hey what’s up Manchester how are you
guys doing who’s hungry yeah I am so
last time when I did a TED talk with
these guys I broke my foot like
literally right before the event started
and now today I come before you having
swallowed a beach ball being five months
pregnant and it’s been interesting as
when any new parent comes into this
realization that there’s a human growing
inside you that you want to start
thinking about what you can possibly do
to give your kid the best right the best
skills the best knowledge whatever you
can do to basically make them a better
human and so you can like all parents
you start thinking about what kind of
person am I going to be creating and if
she’s anything like me she’ll be a lover
of storytelling and will pick up a
camera and follow it around and shoot
everybody around her she’s anything like
her father she will take apart computers
and I thought about if she’s really
anything like her father she’ll be more
like this and then I think about you
know not just my baby but how many other
babies are out there that are all being
born that looked like this and we stick
an iPad or an iPhone in front of them
and we pat ourselves back on the back
because they can you know unlock our
phones and start playing with games the
problem is these little babies turn into
these little toddlers who turn into
these little people and then you turn
into these things and they just walk
around staring at a screen and then you
know we’ve now become into this world of
you know consumption and consuming and
doing whatever you can to just absorb as
much information and as I was preparing
for this talk I found this guy and I
love what he says in this because
basically everyone’s trying to figure
out what to do about education by doing
what we did in the past and in the past
we used to go to college or uni and get
a degree and then you’d go get a job
except for that doesn’t work anymore in
fact I was told I’d be a great truck
driver weird anyway here’s the big
problem one of the one of the things is
that we’ve just become addicted we look
at our screens and we have to keep
checking them over and over again and I
looked at my co-founder who’s also my
fee
say and the father of my child and I
said listen what are we gonna do about
this you know what are we gonna do with
our daughter is we just gonna shove her
an iPad in front of her and he says my
daughter can have an iPad when she puts
it together herself so something like
this perhaps and I you know that made me
think and I was like well what are we
gonna do with the work that we do
because actually there’s something to
this that you know we we we teach kids
by enabling them with this amazing
knowledge transfer
but then there’s it’s also big problem
and this skills problem and everybody’s
freaking out because there’s like this
shortage of cyber skills you guys heard
about this and now government after two
years of me banging on their door to
finally get them to take this seriously
we’re finally throwing money at this big
skills problem yeah but here’s the thing
I’ve only worked at one company in my
life the Walt Disney World company and
if anything I learned that kids do not
like to be patronized and they will see
right through when you tell them to when
you sell them something versus something
they buy into themselves right
authenticity being genuine these are
things that kids innately understand
maybe not ethics right off the bat
because that’s a learned skill but one
thing that we have to do is turn these
little Tecna dicted minions into cyber
warfare you know our our armies for
cyber warfare because the future will
not look like the big guy with the guns
right the future will be the guy in the
back with the computer and so looking at
things differently has to change and so
my answer to how we look at this was
hacking right I’ve got really into cyber
security and I wasn’t gonna call it some
polished security company I wanted to
call it exactly as it was
hacker house of the hackers by the
hackers so when I say hacking what do
you guys think of creepy crawlers yeah
guys with hoodies sit in the basement
don’t talk to each other eat pizza
pockets right something like this and
when I ask people what do you think of
hackers like at every single one of my
talks I always get this like yeah
hackers are cool and then I get this
whoa welcome to the party
and then we all look at them and then we
all think about the movies we’ve seen
and we’re like yeah that was a cool
movie Angelina Jolie’s totally hot and
then we think about the scary mask that
gets associated with this and the
demonization of this you know guy in the
hoodie right cuz all good superpowers
come to those who wear hoodies and I sit
there and I’m like wait a minute huh
let’s go one step further what’s the
stereotype that you think hackers are
hmm no we don’t hack Instagram and no
we’re not gonna get hack your games and
I’m definitely not interested in hacking
your snapchat but poor Facebook like on
a daily basis I get emails can you
please hack my boyfriend’s Facebook and
I mean their security team must be off
the charts like swamped with
vulnerabilities because this happens on
a daily basis cracks me up and no I’m
not gonna teach a black hat services not
interested and I’m not gonna teach you
how to steal credit cards because that’s
just well not cool right you know even
if I did teach at a steal a credit card
that dudes just gonna call up the
company have it cancelled and there you
go that’s a waste of time now we’re all
human right so we all have our
idiosyncrasies and we all have problems
like this and this cracks me up too
because everybody always asks me to be
able to hack their boyfriend’s email now
what this one cracks me up is because
they wanted it for free and I thought no
not only is it criminal I’m definitely
gonna charge you for that and then the
other thing the other thing that happens
is they always you know cuz it’s
boyfriend’s cheat girlfriend’s sheets
part of life we’re all get insecure at a
time this girl sent me an email and
quickly followed up with and can you
teach me how to learn which I thought
was funny and I was like wait a minute
no message we got to change this around
listen hacking is not a bad word right
you got to turn this upside down think
of it differently hackers to the very
root of what this means means pursuit of
knowledge
hackers are stealthy they are data focus
they are driven oh my gosh put some of
the craziest minds together and see what
they come up with we also have cool
offices but the big part of our culture
is to break things apart is to
understand how they work so I’m not
gonna just stick an iPad in front of
your face and tell you oh wow isn’t
she’s so tickled the reality is I want
you to understand how that computer
works go build one yourself go write
your own code
right your exploits don’t how to do it
we’ll show you you know so this is what
we do we analyze signal frequency
analysis we take apart
car alarm systems home alarm systems we
try to teach you how to send packets to
space you think everyone’s excited about
cyber just wait till they jump on that
space train that’s coming you know this
is the future of jobs I know it was all
doom and gloom you know from the very
beginning about AI but actually there’s
