Top hacker shows us how it's done | Pablos Holman | TEDxMidwest

TEDx Talks

30 Aug 201217:50

Summary

TLDRIn this engaging talk, the speaker, a hacker, demonstrates the vulnerabilities of everyday devices, including hotel TVs, Wi-Fi networks, and car key fobs, to highlight security flaws. He showcases inventive projects like 'Hackerbot' and 'Sniper Yagi', illustrating how easily data can be compromised. With humor, he also discusses the potential of applying hacking skills to solve global issues like malaria, showing a laser system that targets mosquitos, and emphasizing the need for a hacker mindset in science and technology.

Takeaways

😄 The speaker demonstrates how a hacker can manipulate a hotel room's television to access and control various functions, including free movie streaming and video games.
🔍 The speaker reveals the potential to spy on guests through the hotel TV system, highlighting the privacy risks associated with networked devices.
🤖 'Hackerbot' is introduced as a robot designed to locate Wi-Fi users, emphasizing the accessibility of personal data in public spaces.
🎯 The 'Sniper Yagi' device is showcased for its ability to intercept wireless signals from a mile away, underlining the vulnerability of Wi-Fi networks.
📱 A project with Ben Laurie is described, where Bluetooth traffic at a conference was logged to track attendees' movements, showcasing the feasibility of passive surveillance.
🗺️ The speaker humorously points out the ability to track Kim Cameron, a Microsoft executive, without his knowledge, illustrating the intrusiveness of surveillance techniques.
📞 A humorous anecdote about voicemail hacking is shared, emphasizing the ease with which everyday technology can be compromised.
👾 The MySpace 'Samy' worm is discussed as an example of how social engineering can lead to widespread security breaches.
🔐 The speaker discusses the potential for car key codes to be manipulated, raising concerns about the security of physical access systems.
🏠 The security of smart home devices, like locks, is questioned as the speaker demonstrates how easily a common lock can be picked with the right tools.
💳 The speaker warns about the security flaws in RFID-equipped credit cards, showing how they can be easily read from a distance.

Q & A

What is the primary focus of the speaker's talk?
-The speaker's talk primarily focuses on the potential for hackers to exploit various technologies, including hotel televisions, wireless networks, and everyday devices, to gain unauthorized access and control. They also discuss the security implications of these vulnerabilities.
How does the speaker demonstrate the vulnerability of hotel televisions?
-The speaker demonstrates the vulnerability of hotel televisions by using an infrared transceiver to send codes that the TV remote might send, enabling them to control the TV and access additional features such as free movies and games, and even spy on other guests' activities.
What is the 'Hackerbot' project mentioned in the script?
-The 'Hackerbot' is a robot built by the speaker that can drive around and find Wi-Fi users, then drive up to them and display their passwords on a screen, illustrating the potential for hackers to uncover sensitive information.
What is the 'Sniper Yagi' and its purpose?
-The 'Sniper Yagi' is a long-range password sniffing device that can monitor wireless networks from about a mile away, used to demonstrate the passive surveillance capabilities of hackers.
How did the speaker track Bluetooth traffic at the 'Computers, Freedom and Privacy' conference?
-The speaker placed a computer in each room of the conference that logged all the Bluetooth traffic. By correlating this data, they were able to create a map showing the movements and interactions of conference attendees.
What is the significance of the speaker's MySpace story involving Samy and Christopher Abad?
-The speaker uses the MySpace stories to illustrate how hackers can exploit social media platforms for personal gain, such as automatically adding friends to increase popularity or using AI to filter potential dating prospects.
How does the speaker demonstrate the insecurity of car key fobs?
-The speaker shows that by manipulating the key fob's code, it is possible to open every car from a specific manufacturer, highlighting the lack of security in these systems.
What is the Schlage lock demonstration about?
-The Schlage lock demonstration is about how easily a lock can be picked using a simple tool and a mallet, emphasizing the vulnerability of common security measures.
What is the purpose of the USB thumb drive mentioned in the script?
-The USB thumb drive mentioned in the script is a device that, while appearing to be a regular storage device, secretly makes a backup of sensitive data from the host computer, such as documents, browser history, and password databases.
How does the speaker expose the vulnerabilities of RFID credit cards?
-The speaker exposes the vulnerabilities of RFID credit cards by demonstrating how easily the card's information can be read by a nearby device, showing that the 'secure' cards are not as secure as they claim to be.
What is the speaker's stance on the mindset of hackers?
-The speaker views the hacker mindset as being highly valuable for discovery and innovation. They argue that hackers are optimized for figuring out what's possible and can apply this mindset to solving significant problems in science and technology.
What project is the speaker working on to combat malaria?
-The speaker is working on a project that uses a laser system to track and eliminate mosquitos, particularly those carrying malaria. The system uses consumer electronics to detect, identify, and destroy the mosquitos, with the goal of reducing the spread of malaria.