to own their homes. most people do. you buy a home you wanted to be yours. you can't do that in mexico but we want them there anyway. we invented since the 1950s -- you get around the law. you can more or less own your home but can't get a mortgage. you can't really inherit it. but you can't really use it as a deposit on something else. so we have this absurd situation whereby on the one hand we have laws that are not applicable and ingenious ways to get around them because reality demands we get around them and all of this does is the total disrespect for the will of law. >> you can watch this and other programs online at booktv.org. >> coming up next former computer hacker kevin mitnick recounts the three years he spent on the run from the fbi

for hacking into a major corporation computer networks. kevin mitnick was captured in 1995 and served five years in prison and is currently a security consultant for u.s. senate on information security. this is just over an hour. >> for those who decided to come the night you can leave your phones on. just kidding. it is fantastic to be here. "ghosts in the wires" took two years. myself and my co-author bill simon, raise your hands. worked on this. [applause] i couldn't have done it without bill. we have different work schedules. i usually slept in until 2:00 p.m. and worked and 05:00 a.m. and bill woke up at 6:00 a.m. and worked until

6:00 p.m.. i put him on spanish time for two years. ready for the second edition. if you know about my background i was a computer hacker that ended up in a lot of hot water. for seven years i restricted from writing the book. i was released from custody in 2007 after seven years and was permitted to go ahead and tell the story. i started computer hacking with my love of magic. i used to ride my bike to the magic store when i was 10 years old to learn how the tricks work. i was so fascinated with it. when i entered high school. you will read a lot about this in the book. i met this kid who could do magic with the telephone system. he was what you call the phone phreak. anyone here read 2600 magazines? he was a phone phreak. he was able to do incredible

stuff. for example if i call forwarded by number some where he was able to break through. my parents had an unlisted number. he could get it in 15 seconds. one day he said i will give you a cool trade. he called this telephone number, you wake for a ton and put in five digit and you can call anywhere in the world for free. how does that work? it must be a fluke with the phone company. later i learned it was some poor company's mci code. he showed me all this cool stuff he could do. i was taken aback with this technology. he showed me how to get information from the phone company. if he had my parents never he could get the name i was listening to. if he got a friend's name he could get the number. it was like he had control over the phone company. i became a phone phreak.

i loved print. what i used to do with my phone knowledge was pull pranks on friends. one of my favorites was to modify my friend's phone service on the phone companies which so whenever he or his parents may and outgoing call on their home phone it was please deposit a a:co a:coin. as a kid i was able to intercept directories assistance so anyone calling directory assistance in providence, road island rather than getting directory assistance operator they got me. you can imagine when you are 16 years old how much fun you could have with that. i do things like what city, providence. may i have a name please? bill smith. i said that number is 55421/237 and a confused woman would go what? 5542-1/2-37. you have to go to the phones

store. i was fascinated by this and i got into ham radio which opened the new world of advances in band but with my prankster persona i did my favorite hack of all time. my favorite was to mcdonald's. what this was, it worked when i walk around. what this was, imagine a customer drives up to the mcdonald's drive up window and i am sitting across the street. i could overpower the guy with the headset in the mcdonald's and i could be the mcdonald's customer service person. you can imagine what fun you had. people would come up. i would like a big mac and large fries. we don't serve hamburgers anymore. we serve tacos. police would drive by and get rid of the cocaine. i could see the poor guy inside the mcdonald's freaking out

because he could hear everything that was going on but couldn't stop it. we respect king, 17 years old. one of the planes in the book is a customer drives forward. can i take your order please? we're offering free apple juice. would you like a free apple juice? yes. our ice machine is broken but go ahead and drive forward. would you like small, medium or large? large. it is free and play a recording of what sounded like the intercom. please drive forward. after irritating mcdonald's so much, the manager comes out of the store and is. if into every car in the parking lot trying to find the culprit. across the major street, then he walked over to the speaker on the drive up window and puts his face -- and could resist. i went what are you looking at the! he flies back ten or 15 feet,

stumbling like the mcdonald's drive up window is possessed. anyway i pushed the envelope. after i got involved with hacking, mainly that was to gain more control over the phone company systems so i could pull more pranks. and i got involved with hacking in all the companies in the united states and started really pushing the envelope because while i was doing this i was having problems with the phone company security department to the point that when i was 17 years old they sent a letter to my mom we are removing your phone service. by mom was so a agree with me that she grounded me but i said don't worry about it. i can get our phone back. we live in a condominium complex.