a lot of cool stuff that we are building
we fly and print our own drones we test
wireless communications we look at SDR
because guys the reality is commuter net
and the insanity is doing it over and
over again so what we’re trying to do is
actually empower organizations will
train you up inside we don’t want to be
another consulting firm we did it
because that’s what we what was the
easiest to route to market because when
you have a name like hacker house you’d
be surprised how many people get scared
so we we we sat there and we’re like all
right here we are we offer yourtears
testing services but what I’m really
interested in is helping you guys learn
how to do this yourselves because 90% of
this hacking stuff is easy you just have
to understand how it works
so and one of the best ways that I can
show you how to do this is think about
it like hacking pirate ships right
there’s all different kinds of ways to
an attack a ship there’s all kinds of
ways to get inside a computer and if you
think about these two ships being lined
up against each other there’s all
different ways to I don’t know attack
another from one ship to another you can
swing across the top mask you can
actually throw knives from one ship to
another although I wouldn’t recommend
that you can start shooting guns or
think of an exploit like firing a cannon
from one port into another port one port
on a ship could be the maids chambers
and that’s the file server another port
is the kitchen
that’s the mail server right so what we
do is we break down this hairy scary
do just break down some of the scary
stuff so when I say a terminal
my neck has green and black numbers you
aren’t sitting there freaking out
because it looks like computer jargon
that you’ve never seen right the
training courses we are endorsing
actually help empower you yourselves and
your organizations to understand so here
we are we start with an nmap scan and
map what the hell is that basically you
run a scan on your computer to look at
what ports are there some are open some
are listening some run from emails
summer file servers we run man and map
as a way to teach you how to look up
things inside your computer so it’s like
a Google for your hacking terminal right
it’s easy to look at what scripts are
being used how they’re used this crazy
word called brute force right how does
that mean brute force is like is a way
at attack it is an attack to enumerate
or to take out usernames and passwords
it’s very important that if you can run
in a brute force on your computer that
some other guy halfway across the world
can also run a brute force and they can
extrapolate your usernames and your
passwords so in this case we walk you
through how to do such that now everyone
thinks I’m teaching criminals teaching
you to be a criminal but actually it’s
really important that if you get a
computer an email that says default
passwords or web mail you learn how to
change them right and you have to see
where you are vulnerable
another huge vulnerability that happens
is when you is with this thing called
Berkeley it’s a vulnerability in an SSL
right so it’s another way to extract
usernames and passwords so let’s think
you let’s say you’re being all clever
and you you can change your password
from not a default but to something else
as we see right here with Jenny well we
can still run this attack and get in as
Jenny and steal her credentials now this
is something really important
organisations have to get in the
practice you have to get in a practice
of doing this because it is you
ultimately that are using devices and
connecting everything in your home
we are so keen to make sure you can feel
it
you make sure that you understand how oh
here we go again because the internet
gives you access to everything and it
also gives it access to you and everyone
is prone to human weakness so what is
smart some dude on Twitter gave me this
and I was like awesome I’m gonna give
you credit in my talk so anything that
is an attack or a potential in software
that could be a use it as a ransomware
attack so this is all the devices
essentially now you’ve got 65535 ports
per device you got smart cities smart
cars if I can change this thing and
smart homes and you live in this world
of the internet of vulnerabilities like
really we all are so vulnerable so if
you don’t know how to hack you should
absolutely learn and inside your system
attackers can stay for up to 200 days
weird ask the any of these guys so the
other thing is phishing everybody asks
me about how phishing sorry this
clickers not making it so easy to switch
through sometimes when you have attacks
you have to what they call a drive-by
attack and a drive-by attack if you want
to get to the next video is when we send
you to a site that everyone likes what
are some of your favorite sites Amazon
LinkedIn Facebook right and what you can
start it um when you are sent to these
sites what happens is a bad guy has sent
a link in an email for you to download
automatically starts on your computer so
this is when people say how the hell do
I get hacked all the time well 90% of it
is done by a phishing attack and it goes
something like this
and I’m showing you this because I all I
need you all to understand that this
happens to everyone not just a few few
guys right so this is our receptionist
desk here’s our attackers desk he’s
running an exploit he’s targeting this
person he’s he’s saying exactly who he
wants to send this email to in the
format that he wants to do so in this
case the receptionist in form of a
LinkedIn request so this is something
that happens on a daily basis and when
you were targeted there’s nothing really
you can do except for to protect
yourself in this case
she’s just sees a LinkedIn request like
we all do from an attacker she clicks on
it look she’s got an AV running isn’t
she protected not really look at the
Russian calculator gives it all away in
this case she wasn’t directed to the
actual profile she was given this blank
screen now we go back to our attackers
website and we actually see that he is
now inside this machine he has planted a
shell in her computer he has what we
call a wrapped a remote access tool that
is now accessible from her as the
receptionist and it goes back to this
computer so this is what we try to do we
walk through some of the scary bits
because if 90% of us click on links that
we’re not supposed to we’re all under
potential threat then there’s just no
way no government money no industry no
one’s going to be able to keep up with
the amount of people needing these
services so I leave you with this one
last note we can go back to the main
screen I guess um then I want you all to
go home try try this just try for a
second to download the training program
or learn some new skills go take a
course online come join us at hacker
house whatever it may be but don’t be a
victim because guys right now our skills
for the future will depend on your
ability to embrace as we’ve chosen to
this connected world and we really must
not see hacking as a bad thing in
hackers of the Internet’s immune system
and they’re one of the most fundamental
skills of the 21st century and so I
encourage all of you to have some fun
exploring thank you and happy hacking [Applause]