used to sing the songs of ridicule and the next time you could be sure. it is a technique to make the application and worst and fear of the enemy. the opposite of shame, as we know from the tribal cultures, in the pashtun culture, honor is the most prized possession of a man much more important than man o' war land or a woman if he does not have on your life not worth living. honor is the high level the% internally will not let

himself wall. a famous gunnery sergeant in the army tells his young marines when they complain about their salaries. of financials salary and a psychological salary. the financial summary sucks but the emotional is knowing that you are part of day collor. i do not need to repeat it. that this honor and it is worth a lot how do you put a dollar on that?

[applause] >> agree team is. for those who decided to come to the talks leave your phone on four me and turn on a blue tooth. just kidding. "ghosts in the wires" and took two years me and my co-author work done this 55 i could not have done this without bill. we have different work schedules because lazily slept until 2:00 p.m. and work through 5:00 a.m. in the wake up at 6:00 a.m. and work until 6:00 p.m. so i put him on spanish time for

about two years. are you ready for the second edition? says you might know i was a computer hacker and ended up in a lot of hot water and i have been restricted from writing this book for seven years per car was released from custody in 2000 after seven years i could tell the story. however started was for my love of magic i used to ride my bike to the magic store because i was so fascinated. you will be this but i met the kid who could do magic with a telephone system. anybody read 2600 magazines? he could do incredible stuff.

if i call for did my number he could break through. of my parents had the unlisted number and he could get it in 15 seconds he said i will give you a cool track. call this number and wait for a tone and put in a five digits to call anywhere for free. how does that work? >> later i learned it was probably some companies mci code but it is all the cool things he could do. stake in back with the technology. and he showed me how to get information if we had my parents never he could get that name, a friend's name he could get the unpublished number like he had full control of the phone company. but i love pranks.

i pulled pranks on friends and one of mind was to modify my friends phone service so in ever there would make the outgoing call it would say please deposit a claim. i'd love to do that type of stuff. i remember as a kid and i would interrupt directory assistance calling directory assistance and providence rhode island instead they would get me. you can imagine when you are 16, you can have with that. i would say the number was different and no one could would say how do i dialed two and a half? you did not get our phone. go to the phone store. [laughter] within i got into ham radio

that open day whole new world is a budget with my persona and i did my favorite haq of all times. it was too mcdonald's. imagine a customer's drives up to the window and i sit across the street i could overpower who the guy with a headset and i could be the mcdonald customer-service%. you can imagine i would like the big mac and large fries. >> we don't serve hamburgers anymore. we serve tacos. we would say get rid of the cocaine. [laughter] if the police car would drive up. [laughter] i could see those guys inside the mcdonald's freaking out they could hear everything but could not stop it.

when you are 16 years old when customers drive or may i take your order? the coke machine is broken we offer a free apple juice. they say yes but the ice machine is broken would you like a small or medium or large? of course, they say it is large then i eight play a recording of what sounds like being in a cup. it irritated mcdonald's so much the manager comes up and peers into every car in the parking lot we are across the street then he walks over to the speaker on the drive up window and puts his face this close and i said what are the 5q looking at? [laughter] this lot eight days a guy flies back 15 feet like the

mcdonald's drive up window is possessed then i push the envelope. after i got involved with packing a that was to gain more control over the phone company systems so i could pull more pranks. then i got involved with the phone company switching is a and i started to push the envelope because i was having problems with the security department to the point* when i was 17 years old they sent a letter to my mom we're removing your phone service and my mom was so angry with me that she grounded me but i said don't worry about i can get the phone backed. [laughter] what are you never was 13 and i called a certain department in the phone

company that does provisioning for airlines and said there is the new unit added to the property and to go ahead and provision 12 p and a few-- later i went to the hardware store i took down 13 and put up 12 the. when i did this a i guess i had some of let's but i asked for a special number i would like a number ending and 56 d10's my favorite show was and i said my name is jim bond then i said maybe you should make the listing to my real first name is which is james per cry had the name james bond ending in 007 then the phone company got wise before three weeks then one day it