our unit number was 13. i called a certain department in the phone company that does provisioning for new lines and said there was a new unit being added to this property. the unit would be added in 12 be. they would go ahead and provision it. a few days later -- >> for more information -- >> for our unit number. call the phone company and ordered service for unit 12 be. when i do this i had a little bit of shots but because i asked a special number. i want the number to end in 007 because my favorite hero was james bond. what is your name? i go jim bond. i would like a number ending in 007. she didn't even flinch. at an end of the conversation you should make the listing out of my phone service to my real first name which is james. stalin had the number james bond 895-50007. we had that number for weeks

before the phone the company got wise and one day the phone went dead. six months later they gave us phone service back. at hmmm point in my life i was arrested for hacking into an equipment corp.. the government at the time really needed to set an example for we have this behavior, we need to set an example for everyone in the united states. i remember when i was going for this detention hearing, a bail hearing the federal prosecutor had told a judge not only do we have to detain kevin mitnick but make sure he doesn't get near a telephone in prison. the prosecutor said the reason is kevin mitnick can pick up

phone, dial in to norad and whistled what code. in court i actually laughed because i thought that was incredibly stupid of the guy and figured he would lose all credibility but the judge bought it hook, line and sinker and i was in solitary confinement for a year. would you think putting someone like me in solitary confinement was going to stop me? no. they have a special list of phone numbers i could call with my wife at the time. the marriage didn't work out because i was in custody. that is another story. by attorney, my mom, my father and my and a, i was in high security. when you're removed from outside yourself actually handcuff you and shackle your legs and move you to a phone room with three pay phones on the wall and a guard would say look in the book and who do you want to call?

i want to call mom. he would dial the phone number and hand me the phone. and back of three four feet and sit in a chair and wouldn't take his eyes off me. i am thinking how can i defeat this? the court was long so i would walk back and forth and scratching my back and rubbing my back against the phone and i got the guard used to this behavior and i actually put my hand behind my back and to feel the switch hook and i was in a conversation and ended the call but kept talking as if the call didn't an end. i leaned back on the switch hook and put my arm in front of me. i had 18 seconds before the phone would be. i knew this. in five seconds i went to scratch my back and dialed zero and another phone number. the next thing that is going to

happen is an operator will say who is it a collect call from? eyes and tell uncle harry kevin's says hello. that is when the operator goes who's the collect call from? i was able to call anywhere to anybody who would accept a collect call on a court order phone restriction. so that lasted only a few weeks. one day might sell blower opened. it was the executive of the prison.

unremembered an address system s account, and i gave her the address. she tried it two, three, four times. she goes, rick. i go, yeah. she goes, your security manager. i think this is a security issue. i'm on hold. oh, my god. yell when you are waiting, some here to return to the phone and second select minutes. i'm walking down the street and i'm almost to my apartment. it has been five minutes. i assumed that mahler let -- motorola is picking up a tape recorder. exhibit a for a court case later. so she comes back. i'm careful. she goes, rick, i talked to my security manager about what you're asking.

that ip address you gave us is outside of motorola campus. notice i'm not talking. she said, well, my security manager told me that we have to use a special proxy server to send files outside of motorola. [laughter] she goes, i don't have an account on the proxy server. and i guess i'm sorry for moving back and forth. i don't have an account on the proxy server, but my security manager was kind enough to give me his personal user name and password so i can send you the file. so the key into the front door of my apartment, the source code. now, think about motorola. a great company. they have the best security that money can buy. firewall, and trees and detection. the problem was, that did not train their people well enough. i ended up getting prosecuted for it. it was so damn easy to do.

so easy. so eventually i became a fugitive. a lot of the book covers my cat and mouse with the fbi. the fbi said an informant to help them now at me. i was able to figure out that this guy was truly an informant. then i was so curious about what was going on, i just had to know. i hacked into the local cell phone provider, kind of like at&t or t-mobile. i was able to identify the telephone that the fbi agents used that are chasing me and was able to do traffic analysis, so i could see who was calling them into they were calling and to those people were calling. i was also able to get location information. i was basically watching the fed's trying to capture me to be

playing this cat and mouse game. eventually i was able to set up a device at my office. i was working as a up the i in los angeles. i was able to set up a device so that any of the fbi iphones came within one or 2 miles of me it would send me an alert. part of my fbi early warning system. so one day september 20th 1992, i'm walking into the office early, which is kind of on like me. i put in the code to get into the office. i keep hearing this beep, beep, beep. what did they do, since the code? as i'm walking to my office that beeping is getting louder. i hear that it is coming from my office. i start getting concerned. somebody put some kind of tracking device in my office. i go to my computer and it is a detective, fbi cell phone was in

