Shawn Ryan Show - #85 Bryce Case Jr. AKA YTCracker - Anonymous Hacker
Episode Date: November 23, 2023Bryce Case Jr., aka YTCracker, is a hacker and musician. Bryce has been called "The Original Digital Gangster" for his early adoption and manipulation of all things online. Ryan Montgomery, a fan favo...rite on SRS, calls Bryce his mentor. In this special Holiday release, we cover Bryce's life story starting with his early exploits when the internet was just coming into itself. We discuss his aptitude for clever digital marketing and finding money-making opportunities in every corner of America Online. Bryce made a name for himself in the hacking community by digitally defacing government websites like NASA and propping up coalitions of hackers across the web. A "Black Hat" now turned "White Hat," Bryce Case Jr. has repurposed his unscrupulous skill-set into a leading force for cybersecurity, working with some of the largest tech companies in the world. Shawn Ryan Show Sponsors: https://lairdsuperfood.com - USE CODE "SRS" https://shopify.com/shawn https://gcu.edu/military https://puretalk.com/ryan https://1stphorm.com/srs https://bubsnaturals.com - USE CODE "SHAWN" https://blackbuffalo.com - USE CODE "SRS" Bryce Case Jr. Links: IG - https://instagram.com/y7cracker Twitter / X - https://twitter.com/realytcracker FB - https://facebook.com/ytcracker Website - https://ytcracker.com Please leave us a review on Apple & Spotify Podcasts. Vigilance Elite/Shawn Ryan Links: Website | Patreon | TikTok | Instagram | Download Learn more about your ad choices. Visit podcastchoices.com/adchoices
Transcript
Discussion (0)
Hey everybody, it's Thanksgiving 2023.
We're releasing our Thanksgiving special.
We were actually going to break this up into several portions because the episode is that good, but me and the team decided to release it and give it to you all in one There are a lot of you out there who are spending this day alone. So we want to give you something to enjoy with.
My next guest,
they have what a fascinating gentleman.
The hacker community.
It's, uh, it is a
community that I am very unfamiliar with, but in becoming more and more
familiar with with each interview that Tess do with this stuff. And I'm not unfamiliar with, but in becoming more and more familiar with, with each interview
that Tess do with this stuff, and I'm not going to stop.
I believe, I've said it multiple times, I believe that the warfare in the world is changing.
I think that conventional military is becoming obsolete in a hurry, in gentlemen like this,
with the knowledge that this man possesses
is what it's all gonna come down to.
I'm just so thankful that I got the opportunity
to meet this guy.
He has the country's best interest.
He always has, in fact, he tried to get the country's attention by exposing
vulnerabilities when he was just a kid, 16, 17 years old. Nobody took him seriously until
he successfully hacked into NASA and defaced their home page on the website, which then
they sent strike teams to come find them. That got their attention and then they fixed the problem.
Ladies and gentlemen, I hope you have a wonderful Thanksgiving. I'm thankful
for my team, my family, my country and all of you. Please head over to Apple,
podcast and Spotify, leave us a review, like, comment, and subscribe
to the channel.
And without further ado, please welcome Mr. Bryce Case, Jr.
One of the premier top hackers in the entire world to the Sean Ryan show.
Happy Thanksgiving, everybody.
Much love.
One last thing we see a lot of you
taking our content, making reels,
putting them on your channels.
We love it.
There's a link below.
It's got thousands of reels,
raw, uncut, download them for free,
put them on your channel,
monetize them, make money.
All we ask is tag the Sean Ryan Show.
Happy Thanksgiving.
We love you. enjoy the show.
["Spray the Show"]
Bryce Case, Jr. Welcome to the Sean Ryan Show, man.
Pleasure's mine.
It's an honor to have you here.
It's an honor to be here.
I'm sitting in a chair that has been graced
by so many luminaries.
I feel a little under honored.
I don't know.
There's so many heroes that have been here.
I just feel out of place, but it's fun.
Oh, man, please don't look.
Everybody that sits there thinks the same thing.
Okay.
So you very much deserve to be sitting in that chair,
but I appreciate the humility.
Thank you
But so you kind of came on my radar. I interviewed your buddy your friend Rhyma gummery who's now a good friend of mine I love that guy great. I mean just a huge heart and
Doing a lot of good in the world, but he described you is his mentor
in the world, but he described you as his mentor
when he was coming up. And so I was like, oh man, I gotta meet this guy.
And so we got connected and here you are.
This subject hacking in general is just so foreign to me.