went dead but six months later they gave us a phone service back. at one point in my life i was arrested for hacking into digital corporation and the government at the time needed to set and a sample that we have this behavior we need to set an example for everyone in the united states broke i remember when i went for a detention hearing the federal prosecutor had told a judge not only do we have to detain kevin mitnick but make sure he does not get near a telephone in prison. [laughter] the prosecutor said the reason is he can pick up a phone and dial into norad and it was sold beaumont code. i actually laughed because i

thought that was incredibly stupid because i thought he would lose all credibility but the judge bought is why was in solitary confinement for about one year. would you think that would stop me? no. to have a special list of phone numbers i could call to my wife at the time. the marriage did not work out because i was in custody. that is another story but what my family would do i was in high security sunday handcuff you can shackle the legs then move you to the phone room which has three pay phones on the wall and a guard would say okay who do want to call today? he would dialed the phone

number and hand me the phone and then back up and would not take his eyes off of me. how can i defeat this? the hands that was long i would walk back fourth i would be scratching my back against the phone and i got a guard used to the behavior then i actually put to my hands behind my back i could feel the switch took a one day i ended the call and kept talking as if it did not end. then i leaned back and pulled down the switch took because you have 18 seconds before the font goes a beep beep beep so five seconds later i scratch my back and die as o plus another number than the next thing that will happen is the operator

will say who was the oak yes 12 harry cavanagh and i could call anybody while in then high security court order restriction that only lasted a few weeks. one day my soul door opens and it is the executive of the prison they shackle me up and begin a conference room and a captain says howard you do that? you are be dialing the phone the officer is watching and somehow you are we dialing the phone i said i am not david copperfield i don't know what is going on with your monitor system but i don't know what you are talking about. of course, i am in custody. why would i admit anything? two days later i hear a commotion and it is pacific

telephone installing a jack. i'm thinking maybe they will install a phone so they don't have to bother with me. the next day the guard brings the phone with a 25 eye hand said gourde in then i could not touch the touch-tone pad it reminded me of "silence of the lambs" and hannibal lector. [laughter] one of my favorite hacks of all time not because i am proud but i have a book chapter call social engineering were you use manipulation and deception to get somebody to do something they would not ordinarily do. they will ask for passwords may be 5% of the time but usually get someone to do something that lets the attacker and.

today they have an attacker to do research to find somebody that works in the company they want to compromise to find out who they do with with the vendors, suppliers, customers come other facilities and then manufacture the email with the booby trap pdf files on the open it expose is the possibility now that hacker is on that desktop into the internal network that is using social engineering to get somebody to do something big is the attacker a benefit. boeing back to 1993 live in in denver colorado at the time i was not living under kevin mitnick because agencies wanted to talk to me and i did not want to talk to them.

i was using the name erica wyss harry houdini i thought i had a sense of humor but the fbi has no sense of humor that i found out. so my colleagues at the law firm handed me a brochure for the it might your tax cellphone it is like how the iphone is today. it reminds you what of the "star trek" communicator. i wanted to understand how it worked because my number one driver was the pursuit of knowledge by one to know how things work. i like doing things i was not supposed to do for the fun of it but i want to get access to the firm where.

you cannot call motorola to ask for the firm where because the source code is proprietary. remember orange julius? the powder? that is the same concept my left the office at 3:00 in the afternoon, a directory assistance and got the number four motorola i said i am looking for the project manager of the ultralight project. but they tell me all of the cellular development is handled at a shop in illinois and what i like the number? of course. i give the same story and then transferred around

about eight times now i talk to the vice president of research and development for all of motorola mobility device. i said "this is it" is rick in arlington heights i found they had a facility there. he said that is p.m. and she works for me i said can i get per extension? he said can i help you? i said to go. i will deal with her. so instead of getting p.m. i get the outgoing greeting she told her collar she left on a two week vacation if you need help to please call of the shot on another extension. that was the voice mail assiduous my next call to? alisha.

the since nick did family on vacation next? she did but she was supposed to send me the source code to them might protect old july. by this time i m walking down broadway downtown denver, it was snowing and horns were honking alice trying to press the cellphone close so she could not hear the traffic. i did not expect this to work for it was extemporaneous. she says what version do you want? item even know the number. i did not even check. i said the latest and the greatest progress she is tye paying i could hear the keyboard and she says i found the latest release and there is a problem.

