a demonstration on how to do so, encouraging attendees to try it on their own doors.

  • What is the issue with the new RFID-enabled credit cards?

    -The issue is that they can be easily skimmed by bringing them close to an RFID reader, as demonstrated in the presentation, revealing sensitive information like the card number and expiration date.

  • How does the Intellectual Ventures Lab approach problem-solving?

    -The Intellectual Ventures Lab brings together various types of scientists and tools to work on challenging problems, such as using a multidisciplinary approach to combat malaria with innovative solutions like laser-based mosquito eradication systems.

Outlines
00:00
๐Ÿ˜€ Hacking Hotel Room Entertainment Systems

The speaker, a hacker, demonstrates how to manipulate a hotel room's television set, which is a node on a network, using an infrared transceiver to send codes that control the TV. This allows him to watch movies and play games for free, and even control other guests' TVs, potentially spying on their activities, including sensitive information like funds transfers. The talk introduces the 'Hackerbot' project, a robot designed to locate Wi-Fi users and display their passwords, and the 'Sniper Yagi', a device for long-range password sniffing. The speaker also discusses a passive surveillance project that mapped the movements and interactions of conference attendees using Bluetooth data.

05:04
๐Ÿ˜„ Creative Hacking for Social Engineering and Security Flaws

The speaker shares anecdotes of hackers using creative methods to manipulate systems for social engineering or exploiting security flaws. One example is a MySpace user who used JavaScript to automatically add visitors as friends and propagate his profile. Another hacker, Christopher Abad, used a spam filter trained on his dating history to find potential matches on MySpace. The speaker also discusses a vulnerability in car key fobs that could be exploited to open any car from the same manufacturer and demonstrates a simple method to pick a common lock, offering a keychain of such keys as a gift. Additionally, the speaker reveals a hidden data backup feature in a seemingly innocent USB thumb drive and touches on the security of RFID-chipped credit cards.

10:04
๐Ÿ˜ฎ Demonstrating Credit Card Vulnerabilities and the Need for Hacker Mindset

The speaker conducts a live demonstration to expose the vulnerabilities of RFID-chipped credit cards, showing that they can be easily skimmed for information. Despite claims of security, the new credit cards are shown to be susceptible to hacking. The speaker encourages a hacker's mindset for discovery and problem-solving, likening the approach to attacking the SSL encryption protocol used in web browsers. This mindset is applied to tackle bigger problems like malaria, with the speaker sharing his lab's work on understanding mosquito flight patterns and developing innovative solutions to eradicate the disease.

15:06
๐Ÿš€ Innovative Solutions to Global Problems: The Mosquito Laser

The speaker concludes with a presentation of an innovative solution to combat malaria-carrying mosquitoes, a laser system that can detect and eliminate the insects. The system uses components from consumer electronics and is designed to be cost-effective, with the potential to protect both human populations and crops. The speaker shows a video of the system in action, successfully tracking and 'laser-zapping' mosquitoes in real-time. The project is a testament to the power of interdisciplinary collaboration and the application of hacker ingenuity to solve global challenges, highlighting the work of the Intellectual Ventures Lab in Seattle.