the area two hours ago. i figured out the fbi did not come to arrest me. they came to search my apartment. what i did is i wanted to help them out. i went over and bought a big box after cleaning my apartment out and making sure there was nothing interesting, a big box of doughnuts and wrote fbi doughnuts on the box, stockton in the refrigerator. a couple days later they came to search and retreated. again, i was in this insane cat and mouse game. eventually, as always, the fbi gets their man. i was arrested in 1995. they threw the book get me. i was in solitary for a while. i went through a long process of dealing with the federal government. we finally settled the case. three months after i got out of custody, who was calling? senator fred thompson and

justice -- joseph lieberman. they want me to come to washington so i can advise them on how to protect key -- computer systems are operated by the federal government. i was honored. walking out of custody and now the government is now asking me for my help. i went and testified and offered them all the advice that i could. i basically from that point it became what we call an equitable hacker. i had into systems all the time. a couple days ago i broke into a server. the only difference is now i have authorization. the company allows me to have can so that i can find security holes so that they can fix them before they're real bad as break-in and cause damage. so a little bit about my story. i have demos to show you because when i do speaking engagements around the world, nothing makes the audience happier then doing demos. interested? >> yak. >> all right.

perfect. about six months ago i had an assignment to break physically into my client's building in san diego, california. have you ever seen a lot of access devices that are typical? these are cards. i didn't build it. i simply bought it, but it is available. this is an h id cards to for. i can get close enough to somebody wearing the card. i can steal the access credentials and replay them into the device. now, imagine, i kind of like put this in my pocket. you run this up the sleeve. so hey, hi, how're you doing. tap someone on the shoulder and

it will be close enough to capture the credentials. it is kind of cool. i have three demos to show you that i think our kind need. this is like a hit reader. you pass the card. hold on a second. let me restart this. of course, murphy's law, right? my machine broke. one second. ,,

kind of cool. all right this is called my skybridge. ever get an e-mail from citibank, at ebay, paypall telling you there has been a problem with your account? click this link and it brings you to the page that is not ebay or paypall. it is a scanner. now, as the industry has pushed down in the bubble of fraud, what it does is pops up somewhere else. so now they're using voice response systems to scan people.

ever call your bank and here, you never get a person any more. you get an automated system. they want you to put in your credentials, account number and password and if it is correct they transfer you to somebody. so imagine if i could send you an e-mail, make it look like it is coming from your financial institution, but instead of asking you to click on the link because you are told not to do that because everyone is smarter than that and you will fill out a form. it says, we found a problem with your account. please call us within the next 24 hours or your account will be terminated. what are the chances you call the bank? let me show you what happens when i send you the e-mail and you call your bank. watch the screen. put this on speaker phone. does this actually work? everybody can hear it, because i don't have a phone here. what we are going to do is call chase. let me get -- does anybody have

a chase card here? [laughter] i don't know why nobody volunteers. i have one. so imagine you get an e-mail, and it says to call chase. so -- whoops. i'm going to put this on speaker phone, so that you will hear it. and then i want you to watch my computer as this happens. and this is the real thing. >> welcome. please into the last four digits of your credit card account number. >> you hear that? asking me for my credit card account number. wait. that is weird. >> we are sorry. the number you entered was not recognized. please enter your 16 digit credit-card account number. >> some people will put in their account number. put your pans away.

[laughter] so capturing the card number in real time. sorry. >> please enter your zip code. >> having me authenticate with my zip code. 89074. >> to speak to an adviser please press zero at any time to read your current balances -- >> okay. that is a big balance. all these expensive hotels in new york. anyway, how this actually worked is, i did a man in the middle attack. i give out a telephone number that looks like it is the bank's number, toll-free number. when the victim calls, they are calling a number that i have control of which connects to a system running open source asked. my system calls the real bank. i am the man in the middle. you can do all the transactions and has -- talk to the customer

service representative and i get your credentials. there is no way to detect this. the worry if somebody sends you in e-mail. check to make sure the phone number actually belongs to the bank. this is -- the way hackers were doing this before, and i thought of this as a better system, they set up open source *, which is a open source pbs. they call banks, credit card companies and record all of the prompts and then they set up their own number so that it sounds like the bank and feels like the bank, but if you put in your real credentials it does not work because it is fake. what they do is basically say well, we are sorry. there has been a problem with your account. please talk to our customer service rep. and we will transfer you to music on hold forever. this is a better way. one last demo. i thought it would be cool to show.