there are hundreds of directories and the charity there are hundreds of files i said do know how to make the files into one and she said no i said would you like to learn? she says yes. i love to learn new things. [laughter] i became her instructor for the day at the end of the less than we had a three mb file that contained the source code of the phone i wanted to study. my next question is do you know, how to use ftp then i say i did not prepare for the she will send me the code i could not give her my a code name hacker but i had a great knack for remembering it address i

send it to her had the anonymous account and when she tried to connect it would time out. she would try its four times i am disappointed because i think how do i get the vyyo? she says i will talk to my security manager i think this is a security issue. i say no-no no. i am on a cold. i say it is up. you know, when you are winning then somebody returns to the phone i am almost to my apartment i assume motorola is looking up the tape recorder it will be exhibit a for the court case later she comes back later and says i talk to my security manager and that

address is outside of the campus. notice i am not talking and she said we have duse special proxy sir to send files outside of motorola to 19 but somehow the account. but my security manager was nice to give me his personal name and password to send you the file. as night birds been -- plug in micki into my apartment i have the source code now they are a great company and have the best security monday can buy but they did not train their people well enough and i was prosecuted but it was so easy to do.

eventually i became a fugitive and a lot of the book covers my cat and mouse the fbi sends an informant to help them nab made then i could buy figured he was truly an informant then i was so curious what was going on i just had to know if i tap into the local cellphone provider like at&t or t-mobile i could identify the telephones of the fbi agents chasing me. i could do traffic analysis to see who was calling them and who are they calling for those people calling. i could also get location information so i was watching the fed's trying to

capture me to play the cat and mouse game. eventually i was able to set up a device that my office was working as a private investigator and came within wonder 2 miles said it would send to be an alert like the fbi warning system. september 28, 1992 walk into the office early and i put to in the code and i keep hearing the beep beep beep. did they change the code? it is getting louder. i hear that it comes from my office that i am concerned somebody put a tracking device in my office. to my computer it had detected a cellphone in the

area two years ago. they did not come to arrest me but to search my apartment. hi went over of doughnuts after cleaning my apartment i"sq

access devices that their physical these are parts but i did not build this device but i bought it it is the card spoof for if i can get close enough to somebody wearing a the card i can still the access credentials then replayed them imagine if you wear a suit, you put to this in the pocket and run it up this the ban take it to tap somebody on the shoulder it is close enough to capture the credentials.

i will show you how this works. it is some kind of cool. i have three demonstrations to show you. this is like a reader. hold on. of course it is murphy's law. i think my machine froze. i do not even see the mouse. jesus christ. okay. who is hacking into my machine? okay.

this is the cared id and you have probably seen this around new york city so imagine i am the bad guy and i want to steal the provincial scott hoch -- of the credentials. i just have to set this up with a battery pack. obviously you do not carry a computer this is the antenna to steal the credentials. if you press the button it basically a goes into a mode this is replay if you pass in front of the device, there should not be anything there. there is nothing to replay

then i press down now it is in a listen mode now waiting to steal the card credential. and now i want to use them i just press the button again and it stole the credentials. this is the card spoof if somebody gets too close to and patty you on the back they may not be a good friend of yours been trying to steal your credentials or use this assessment when companies hire me to break and i find restaurants where a lot of them wear it on her hip instead of their neck it

takes just a second to brush buy them. then i am there. that is one attack. . . the response systems to scam people. if you ever call your bank and you hear -- and never get a person anymore. what happens if you get an automated system and you put in

your credentials, passer and if it is correct they transfer you to somebody. so imagine if i could send you an e-mail, make look at its coming from a financial institution, but instead of clicking on a lancaster told not not to do that because everyone in the sternest martyr and you're not going to fill out a farm, but it says we found a problem with your account. please call within the next 24 hours or your account will be terminated. what are the chances that something is the bank? let me show you what happens if i send you to e-mail and you go ahead and call your bank. i want you to watch the screen. i'm going to try and put this on speakerphone. so everyone can hear because we don't have a phone here. but we are going to do is we are going to call chase. does anybody have a chase card here? [laughter] i don't know why nobody volunteers. i have one.

so imagine you get an e-mail and access to call chase. that's the number on the back. i'm going to put this on speakerphone so you'll hear a. and then i want you to watch my computer as this happens. and this is the real bank. [inaudible] do you hear that? >> it is asking me for my credit card account number. wait, that's weird. >> we are sorry. the number you entered was not recognized. please enter your full 16 -- a credit card account number. >> some people put in the credit card number. so it's capturing the card number and real-time.