Mindmap
Keywords
๐Ÿ’กHacker
A hacker, in the context of this video, refers to an individual skilled in exploiting computer systems or networks. The speaker uses hacking to demonstrate vulnerabilities in various systems, such as hotel TVs, Wi-Fi networks, and even locks. The theme of the video revolves around the potential for hackers to access and manipulate everyday devices, highlighting the importance of cybersecurity.
๐Ÿ’กInfrared Transceiver
An infrared transceiver is a device that can send and receive infrared signals, commonly used for remote control purposes. In the video, the speaker uses an infrared transceiver to control a hotel TV, demonstrating how easily devices can be manipulated. This example illustrates the broader theme of the video, which is the vulnerability of everyday technology to hacking.
๐Ÿ’กWi-Fi Users
Wi-Fi users are individuals connected to a wireless network. The video mentions a project called 'Hackerbot', which is designed to find Wi-Fi users and display their passwords. This concept is central to the video's theme, emphasizing the ease with which hackers can access personal information through wireless networks.
๐Ÿ’กBluetooth Traffic
Bluetooth traffic refers to the data transmitted via Bluetooth connections. The speaker describes a project where Bluetooth traffic was logged during a conference, allowing them to track attendees' movements and interactions. This example underscores the video's theme of surveillance and the potential for hackers to monitor people's activities through technology.
๐Ÿ’กSamy Worm
The Samy Worm is a type of computer worm that spread through the MySpace social networking site. The video mentions how a hacker named Samy used a script to automatically add visitors to his MySpace page as friends, illustrating the potential for malicious code to spread rapidly on social media platforms. This incident is used in the video to highlight the security risks associated with web applications.
๐Ÿ’กSpam Assassin
Spam Assassin is an open-source spam filter that uses machine learning to distinguish between spam and legitimate email. In the video, a hacker named Christopher Abad uses Spam Assassin to filter MySpace profiles, demonstrating a creative but unethical application of technology. This example ties into the video's broader discussion of how hackers can repurpose technology for their own purposes.
๐Ÿ’กRFID Tag
An RFID (Radio Frequency Identification) tag is a small electronic device that can be attached to objects to enable tracking using radio waves. The video discusses new credit cards with RFID tags, which are supposed to be secure but are shown to be vulnerable to hacking. This example is used to illustrate the theme of the video, which is the pervasive nature of security vulnerabilities in technology.
๐Ÿ’กSSL
SSL (Secure Sockets Layer) is a protocol for encrypting data transmitted over the internet, commonly used to secure online transactions. The speaker discusses how hackers can exploit SSL by manipulating data, demonstrating the potential for breaches in what is supposed to be secure communication. This ties into the video's overarching theme of the fragility of digital security.
๐Ÿ’กMalaria
Malaria is a disease caused by parasites transmitted through the bites of infected mosquitoes. The video concludes with a discussion of how the speaker's lab is using hacker-like thinking to tackle the problem of malaria, suggesting innovative approaches such as laser systems to kill mosquitoes. This example shows how the mindset of a hacker can be applied to solve complex global problems.
๐Ÿ’กLaser Systems
Laser systems in the video refer to a proposed technology for killing mosquitoes, specifically those that carry malaria. The speaker describes a system built from consumer electronics that can detect and destroy mosquitoes using lasers. This concept is part of the video's exploration of how technology can be used to address significant challenges, such as disease control.
๐Ÿ’กIntellectual Ventures Lab
The Intellectual Ventures Lab is the workplace of the speaker, where various scientists work on innovative invention projects. The video mentions this lab as the place where the mosquito laser system was developed, emphasizing the role of interdisciplinary collaboration in solving complex problems. This example is used to illustrate the potential for technology to drive breakthroughs in diverse fields.
Highlights

A hacker demonstrates how to manipulate a hotel room TV using an infrared transceiver to send codes, enabling free movies and video games.

The same technique can be used to control other guests' TVs, potentially monitoring their activities and sensitive information.

The 'Hackerbot' project showcases a robot that can identify Wi-Fi users and display their passwords on a screen.

The 'Sniper Yagi' device is introduced for long-range password sniffing, capable of monitoring wireless networks from a mile away.

A passive surveillance project maps conference attendees' movements and interactions by logging Bluetooth traffic.

The speaker humorously reveals tracking Microsoft's Chief Privacy Architect, Kim Cameron, without his knowledge.

A demonstration of how a simple Javascript code can automatically add friends on MySpace, leading to over a million friends in 24 hours.

Christopher Abad's innovative use of a spam filter to analyze MySpace profiles and suggest potential dates.

The vulnerability of car key fobs is exposed, with a method to manipulate keys to open any car from a specific manufacturer.

The speaker discusses the security implications of everyday devices becoming PCs, inheriting the security issues of computers.

A Schlage lock is easily picked using a 'magic key' and a special mallet, highlighting the simplicity of lock picking.

The offer of a keychain that can pick most locks in America, emphasizing the accessibility of lock picking tools.

A USB thumb drive is shown to secretly back up a user's sensitive data while appearing to perform a simple task.

The speaker humorously addresses the security of credit cards, especially those with RFID chips, and demonstrates how they can be hacked.

The use of stainless steel wallets to protect against RFID credit card hacking is introduced.

An explanation of how hackers attack SSL encryption protocols by manipulating data and responses.

The speaker compares hacking techniques to attacking the malaria lifecycle, aiming to disrupt and understand complex systems.

The Intellectual Ventures Lab's project to combat malaria using high-speed video and laser systems to kill mosquitoes is detailed.

The successful demonstration of a laser system vaporizing a mosquito's wing in real-time, showcasing the potential of this technology.

Transcripts

Browse More Related Video

HACKING | Protect Yourself From Hackers | The Dr Binocs Show | Peekaboo Kidz

What Representing Men in Divorce Taught Me About Fatherhood | Marilyn York | TEDxUniversityofNevada

Leonard Susskind: My friend Richard Feynman

Things You Thought You Knew About X-Rays, Rocket Science and Airplanes

Archer shoots bear at Warwick Castle, and other stories

Professor Garry Nolan & Ross Coulthart: Full interview | UFO UAP News

Rate This

5.0 / 5 (0 votes)

Thanks for rating:

Related Tags
Hacking TechniquesTech InnovationCybersecurityWireless NetworksPrivacy ConcernsEntertainment HacksData SurveillanceSocial EngineeringLock PickingRFID Security