And I'm super interested in it.
So we get a lot to talk about.
That sounds good. But.
But.
Man, how did you get into this?
Well, when I was young,
I had a computer in my house
and it wasn't entirely common.
I'm 41 now.
And so when I was a kid, now kids have everything. They got tabled's phones, whatever else.
But yeah, my father worked in the defense industry. He worked at a Hughes Aircraft company and then
Martin Marietta became Lockheed Martin, but he was more on the hardware side. He did a lot of
stuff with
rockets. He designed the guidance system for the toe missile, which is out of the Bradley tanks,
and then he moved on to the Titan and Atlas rockets, which carried this spaceship up there,
which carried this spaceship up there, the satellites and stuff.
But he obviously had access to computers
and for, in a time when it probably wasn't as common
for people to have computers in their home.
And so I just fell in love with the computer
from a very, very young age.
My mom was a stay-at-home mom and
she was big into interacting with me and kind of keeping me precocious and whatnot.
And so I learned how to read when I was two and then by four, I was already just infatuated with how computers worked and programming them and stuff.
So there used to be these books and magazines that would have basic programs that you would
transcribe line by line into these computers.
And so if you wanted to run games or applications or something, they would have
just a printout of all of the lines of code that you would need to enter. And so it was kind of
learning by doing type thing like you're mimicking and you're kind of seeing how these things work
and interoperate. And so started out obviously changing, you know, the names in the game to myself or, you know, whatever else fun stuff
I wanted if I wanted more ammunition for my spaceship and you know, I need to change those things. So yeah, just really curious about computers from
So it all started with coding for games. Exactly. Get the cheat codes. That's it. Right on man. Yeah, yeah, that's where my hacking career started
codes. That's it. Right on, man. Yeah, yeah. That's where my hacking career started. It was a very short lift, but before we get to in the weeds, because I want to cover your whole
life story. Okay. So I want to cover where you grew up, how you grew up, what it was
like, what you were into, getting into your hacking career. I know you did some black hat stuff and hopefully we can talk
about some of that then you defaced some government websites which I think is
incredible and especially the way you did it and so I want to get into all that
but let me give you a quick intro real quick before we get into your life story. So Bryce Case Jr. also known as YT Cracker, YT Cracker, which we'll get into that.
Is that a call sign?
It comes from a cyberpunk novel, but it's a sort of an in joke amongst computer professionals.
It means, you know, YT Cracker obviously means something to think most people,
but people that are in the know,
YT comes from a book called Snowcrash, which is this seminal cyberpunk novel.
And there was a character called Yours Truly, who went by YT and that she was a
courier, which is, and I had a pretty storied career in spamming, and then Cracker used to be the term for a black hat,
basically.
The hackers were always kind of known as the curious computer
technicians instead of trying to just find out how a system
works.
So it was more about the curiosity thing, and then the media,
even in the 80s and 90s started to take the hacker word and
Change it into this nefarious
malicious
connotation and I think recently hacker has kind of become more
Back to where it's roots like you'll hear about things like hackathons which are just where they'll set up a bunch of coders in a room for 48 hours and have them
Just write code.
And so it's kind of become a little bit less pointed
than the term used to be.
But cracker, you know,
the hacker jargon file and stuff used to be a malicious person
who's cracking into systems.
Oh, okay.
Does all hackers have a call sign or code name or? Oh, okay. Does do all hackers have a call sign or code name or?
Oh, yeah.
That generally we know each other,
we're calling handles,
but or Nix, for a store for NIC name,
but for a long period of time on the internet,
before Facebook and everything,
when it was cool to put your real name online,
everybody existed with handles.
And there's people, even to this day,
I feel more comfortable calling them by their handle,
than their real name.
But it's a very common trope.
I think now with gaming as popular as it is,
people's gamer tags is very similar
that people refer to each other as their,
what they play called
a duty under.
But all that stuff kind of stemmed from the hacker community.
Interesting.
Yeah, yeah.
I mean, this is kind of how it is.
It's the, you know, somebody's call sign, but you don't know the real power.
That's funny.
You know, there's like a joke when a guy, there's a lot of drama within that agency.
Oh, I'm at it. And it's funny.
You'll see like a guy that hooks up with a girl in there and they always fall in love, you
know.
And then it's like, come on, man, you really, like, you don't even know a real name.
It's basically the same conversation as you have when your buddy falls in love with
somebody at the strip close.
I understand.