>> please enter your zip code. >> so that's how it indicates that ms. zip code. 89074. >> please pricier at any time. your current balance is 11,000 -- >> okay, so -- >> that's a big talents. all this expensive hotels here in new york. so anyway, how this actually worked as i did a man in the middle attack. i give that a telephone number that looks like the bank's number, it's a toll-free number. when the victim calls that come in the calling number of controllers. they connect to a system and then my system calls out to the real bank. so i am the man in the middle. you could do other transactions, talk to this customer service rep and i got your credentials. there is no way to detect this. the only way is to be worried if someone says you an e-mail to check and make sure the phone

number actually belongs to the bank. so the way hackers were doing this before and i thought of this as a better system than if they had set up an open source pdf. but they do is call banks, credit card companies and it would record all the props. then they set up their own numbers so it sounds like the bank and feels like the bank. if you putting your real credentials, it doesn't work because of the state. what they do is basically say well, we are sorry. there's been a problem with your account. please type your customer service rep and will transfer you to music on hold forever. so this is a better way. one last democratic that would be cool to show is about getting information on people. so i need a volunteer. when i'm going to try to do is get your address, phone number,

dated years and social security number within 60 seconds. so if i could do it, then you know the identity thieves can do it too. this is a wake-up call to show you how easily somebody can get your information on the internet. i'm looking for somebody doesn't have a name like l. smith. somebody that has established credit, not somebody that's in high school. do i have a new volunteers? you have to allow me to display your stuff to everybody in this room. [laughter] , i'm down. come on down. you have to give me your real name. i know you're not donald trump. all right. these are the databases -- [inaudible] so here's a database that anyone can subscribe to. i'm going to make the window a little different here. what we are going to do a news

reinstate the user. so what's her name? [inaudible] and your first name class [inaudible] >> netscape. that's not like a bill smith or terry jones. how long have you been in your? >> on my last. 22 years. >> so like a buck 50, let me show you what identity thieves can do. it's kind of scary. >> my lawyer can answer that question. >> june 1st, 1989. this is how easily identity thieves can use databases to ditch her social commentator birth. the sec as well.

[inaudible] >> doesn't matter. doesn't matter. in fact, people think their mother's maiden names secret. so i'll show you another -- in fact, what is your mother's maiden name? [inaudible] what? >> thank you fair match. i'll use that later. okay. i'm sorry. i'll rate. all right. hold on a second. hopefully my account still works here. and this is kind of scary. you know, i was surprised. in case you're looking for my password, it's kevin 123 to make it easier. so, mother's maiden names. who played in catch me if you can?

dicaprio. here's one in california. the thief or confined his mother maiden name. so dicaprio is spelled that way. and then we'll just let for anyone with leonardo, look at research. there we go. so it's down to leonardo dicaprio. his mother's maiden name is entered her. that is how easy it is. basically kirks can get your mother spending my drivers license, security number, addresses and phone number. never use those as a password. i remember calling my bank five years ago and then authenticate me with the last four of my social. i said i want to used to password. this is no come you're socially secure. nobody can get it. i said can i get your name. i want to show you something cool. no, sir, i can't do that.

i was able to show them that the social is an open book. so i'm here to sign books and we can open it up for q&a. i do care for all of you that have shown up tonight. and the gift is my business card. so what's cool about this business card? what is cool is if you get locked out of your house, this is a lock pick. [laughter] so every time i go to the airport in tsa because they carry a lot of them, i get a back check. they say that the circuit board. no, it's not a circuit board. i explained to them if they luckett said. to go cool, can i have one? so after my talk i have a card for all of you. it's kind of a gift. [applause] so you can ask me anything you want. you know, except my password.

and i'll be happy to do some book signings or whatever. >> if everybody could please pray for the mike so everyone can hear. >> hayek, now that you have revealed -- now do you have revealed everything, how do you keep things private for the future? >> you have no privacy. get over it. that's the problem. that's why there's such a problem with identity theft in america. she's so easy to steal the information. it's just simple and that's the problem. the system is broken because you authenticate under social security number and your mothers maiden name, which is not the thing to do nowadays. >> do you agree with adrian leno?