it's about getting information on people. i need a volunteer. i'm going to try to get your address, phone number, date of birth, and social security number within about 60 seconds. so, if i can do it, then you know that the identities can, too. this is kind of a wake-up call to show you how easily somebody can get your information on the internet. i am looking for somebody that does not have a name like bill smith, somebody that has established credit. not somebody in high-school. any volunteers? you have to allow me to display all of your stuff to everybody in this room. [laughter] come on down. come on down. don't give me somebody else's name. i know you are not donald trump. [laughter] all right. the databases. you live here in new york? >> yes. >> all right. here is the database that anyone can subscribe to.

hold on. let me make though window a little bit different here. what we are going to do is -- i will just do an name in state and make it easier. what is your name? [inaudible] >> spell it. [inaudible] >> and your first name? [inaudible] >> that is good. that will be bill smith or terry jones. let's see what we can find. >> twenty-three years. >> all right. >> for a dollar 50 let me show you what identity these can do. kind of scary. is that you? your social. >> my lawyer can answer that question. >> you are young. twenty-two. so i mean, this is how easy identity peace can use databases to get your social, date of

birth, driver's license information. that is easy as well. [inaudible] >> what? [inaudible] >> almost everything by u.s. mail. >> does not matter. does not matter. it does not matter. in fact, people think their mother's maiden names are secret. i will show you another. in fact, what is your mother's maiden name? what? [inaudible] >> thank you very much. i will use that later. [laughter] i'm sorry. [inaudible] all right. all right. so, hold on a second. hopefully my account still works. this is kind of scary. i was surprised. now, in case you are looking for my password, it is kevin 123 to

make it easier. so, mother's maiden names. who played in catch me if you can't? dicaprio. he was born in california. let's see if we can find his mother's maiden name. so, spelled that way. de-hi, right? and then we will look for anyone with leonardo. we will do a search. there we go. so we found we not a dicaprio. his mother's maiden name. that is how easy it is. you live in a database nation. basically. >> and get your mother's maiden name, driver's license number, social security, date of birth, address, and phone number. never use those as a password. i remember calling my bank five years ago. having it authenticate me as the last four of my social. i said i want to use a password.

they said, your social is secure. no one can get it. i go, can i get your name, i want to show you something cool. i was not able to show the employee that the social is kind of like an open book. i am here to sign books, or we can open it up for q&a. i have shown up tonight, the gift is my business card. so, what is cool about this business card, what is cool is that if you get locked out of your house, this is a lot pick. [laughter] every time i go through the airport and tsa because i carry a lot of them, i get a bad check. they look. that is kind of cool. a circuit board. no. i explained to them that it is a lot pick. they go, cool. can i have one? i make friends with everyone at tsa. after my talk i have a card for all of you. kind of a gift. [applause]

[applause] you can ask me anything you want. except passwords. i will be happy to, you know -- then we will do some book signings are whenever. >> if everybody can please wait for the microphone to be important for the recording so that everybody can hear. >> high. now that you have revealed -- >> i know your name. >> she me now. now that you have revealed everything, how do we keep everything private? >> you have no privacy. get over it. that is the problem. that is why there is such a problem with identity theft in america. it is so easy to steal the information. it is simple. that is the problem. the system is broken because you authenticate and your social security number or mother's maiden name, which is, you know, not the thing to do nowadays.

>> to you agree with your friend , adrian. >> what? >> your friend, adrian. >> oh, yes. >> to you agree with his decision to get to the authorities? >> i don't agree with why. he is the guy that turned in bradley manning who is, i think, that private in the u.s. army he stole the documents and turn them over to wikileaks. what i know of his background, and the only reason he did it was for media attention, not because he was a patriot or afraid to be a co-conspirator. i think he did it for the wrong reasons to basically informed on sunday for his own personal benefit. so for that reason i don't agree with it. if, on the other hand, he did it because he wanted to protect the country or because he was afraid of being prosecuted as a co-conspirator than a hundred percent. there is my answer.

we for the mike. >> hi. >> i wondered if when people use the service like reputation that, to get themselves removed out of databases, whether that actually works? >> you get removed out of some, but the information is out there. bought and sold, so there is no way -- the only way to get yourself out of databases is to do what i did, create new identities, but i would not suggest it. that is the only way unfortunately. yes, sir. >> high. my name is steve. first, i want to thank you for the radio interview this morning. that is how i learned about this. >> oh, great. >> now, i have been involved in education, and i teach a lot of stuff with computers and robotics. a number of years ago i personally got into this thing with the company that was

developing software, basically that was encrypting your own personal e-mail, your own personal messages. >> okay. >> one was using an algorithm called blowfish. >> they developed it. >> his company, in fact. and after that i have seen ppg and other things like this to read to you have any idea why in the present society people are so open with these communications that tape sensor as to the internet and through the air and everywhere without encrypting it? do you feel that encryption is something that just can be hacked and broken into and is meaningless to use? >> well, when i was a fugitive, the fbi used in cricket radio transmissions. i really wanted to know what they were saying in case there were close to me to ensure there were not talking about me, so that i could get the hell out of there. so rather than trying to crack the crypto, which was developed