It's like, you don't even know
They're real. Yeah, come on three in the morning. Come on. What are you doing? Yeah, you just know the call sign? Yeah, yeah
But let me finish up
Your intro so the original digital gangster
cybersecurity hacker or the forefather of nerd core, which is a hip hop genre first generation anonymous hacker group
a hip hop genre, first generation anonymous hacker group, hacked into multiple international government and corporate networks, you're a published mathematician.
Now you develop cyber weapons.
To me, after our dinner conversation last night, I talked to Ryan Montgomery, obviously,
because he's the only other hacker that I know I know too
Yeah, perfect and
But you seem to be like the Obi-Wan Kenobi of the hacking community
Which you probably you probably don't I don't appreciate that yeah, but to me
That's the way you appear so
But anyways everybody starts off with a gift
that comes on the show.
So, here it is.
We take, I know you've watched a bunch of these.
Yeah, you know, we take mental health
very, very seriously on the show.
Beautiful.
And so, those are performance mushroom,
it's a performance mushroom blend. You can dump that into your coffee. Beautiful. And so those are performance mushroom. It's a performance mushroom blend.
You can dump that into your coffee.
Beautiful.
It's layered super food.
So we partnered with them because of,
because we're so into mental health and brain health
and part of mental health is keeping your brain sharp
and that will do it.
Very important.
And then there's some other stuff in there.
Sounds like you like flavored coffee,
so that's a coconut creamer.
Can go with it.
For fall.
And there's another one in there that's an instant latte.
It's got all kinds of adaptogens in it.
Basically, all the products that have the cleanest,
they just have the cleanest ingredients,
knowing demand.
Sounds good.
It's good for brain health.
Well, my brain is probably my most important
instrument, so I'm 110% on board with that.
I think we can all say that, at least I hope.
But, thank you very much.
Yeah, you're welcome.
But let's just dig into it.
So, I wanna dig into your childhood
and we covered a little bit of it.
How you got into hacking, but where did you grow up?
I was born in California because again, my dad worked in the defense industry.
He absolutely hated California and he was born in Colorado Springs and my grandparents
were there.
So pretty much the two years that we lived in California when I was a kid, he did
nothing but try to get back to Colorado. And so then when I was two, we moved to Denver,
which was closer to the facility that he worked at at Martin, Marietta, and then two years later
in Colorado Springs. And that's pretty much where I spent my,
most of my life was there.
And Colorado Springs had a lot of military,
I'm still still does to this day.
There's some Shreveur Peterson, Norad,
Fort Carson, the Air Force Academy,
you know, lots of lots of military influence.
They're funnily enough in computer hacking.
War games had come out.
I think the year I was born, which is a movie about a kid
who's breaking into government systems.
And there's a huge focal point of NORAD.
And as a result of that, I think there was a lot of,
there were these weird laws that existed,
like kinda anti-hacking laws that were in Colorado,
that area specifically in Colorado Springs
that just pertained, I think, to,
because of that movie, I'm assuming it's probably where a lot of this comes from.
Back then, phones used to be how you would connect to.
You would just dial them up with a modem.
And there's a concept called war dialing,
which is where you would just take a prefix and an area code
and then try to dial systems.
And you'd see if you get a carrier tone on the other end that was a computer,
but that was illegal in color springs for it wasn't illegal most other places, but for some reason,
they made it illegal there. So grew up in this kind of where the environment, I guess, wasn't
necessarily too friendly, I think to that type of exploration, which is something that I think some kids growing
up in different areas had different experiences.
But, yeah, again, I just really loved computers.
I used to just sit in the computer lab.
I was a pretty good student early on in all the gifted, you know, whatever programs.
But I just like finished my work and I would just go to the computer lab
and just like writing software on Apple Too Basic
to, I mean, how old are you?
Oh, this school age, like elementary school, probably.
Let's rewind.
Yeah, yeah.
It's rewind.
Two years old, you claim to know how to read at age two years old.
I didn't believe it myself.
My mom has cassette tapes and pictures and everything like that.
So, I mean, she was a very,
it was a documentary and, you know, obviously,
I think some, most mothers are at that age type thing,
but yeah, learn how to read.
And then, like, how, what were you reading it to?
Oh, just basic stuff, not like, you know,
cat in the hat level,
Bryce eats watermelon, Bryce pets cats, you know,
just very, very simplistic,
you know, not like a toll-story or Shakespeare anything,
but still two years old.
I know, I wish I was still that smart and be great,
but yeah, it was just, I don't know,
like, there's just some sort of whatever I,
well hold on, yeah, hold on.