>> what? >> your greatest decision to go to authorities? >> i don't agree with why he went to the authorities. he is the guy that turned and bradley manning who was i think the private u.s. army who stole the documents from supernet and turn them over to wikileaks. and what i know of age or his background and i know the only reason he did it was for the media attention. he didn't do it because it is a patriot or are free to be a co-conspirator. i think he did it for the wrong reasons. basically inform on somebody for his own personal benefits. so for that reason he did it come i don't accrue at the. he did it because he wanted to protect the country or he was because afraid of being prosecuted as a co-conspirator. so there's my answer. >> thank you. >> you're welcome. she wants wait for the mike? >> hayek, reimbursement.

i wonder if when people use the service like represent.com to get themselves out of the databases to whether that works. >> no come you get that done some. but the information is bought and sold. the only way to get yourself out of databases is to do what i did, creating new identities. but it wouldn't suggest it. that's the only way unfortunately. yes, sir. >> hi, my name is steve. first i wanted to thank you for the radio interview this morning. that's what i learned about this. now, i have been involved in education and i teach a lot of computers and robotics. now, a number of years ago i personally got into this thing with a company that was developed and software-based way that was encrypt deemed your own personal e-mail, own personal

messages. one of the companies is using an algorithm. alice's co. in fact. and after that, i see ppg, other teams. do you have any idea why the present society people are so open with these communications in this instance basically through the internet, through the air and her everywhere without encrypting it? or do you feel that encryption is something that just can be hacked and broken into and is meaningless to you? >> well, when i was a teacher, the fbi used encrypted radio transmission. i really wanted to know what they were saying in case they were close to me to ensure they are not talking about me so i can get out of there. and so, rather than try to crack the crypto developed by motorola or try to get the key, which would have been impossible to come in the attack i did was

what we call it denial of service attack. when one side of the fbi was communicating with the other, i would jam the signal. i did this three or four times. and then the agents that their radios were malfunctioning and went into the clear so i can hear. that was a way of cracking government crypto without having to break the key. >> i wasn't talking about government. i was talking about me sending you an e-mail so i know only do would be be getting it. in fact, i am so terrified of this e-mail business that most of my communications with the outside world they seriously use u.s. mail for almost everything. >> if i want to get your communications, i wouldn't worried about intercepting in real time. i basically break into your system using some sort of now where so i could just interceptor keystrokes. just because used encrypted e-mail doesn't mean you're secure. >> so your same encrypted e-mail

israeli hacker bull? >> that depends on the endpoint. you could break into alice or bob's computer, you can get the unencrypted communication without bothering by cracking the key. >> i've been a big enough to banks. this is why i got to be so fearful of this come away municipal bond was being transferred from one bank to the other end between the two banks it was literally taking than three years to try to trace it because it feels receives from bonds. that was the only thing physical on paper. from that point on i give robotics, programming. i'm very much into public domain, but i'm terrified of e-mail and i think you the reason. >> i can understand. >> thank you for coming. i want to pass the mic to the gentleman over here. >> how did you get started with

the free kevin movie? >> i didn't get started with it. it was a magazine. but it happened because of the unusual things in my case that i was held for four and a half years without a trial, there is a lot of -- they wouldn't give us access. there was a lot of issues in the case. emmanuel goldstein, after three years of this happening started the free kevin movement to get the word out about what was happening. >> how did she hear about it originally? >> basically by family, by people sending me snail mail when i was in custody. that's how i found out. through telephone calls they had the family and friends. >> i thought it was an interesting story be putting a sticker to the window and everything imprisoned. >> when i was in custody they sent me some free kevin bumper stickers. i'm a 35th earth day, some people from 2600 magazine came out to the prison and i knew they were down there.