by motorola will try to get the key, which would have been impossible, the attack i did was what we call it denial of service attack. when one side of the fbi was communicating with the other i would jam the signal. i did this three or four times. and that agents thought that their radios were malfunctioning. they went into the clear so i could hear the whole conversation. that was a way of cracking government crypto without having to break the key. >> i was not talking about government. i was talking about me sending you an e-mail, so that i know only you would be getting it. in fact i am so terrified of this e-mail business that most of my -- >> you can use crypto. >> most of my communications, i seriously use u.s. mail for almost everything. >> but if i wanted to get your communications i would not be worried about intercepting it in real time. i basically would break into your system using some sort of exploited now where so that i

could just intercept your keystrokes. >> i have had problems. >> just because you use acre to the mill does not mean you are secure. >> you are saying in a cryptic e-mail is really packable even if it -- >> it depends on the end points. you have alison bob. if you can break and that alice or bob's computer you can get the income did information without bothering to crack the key. >> i have been a victim of two banks. this is why i got to be so fearful. a municipal bond was being transferred from one bank to the other, and between the two banks it was literally robbed. it took them three years to try to trace it because i had sales receipts. that was the only thing that was physical on paper. from that point on robotics, programming. very much into public domain. but i am terrified of female. i think you understand the reason. >> i understand. >> thank you very much. >> thank you for coming.

i want to pass the microphone to the gentleman here over here. >> how did you get started with the free kiffin movement? >> 2600 magazine. what happened this because of the unusual things that happened in my case. held for four and a half years without trial. there was a lot of issues. emanuel goldstein, after about three years, started the free kevin movement to get the word out about what was happening with mike case which had did you hear about it originally? >> basically by family, by people sending me snail mail when i was in custody. that is how i found out, telephone calls that i had with family and friends. >> i just thought it was an interesting story of you putting the sticker up to the window in prison. >> when i was in custody they sent me free kevin bumper

stickers. on my 305th birthday people from 2600 magazine came to the present. i knew there were there. i said, wait until 130. i can get a pass. i had a free kevin bumper sticker. while i was in custody, federal detention, i was able to put it up where people could snap a photo. on the box said. >> thank you very much. >> you're welcome. >> you are next. go ahead, says the microphone is next to you. i can't hear you. >> is being. [inaudible] >> microphone. >> this being a white hat hacker give you enough to grill and interest to replace? >> oh, yeah. my drivers for hacking or intellectual curiosity, pursuit of knowledge, seduction of adventure. it was never about stealing money. so i did get a huge endorphin rush when i was able to crack a

system because it was like a video game. bypassing security obstacles. i get the same endorphins today. when i get into a client's system i feel good about it, and it is still a little bit of throws seeking. i get paid for what i did illegally years ago. pretty good. it is like, take something that is a criminal activity and make it legal. yes. >> when i saw you doing that intercepted, my main thought was nfc payments where they basically have -- just so everyone knows, rf id kind of tech. is that pretty easily breakable as well? >> i have not messed with rf id. there is a guy named chris paget. he was able to -- i think a hacker security conference in las vegas, he was able to intercept rf id cards at a pre substantial this -- distance.

again, the only technology that i have looked at because of doing physical testing. i have not looked into our fit stuff. yes. >> high. >> hey. >> obviously you have experienced the problems of the system. >> just a bit. >> what type of advocacy do you do today in order to fix some of these things? and now you have testified before congress and stuff like that, but is there any more underground stuff going on? >> really i have not advocated anything because i feel like i am powerless to change the system. you know, the world has changed. mike case was prior to september 11th. everything has completely changed. now we have the patriot act. was to protect us from terrorism, but the government

wants to keep those laws on the books even after threats dissolved because it gives them more power. it has actually gotten worse than it was back in the mid-90s. unfortunately we have to live with it. yes? >> lopez. question for you. my entry started at the young age with computers, inspired by you. >> thank you. >> what was your first experience with a computer system that caught your entry? >> high-school. i was a senior in high school and tried to get into the computer class. the instructor refused because i did not meet the prerequisites of having calculus and all these other prerequisites under my belt. ice but is showing him some of the checks i could do with the phone company and he said, okay. you can come into class. that was my first experience working with computers. of course the teacher probably