So you learned it, I have that you learned to read at age two.
Yes.
And that you were, you learned to program at age four.
That's correct.
Yeah.
So are you one of these, are you one of these geniuses that we read about?
I'm honest.
I wouldn't go that far.
I don't think it's so weird.
It's obviously it's something that you can't call yourself or something.
I don't see it that way, but a lot of it is because I'm exposed to
hyper, just insanely intelligent people at all times. And I see the way there. Mine works
in some senses. I mean, I've heard the feedback that I am a genius and stuff, but it's not
something I think I really... I think the taller...
It's not something you can run around to call yourself.
Yeah, and it's not humble or anything.
I just believe that it's weird,
if you think about just this mountain of skill
and that the people on the bottom of the mountain
like are looking up the mountain
and they see just this pantheon of human beings
or whatever that's engaging in all this intelligent behavior.
But it seems like the higher up the mountain that you go,
the mountain gets taller.
Like, there's people that I think
would somewhat consider were in the same realm
of skill set or whatever,
and they are like, you know,
it's like LeBron James in the NBA.
Like everyone's in the NBA and they're all amazing, but there's just some people that are,
you know, Wayne Gretzky, Hawk eater, you know, there's people that are just so far beyond,
you know, even like that this very elite level.
And I think those are the people that I consider, you know, geniuses.
So it's not a term that I really throw around very lightly,
but I just, yeah, I stand in deference to all these,
you know, the great, you know,
I stand on the shoulders of giants as well,
like a lot of the, where I came from
in the knowledge that I have,
if it wasn't there for me to learn, you know,
and kind of build on top of,
I mean, I'm sure most people feel the same way,
but yeah, I just, it's not something I'm very comfortable.
I'm not trying to make you uncomfortable by any means.
But when I found, look, I'm extremely green in the space.
Obviously, I don't even know a lot of the terminology that you're throwing at me in the
EDC pocket dump that you did.
But when I talk to Ryan Montgomery,
who is the only other hacker that I know at this point,
and I consider to him to be extremely intelligent.
Very talented.
And a very intelligent human being.
And when he is sitting here,
because I'd talked to him about you before you came,
obviously, because I wanted to learn a little bit more.
And when a guy like that, when a man like that tells me, yeah, this was my mentor.
I mean, that resonates.
And then even during your EDC pocket dump, when you're talking about the forum that you
would create it, which we'll dig into. You know, and what these guys are,
I mean, I don't know what they're learning from you yet.
We're gonna find that out.
But when you have guys that are inventing that cable,
you know, that you showed me that looks identical to
a, I've literally identical to and I've just hold it up.
You know, identical to an iPhone cable and basically enables you to manipulate
and access anything that that's plugged into. And the NSA is selling it for $20,000 a
pop. I mean, that's impressive. You know, and then you get the guy who came from a
forum that invented that phone, which we'll talk about later, which
is, sounds like it's about as hacker proof as you can possibly get. I mean, this is people
that are started learning off of your knowledge. I mean, that's, what's that? I mean, how does
that even feel when somebody puts that end of perspective for you? Have you ever even
thought about that?
When I first started this whole podcasting thing
an online store was about as far from my mind as you can get.
And now most of you already know this,
but I'm selling Vigilance Elite Gummi Bears online.
We actually have an entire merch collection
that's coming soon.
And let me tell you, it is so easy
because I'm using a platform that is extremely user friendly
and that Shopify.
Shopify is the global commerce platform
that helps you sell at every stage of your business.
What I really like about Shopify is it prompts you.
All the things that you wanna do with your web store
like connect your social media accounts,
write blog posts, just have a blog in general.
Shopify actually prompts you to do this.
You want people to leave reviews under your items?
You can do that on Shopify.
It's very simple.
Shopify helps you turn browsers into buyers
with the internet's best converting checkout
36% better on average compared to the other leading commerce platforms.
Shopify is a global force for millions of entrepreneurs in over 175 countries and power 10% of all
e-commerce platforms here in the United States. You can sign up right now for $1 a month.
It's Shopify.com slash Sean, that's all lowercase.
Go to Shopify.com slash Sean,
now to grow your business no matter what stage you're in,
that's Shopify.com slash Sean.
At Grand Canyon University,
they believe that the military men and women
are the unique among the uncommon.
You fought for our freedom.
Your bravery in leadership are celebrated by all Americans.
GCU matches your commitment to excellence.