i said wait till 1:30 to get it passed the law library. i had a free kevin bumper sticker. while i was in custody in federal detention, i was able to put the bumper sticker in the snap a photo. >> thank you for a match. >> you're welcome. >> i think you're next. okay, you go ahead since the mic as next year. >> has been the way cats -- is being a white hat actor give you enough thrill of interest? >> yeah, my drivers for hacking or intellectual curiosity, pursuit of knowledge, you know, seduction of adventure. it was never about stealing money or rating nowhere. and so, i did get a huge endorphin rash when i was able to crack a system because it was like a video game of bypassing security obstacles. i get the same endorsements

today. when i get into a system, it really feel good about it and it's kind of still like a little bit of thrillseeking. i get paid for what i did illegally years ago. which is pretty good. it's like when can you take something of a criminal activity and make it legal? >> when i saw you doing the hiv and are set media that was nfc payments where they wanted us to have, just what everybody knows, and rfid kind of attack. is that pretty easily breakable as well? >> there's a guy the guiding chris bosh and if you google his name, there was a security conference in moscow just that was able to interceptor cards at a pretty substantial distance. again, you know, the head technology is the only technology i put that because they are doing physical hentai.

i haven't looked into rfid stock. yeah. >> hi, so obviously you've experienced the problems that the system. what type of ad agency do you do today in order to fix some of these things? and a testified before congress and stuff like that, but is there any more underground stuff going on quite >> where they haven't advocated anything because i feel like i'm powerless to change the system. so the world has changed. everything has completely changed. now we have the pastry attacked and a lot of laws that are passed to protect us from terrorism. then the government still wants to keep those lost on the books even after christ is all because it gives them more power. signing, it is actually gotten worse than it was back in the

mid-90s. unfortunately, we have to live with it. yes. >> my intrigue started a young age and computers, much inspired by u.n. must say. what was your first experience with a computer system? >> high school. i was a senior in high school i try to get into the computer class and the instructor refused because they didn't meet the prerequisites of having calculus and all these other prerequisites under my belt. so i started showing him some of the tricks i could do at the phone company. he said okay, you can come in the class. so that was like my first experience, kind of working with computers. of course the teacher probably regrets that decision today because i kind of drove him crazy. one of the first programming assignments was to write a

program that would find the first 100 in 19 numbers. i thought those kind of boring. i thought a cooler program and be a program that would steal everybody's password. so the students would be at their terminals. they would log in come the paper we call a login simulator. so when they login, they're actually talking to my program, not the computer's operating system. unfortunately it didn't have enough time to finish the assignment, but then i turned in my password stealer programs in the teacher was impressed and gave me ana. and a lot of added boys. he said kevin wrote the school program and show to the class. today she didn't school committee probably be arrested. the back of my day, hacking was not illegal and you're actually encouraged by teachers in high school that was a cool thing to do. and because probably these tactics is what led me on the path where i started out hacking

and i got so passionate with it that i just didn't stop. any other questions? to have a question of if they are? >> i've got it right here. when you are doing all of your hacking, did you think you are going to get caught? and you know, was it worth it up beyond? >> well, no. actually when a certain from the government i was so adept at creating new identities that i thought it would be really difficult. it was not in the back of the mind to keep doing the same things. so eventually figured if they made the mistake, i probably couldn't get caught, but it wasn't thinking when i was on the ground that i'm going to get caught. i actually thought it would outsmart the fbi, which obviously was a ridiculous notion. but then it was many, many years ago. it was a cat mouse game between me and the government.

when i was running, i didn't look over my shoulder. i wasn't afraid of every cop car that passed. i was so worried because a bona fide government issued i.d. and have legitimate jobs, work in an offerman denver, hospital in seattle. i set up early warning systems at the law firm. one of my responsibilities for supporting the loughran telephone system, which was kind of cool. i couldn't have written a job description better myself because now is able to insert code into the system so if anybody at the loughran called the u.s. attorney's office with the fbi, it would immediately send me a page with a four digit code that was 6565, which happen to be the last four digits of the telephone number for the fbi los angeles. i set up early warning systems so if anyone had the tripwire, it would be let's get out quickly enough. >> i want to know -- it seems like obviously you were innovated to do all of this for the thrill of it.