regrets that decision today because i kind of drove him crazy. one of the first programming assignments was to write a program that would find the first 100 to the 19 members. i thought that was kind of boring. i bought a cooler program would be one that would steal everybody's password because that is pretty cool. students would be at the terminals. i wrote what we call a lot in simulator. when they are logging in there talking to my program and not the computer operating system. so unfortunately i did not have enough time to finish the assignment, but i turned in my password stealer program, and the teacher was actually impressed and gave me in a. hey, kevin wrote this program and showed it to the class. today if you did you would probably be arrested. so back in my day hacking was not illegal and you were actually encouraged by teachers and in high school that it was a

cool thing to do. and because probably of these ethics is what led me on the past where i started out hacking and i got so passionate with it that i just did not stop. any other questions? the question of there. >> sorry. right here. >> okay. >> yes. >> when you were doing all of your hacking and were on the land, did you think that you were going to get caught? >> no. actually, when i was running from the government i was so adept at creating new identities that i thought it would be really difficult. i always thought and the back of my mind to keep doing the same thing. i continued hacking. eventually i figured if i make a mistake and probably could not get caught, but i was not thinking when i was on the run that i'm going to get caught. i thought i was going to outsmart the fbi, which

obviously was a ridiculous notion many, many years ago. it became a cat and mouse game. i looked at it as a video game. i did not look over my shoulder. i was not afraid of every cop car the past. i had bonafide government issued id. legitimate jobs, working at a law firm in denver, a hospital in seattle. i set up early warning systems at the law firm. one of my responsibilities with supporting the telephone system, which was kind of cool. i could not have written this job description better myself because now i was able to insert cut into the phone system so that anybody -- if anybody in the law firm called the u.s. attorney or the fbi immediately sent me a page. a four digit code that happen to be the last four digits of the telephone number for the fbi in los angeles. i said that these early warning systems so that if the trip wire was hit i would be able to get

out quickly enough. >> i want to know. obviously you were in this for the thrill of it. >> right. >> anything out there you are seeing now that actually scares you that people are doing? destructive that our -- >> the trend has changed. now it is all about organized crime, leveraging hacking skills , recruiting hackers to steal credit card accounts, identity theft, bank fraud. it has become a huge problem. back in my day the people i associated with and myself, it was not about the money. it was about that role and exploration. it has all changed. still have groups of hackers that do it. it was more for the media attention than for trying to send a political message. but most of the trend has gone toward profit. that i have seen.

>> so, i have kind of a funny question. i have heard a couple of different versions of the day that you got actually arrested. >> yes. >> one of the versions as you coming to the door, and the fbi agents saying, are you kevin divvied you kind of denied it. well, do you want me to show up tomorrow. it threw them through a loop. >> detailed in the book. >> excellent. >> the full details of what happened is i actually, they were not sure that i was kevin mitnick for three and a half hours. i was a good actor that date. i remember at one point when they were searching my apartment they had -- handed me a wanted poster. they said, doesn't that look like you. i studied it for a moment, thinking maybe i could really get out of this. [laughter] i go, no, it doesn't.

what am i going to say, right? so i have them going for three and a half hours because they don't play games. if they knew i was mitnick they would arrest me and take me down. they don't have time to joke around. i was really hoping. and at 1. i was hoping that i could get out of that situation. one of the case agents said, well, we're gong to have to take you down to the office and fingerprint you to see if you are really mitnick or not. i said, why didn't you think of that idea earlier. we would not have wasted all this time. tell me what time to show up tomorrow morning, and i'll be at your office. i tried. [laughter] i had nothing to lose. i did my best. of course, it didn't work, but i did my best. >> my question was actually about, i think, in essence, your book is about hacking and social

engineering. >> it's both. >> do you consider yourself more analogous to frank abigail jr. then you do our stereotypical understanding of what a hacker is, like from what we see in movies like hackers or sneakers. to you think that is more of what you do as opposed to what frank and the engineer was doing? >> actually, a hybrid of social engineering and technical attacks. for example, let's say i use the technical exploit to get into a large company. looking for a piece of cut. i wanted to examine that cut. if i got access i could figure out how to break into that the operating system. i would use social engineering once i got into find out what server code was interested in was on because it would be much faster than me sitting on the network from month looking for it. i used social engineering and technical exploitation. we focused more on the social engineering side because we thought that was more

interesting. all right. and frank reviewed the book, and he liked it. he called me a master social engineer. i don't know what that means in his category, but i guess it is a compliment. so i was very happy that he did, because he never refused bucks. it was a great honor, actually, to have my book review by him. any other questions? >> what is your relationship to it john bark off? i saw something on twitter. >> you follow me on twitter. >> static. >> obviously he and i have not spoken. a new york times reporter who wrote about me back in the 1990's. in his reporting he actually had stated things as fact that were not true, that i hacked into norad in 1983 and nearly started a nuclear war. that was right out of work games. i must other ridiculous