is there anything out there you see now that actually kind of scares you that people are doing things? better to start those. >> hockey now it's all about organized crime, leveraging hacking skills are recruiting hackers to steal credit card accounts, identity theft, bank fraud. that's become a huge problem because back in my days the people i associate with in myself again it wasn't about the money. it was about the thrill and expiration. and it's all changed your distillate groups of hackers that probably do it. maybe low-fat, but that was more for immediate attention and trying to send a political message. but most of the trend has gone towards profit. >> so i've kind of a funny question. i've heard a couple different

versions of the day you got actually arrested. so one of the versions has you coming to the door and the fbi agents saying this is kevin. you kind of denied it and said well, do you want me to show up tomorrow in a kind of threw him for a loop. >> is actually detailed in the book, but the full details of what had happened is i actually had the fbi -- they were sure that i was kevin mitnick for about three and half hours because i was actually good actor that day. at one point in the research and my apartment, they handed me a wanted poster. they handed it to me and said, does not look like you? extended it for a moment, thinking maybe i could really get out of this. i go now, it doesn't. what am i going to say, right? so, i've been going for like three and a half hours because they don't play games, but they

knew they could arrest and take me down. they don't have time to joke around. so i was really hoping. at one point i was really hoping i could get out of the situation. one of the case agents said we're going to have to take you down to the fbi office in fingerprint you to see if you're really mitnick or not. i said why didn't he think of that idea earlier and then we wouldn't have wasted all this time. in fact, tommy what time to show up tomorrow morning and i'll be at your office. i tried. i did nothing to lose, right? i did my best. of course it didn't work, but i did my best. >> my question was actually about -- your hacking is social engineering. >> is both actually. >> do you consider yourself more analogous to frank aventail junior and you do to people

understanding that a hacker is, like from what we see in movies, hackers or sneakers, do you think that is more of what you do is suppose to like what frank aventail junior is doing? >> when i was doing the attacks, was a hybrid of social engineering and technical attacks. for example, let's say to take collects way to get into a large company and is looking for a piece of code because if i got access to the code, i could figure out how to break into the operating system and i would use social engineering to find out what server the code i was interested in was on. it would be much faster than me sitting on the networks for a month looking for it. they basically use social engineering and technical exploitation. but we focus for the social engineering side because we thought it was more interesting. and frank abigail reviewed the book and a light day. he actually called me a master social engineer.

i don't know what this means in this category, but i guess it to complement. so i was very happy that he did because he never reviews books. it was a great honor to have my book reviewed by him. any other questions? >> what is the relationship -- [inaudible] >> you follow me on twitter, okay. >> obviously john markoff and i haven't spoke. john markoff is a "new york times" explorer who read about me back in the 1990s and in his reporting, he actually has stated aims that weren't true, that they hack in 1993 and started a nuclear war. that was right out of four games. amongst other ridiculous accusations, but it did visited elevated the interest the government had and his agenda i think was his agenda was he wanted to write a book and do a

movie. so did "the new york times" at your disposal, a match in the interest you can create in you can cash in. so on twitter the other day, of course i'm a naturally born, so i twittered and said "the new york times" did a book review. i twittered i don't understand this. "the new york times" did a book review, but the last three times they went about me on the front page and are not on the front page this time. so markoff, this wasn't directed towards responded one or two days later and says maybe that's because it wasn't written well. kind of like a date. so i told them the same, john, let bygones be bygones. i think you should become a fictional writer because you have a great imagination. so then it nonstop. anybody else?

>> were you in the card and game also? >> or what? no i never did. that's using other people's credit card numbers. >> have you read kevin olsen's new book quite >> at the next excellent new book called kingpin, about his card and underground. i really enjoyed his book. >> everything is true in that book? >> i believe so. >> is there anything you'd like to share that we don't see in the book that got cut? >> we could be here all night. this could be till tomorrow morning. in fact, my editor, john pursley over there, my fantastic editor [applause] loves telling bill and i., you know, euro for word count.