accusations. what it did was to elevate the interest that the government had in the mitnick case. his agenda, i think, was actually he wanted to write a book into a movie. so if you have the new york times at your disposal, i imagine the interest you can create in cashing in. so, on twitter the other day, of course, i am i naturally born smart. new york times did a book review. i don't understand this. a book review, but the last three times they wrote about me i was on the front page. i'm not this time. so this was not directed toward him, but he responded one or two days later and said, maybe that is because it was not written well. kind of like a date. [laughter] i told him, listen, let bygones be bygones. i think he should become a fiction writer because you have a great imagination. so then it all stopped.

anybody else? >> work you pin that carting game also? >> what? >> parting. >> i never parted. carting is using other people's credit card numbers. >> have you read kevin's new book? >> yes. an excellent new book called kingpin. it is about the carting underground, and i highly recommend it. >> everything is true in that book? >> i believe so. >> is there anything you would like to share that we don't see in the book that got cut from the earlier version? >> we could be here all night. until tomorrow morning. i mean, lot. my editor over there, my

fantastic editor -- [applause] [applause] kept telling bill and i, you know, over workout. you have to cut ten, 20, 30%. i could not figure out what stories to cut because they were also interesting to me. it was a miracle. agassi decided that we would leave a lot of them and and we did not have to cut it out. i was talking to bill the other night. we just missed the story. i wanted to include. we both laugh about it because obviously we can't edit it now. lots of other stories. the next book. i'm trying to think of what i was thinking of the other day. okay. here is one. when i was running from the government on my computer i kept everything in cryptic. at the time i was using norton.

suppose to be using 56 bit to encrypt your virtual disk. and this guy named peter gunman who is a world-renowned cryptographer wrote a white paper talking about how vulnerable this tree was. when i read it i said, oh, my god. i am using this product i had ten and took the source code and analyzed it myself and found out there were only 30 bits of entry feet meeting that there were 56 bids was really 30 effective, which means that anybody can crack in a time. of course i changed the encryption tool that i was using. the feds were never able to crack the key. so there is one story that is not in the book. back there?

>> to you have any advice for starting your own penetration testing company? obviously things are a lot different nowadays. >> you want to be my competitor and advise you. [laughter] >> i think it is a terrible business, and you should not compete. actually, hire the best people. when i detests i have an hourly rate. what i do is figure out how many hours it will take. because i am so passionate with this type of technology, ordinarily spend twice the amount of time. i am basically, you know, doing this pretty much free because in this cup of the agreement i only have to spend x amount of time. i find i want to investigate something. i think this would actually work. i end up spending sometimes double the time on the engagement. i'm not charging more because of what to do a great job. so the good thing is i get a lot of repeat business because my

clients go, wow, you went overboard. yes, because i wanted to own everything you have. on means break-in. if i didn't break into everything i don't feel i did my job. >> when you were talking saying the world has changed a lot, i know from my experience, i do work with high-school students, and i do teach. there are a lot of kids that are fascinated by hacking. what they are doing, things like trying to take videogames and get the codes so that they can change the game slightly so that they can move the game from one game platform to a computer or something else. old-style hacking is alive and well to some extent. the second thing i wanted to point out, how do you feel about open source material, open source coding, things that are publicly shared?

>> i am a proponent of open source. i use it myself. there was the ten year-old girl this year. she was actually able to crack some of the video games. messing with the timing. you have a girl that was a hacker, you know, playing games. kids these days. you know, one of the going to grow up to be? any other questions? so, these business cards actually cost me money. rather than sell them to you, all i need is your password. [laughter] i'm kidding. [applause] [applause] well, i hope you enjoy the book. it has been great talking to

everybody here. one last thing. in each chapter you will see on the chapter heading there is a cryptogram. on the odd chapters the cryptograms are quite easy. on the even chapters there a little bit more difficult. because i cannot legally do this, but this is what i will probably do. not a promise. i will find everyone who was able to crack the code, of website to register and put their names in a bucket and dry out tend to be the fbi was kind enough to return my computer evidence. still the fbi evidence bags with fingerprint dust. i would give out ten of those. it's not a promise, so it is not a contest, but that is probably what i will do. i will be happy to give out cards, books. all right. all of this technology. yes, let me do that.

>> for more information on it kevin mitnick visit mitnick security dot com. >> in your book you talk about one of those life changing moments. you are watching the hearings. what happens to andrew breitbart? >> i just graduated from college, a place where it was like my bar mitzvah. i thought in my bar mitzvah of that i learned an education budget is in, but i left feeling very empty because i just learned how to chant. i was open for a spiritual experience. i felt the same way in college. i was an american studies major. the stuff i was reading was incomprehensible and jargon. it was none chomsky like in its lack of comprehension to a person who does not understand that language. it was demoralizing.

i graduated less skilled, less motivated, and i was a waiter my education was a lack of an education. and so i was waiting tables right after i graduated college. i finished my shift. >> your friends would say to you, why are you doing this? >> it was embarrassing and humiliating. the best thing that ever happened in my life, the humiliation of having to work. the people that i was looking up to and trying to impress, looking down on me. i started to pay for my own -- >> your parents cut you off. >> my parents cut me off. it was brutal, and that is why i dedicated the book to my father cut me off. clarence thomas at the same time. both of their guidance in my life coincided. >> that is a good segue back to the hearings.

>> yes. well, i went from my job and started watching the hearings, wanting to refer the takedown of clarence thomas. i watched the television set. it told me that this was a bad man. the newspapers told me he was a bad man. i remember patricia schroeder walking up the steps. saying, this guy, we are going to take a stand against this guy for sexual harassment. i watched these hearings like a spectator who wanted to see somebody mauled, you know, white lions mauling romans. i watched a one, 82, the entire thing. i went from wanting him to be taken down to wondering where is the beef. what is going on. i don't understand what i am watching. i don't understand the color commentary on screen where they are saying, oh, this is outrageous. i did not understand the bumper stickers calling by me on the

street. what is going on? i don't understand. everything that i knew, everything had picked up in college in my american studies, cultural marxist, the oppressor, pressed, but people are always right. back -- white people are always wrong. and did not understand how ted kennedy, the ted kennedy of chappaquiddick same , joe biden and a series of white privilege man could sit in judgment of this man who was the son of grandparents who were sharecroppers who raised him. he went to yale law school and did everything right, including allowing for any hill to rise through the ranks of the legal profession their jobs with them where she never had a sexual relationship with him at all. he did nothing untoward. she was party to this takedown, and i did not understand how it could be that these white people

of privilege or attacking this black man who was in this historic position, while the mainstream media sat back, took cam down while they and aa cp and urban league and other black liberal leaders sat and seemed to relish this takedown. >> who are your mentors? you had a mentor. we will get to it later who was brutally murdered you had this mentor, and it was along that time that you started questioning the indoctrination. >> this to -- the smartest person i ever met was this guy named mike. i was delivering pizza in high school, and he was different, alternative, and the smartest guy i ever knew. in hindsight, not the most ethical. he took the sats for a bunch of my friends and got them 1600's. the smartest guy you could ever meet. he dropped out of uc santa barbara. while i was going to college he was pondering and doing drugs.

during the time that he was my mentor he was taking me to alternative bookstores to read about left-wing ideas. you know, he very much was into the class struggle. when i started to have these epiphanies, started to get my job, as i was aspiring to be an intellect, trying to understand the world view, trying to embrace the struggle, at a certain point my dad said something that nobody told him. you need to get the job. you need to clean up, get your act together, stop doing drugs. there was a certain point where i started to challenge my mentor. it was not that i felt that i was an intellect and was able to beat him at the game of, you know, s.a.t. scores. i've was still about 400 points below him. but i started to gain the self-confidence and self respect that i could call him out on his misbehavior. i just started to move away from

this guy. i got a phone call once as i was starting to move toward independence and away from this tech homology that absolutely dominated this guy's consciousness. i got a phone call that he was murdered at a hotel room in los angeles. i imagine that it was during a drug deal that went bad. to this day i think the house i have never cried about that. >> but thinking about your parents, your story, how you have had to negotiate with a professor to give you a hired rates that you could graduate because you realized if he did not graduate, the humiliation. then a friend of yours at yale, very bright, called and said, andrew breitbart, i have the perfect job for you. >> yes. he was from harvard. he was an astrophysics major. said jacobson.

after a physics major who always cared for me. he always knew that in prep school i was not going to be that a student, but that was the class clown, but that i meant well. that was how i started around 980d and was able to maintain my place in an elite prep academy where everyone was harvard, stanford, princeton bound. i knew i would not be going to an elite academy in did not want to leave my friends. he knew my burden. he knew that -- >> you would visit him. >> he visited and said, i need to take you on a walk. i said, no, sit down. he said, i need to take you on a walk. he said, and this was when i was utterly word. he said, i have seen your future. it is this thing called the internet. it works the way your brain works. at that point i had been diagnosed with the bill att. i had tried ritalin for about a month and hated