you have to get 10, 20, 30%. i couldn't figure out what stories to cut because they were also interesting to me. and he was just like a miracle. i guess john decided we are going to be the lead of the stories and then we didn't have to cut it out. but i was talking to build the other night. i go, we just missed the story i wanted to include. we both laugh about it because we can't edit it now. there's lots of other stories. [inaudible] >> the next. i'm trying to think the one i was trying to think of the other day. okay, here is one. when i was running from the government, on my computer i kept everything encrypted. at the time i was using norton's discreet. discreet was supposed to be using 56 debellis to encrypt your virtual disk.

and this guy named peter got been cut by renowned cryptographer read a paper talking about how vulnerable it was. when i read it i go my god, i'm using his product. so what i did, as a hacker would come i hacked into norton and took the source code and analyzed it myself and found out there was only 30 bits of entropy, and meaning there are 56 bits. really 30 affect debates, which means anybody can crack it in no time. so is any good hacker would do, or change the encryption tool i was doing and the feds never were able to crack the key. there's one story that's not in the book. i hand back there. >> do you have any advice for starting around times company or anything like that? are like different nowadays.

>> i'm a competitor. i think it's a terrible business then you shouldn't compete. actually hired the best people. when i do pentax, i have an hourly rate. i think how many hours is going to take to the pen test. because i am so passionate with this type of technology, i ordinarily spend twice the amount of time. so i'm basically, you know, doing this has pretty much free because in the scope of the agreement come not only have a spent x nighttime, but i find it went to investigate some pain. i think this would work and then i end up spending some time doubled at time on the engagement and i'm not charging the client more because they want to do a great job for the client. the good thing is i get a lot of those repeat business. they say you overboard and i said yeah because i want to own everything you have. if i didn't break into

everything, i don't feel i did my job. >> i don't know really where to start with this. you're saying the world has changed a lot. i know from my experience, i do work with high school students and outside of kids out there that are fascinated by hacking. but what they are doing things like trying to take video games so they can change the game slightly from one game platform to a computer or something else. i'm old-style hacking is alive and well to some extent at the second thing he wanted to point out, how do you feel about open source material, open source limits, things that are publicly shared? >> i'm a proponent of open source. i used it myself. in fact, there was a 10-year-old girl at devcon this year.

she was actually able to crack some of the videogames on messing messing with the timing. so here you had a 10-year-old girl who was a hacker to play games. so it's like kids these days, you know, what are they going to grow up to be? really good pen testers are scary people? any other questions? so, these business cards actually cost me money. so rather than sell them to you, all they need is your password. [laughter] i'm kidding. or your social -- [applause] [applause] >> well, i hope you enjoyed the book. it's been great talking to everybody here. one last thing is in each chapter, you'll see on the chapter heading there is a

cryptogram. so i'm the odd chapters, cryptograms are quite easy. i'm even chapters, dear little more difficult. and because they can't legally do that is, this is what it will probably do. it's not a promise. i'm going to find everyone who is able to crack the codes and find a website the registry not entirely put their names in a bucket and drawn out 10 names. the fbi was kind enough to turn back from a computer evidence. so i'm probably going to get out the tenant does. but it's not a promise, so it's not a contest. but that is probably what i will do. so i'll be happy to give out cards, sign books or whatever. [inaudible] >> yeah, let me do that. [inaudible conversations]

>> for more information on kevin mitnick, visit mitnick security.com. >> i began two years before the bombs began to fall in cuba, exactly two years today. april 5th team, 1959. that evening, fidel castro arrived in the united states. this was his first visit to the united states since taking over cuba at the start of the year. richard nixon was vice president, john kennedy was from massachusetts. to visit with something like a promise, he and his bearded entourage arrived in washington loaded this cuban round and castro spent most of his visit hugging and smiling and seeing all the right things. there were some americans,

including some at the eisenhower administration, including dwight eisenhower himself that had serious concerns about eisenhower. mainly he was a communist, but many found him to be quite charming and certainly charismatic. after a few days in washington, castro went to new york city. from the moment he arrived at the station, where he was greeted by 20,000 people, he had a grand old time. he went to the top of the entire state will be in shook hands with jackie robinson. went to columbia university. having less than in the new york city, where the policemen were a sign the assassination and reporting to the press every day. none of these turned out to be real, but police didn't know that. castro is completely impossible to protect. one afternoon on a whim, he decided to go to the