With our counselors specializing in military benefits in over 260 flexible degree programs online as of March 2023.
GCU makes higher education possible for our nation's protectors and their families
to pursue your next journey.
GCU salutes you.
God bless America.
Find your purpose at Grand Canyon University.
Private, Christian, and Affordable.
Visit gcu.edu slash military.
Sometimes, I mean, it's something I've considered obviously, but
that people, you know, it's kind of like a mom a bird,
an internest sort of thing that, you know, a lot of the times, you know, you'll just find
these chunks of coal and then you sort of fuse them into diamonds in some senses.
And I think that that's pretty much the duty of anyone that's good in a field
or whatever is to identify talent and then try to make it something that's better,
you know, than it is. But largely, largely, as the accomplishments of everybody,
I think that has come from something that I've done,
they own that.
I don't want to take credit for anything,
any of the work that they've done,
the work that Ryan's doing and stuff,
that I do see myself as a daycare practically.
that I do see myself as like a, it's just like a daycare practically.
It sounds like you are the inspiration
for many the muse of these guys
that are out there doing just incredible things.
You know what I mean?
And that's cool, man.
It's an honor.
Like, that's a compliment.
But I'm sure, I mean, I know,
say that even like the tactical training
or something that you've done, you know,
or somebody that wins a shooting competition
or something and they, you know, attended, you know,
a class of yours, I think, I mean,
how do you feel about that type of thing?
Like it's, it's cool that I was the one
that was able to inspire their career, you know?
And that's, I understand what you're saying.
I'm not giving you credit for what they've accomplished.
I'm just saying, I mean, you or what sparked that inspiration, it sounds like for a lot
of these guys.
And that's, I mean, that's cool, man.
It's an honor.
I said, I am really just, that's very cool.
But so back to reading at age two and programming at age four, I mean, so, reading at age
two, did you just pick it up or?
Yeah, I think, like, my mom just very, like, involved parent, you know, at least she
used to have these, like, kind of no card pieces of poster board and stuff that she would draw circles on and
Then have me recognize like how many circles were on the page like so I just had a site like one to a hundred and
I got really good at
Recognizing just the patterns. I knew like which ones were which and so she did a lot of just
seminal work on me I think
and I mean there's some of it it's that nature verse nurture type things I give my mother like a
lot of credit just I think she just really wanted to inspire some type of greatness in me and so
I mean I'm sure she you know she read to me but you know there's obviously whatever innate thing
you can have actually have it to,
you know, was present in me, you know, to want to do those types of things.
But there wasn't obviously the distractions that there are today.
There wasn't any YouTube dating myself.
Like, it's not exactly the Stone Age, but, you know, there wasn't a whole lot of, I mean,
there was television and stuff, but I wasn't really
Watching that it's just kind of yeah hands-on and things that I found interesting, but
Yeah, then So just the computer was a something that I just I said I don't know
I can't describe some people just you know you take to an instrument or you know start playing the piano type thing
I just really was fascinated that you could make these things do whatever you wanted to
do.
And so that was just, I think, a huge reason why I got into programming was just, well,
that you can actually make these machines like do what you tell them.
And if they screw up, it's because you screwed up.
What kind of programming were you doing at age four?
So there's a language called basic.
And it's basic like it sounds.
It was developed, John Camini, I think, his name
was Polish, or not Polish, sorry, Hungarian.
He'd come over kind of like Leo Zalard and John Von Neumann and a lot of the scientists,
but he'd developed this language that was really, it was designed to get people into kind
of programming computers.
It had line numbers.
There was Pascal and Coball and Fortran and C.
You may have heard those times,
but those are for business applications,
whereas basic was designed more
just for people to get into programming.
They'd started to do these classes in schools
prior to even my being born, but the home computing revolution is kind of where a lot of this stuff came from. So I had a Texas 9, Texas Instruments 994A, which is it is a car just loader. You could
take a tape drive instead of a disk drive. You could use cassette tapes on it,
but the basic operating system,
like what you would consider when you boot the computer up,
was just a basic interpreter.
So it allowed you to just enter the code
into these machines just right off the bat.
Apple twos were very similar.
Those were in pretty much all of the schools,
but if you booted the Apple up and just let it go to a prompt,
it would just be a basic interpreter.
So that was kind of the lowest,
just the most interactive thing you could do with the computer,
like right as soon as you booted it up.
I had a Timex and Claire,
which is one kilobiton memory,
it's kind of a little hobbyist computer
that my dad and I had worked on.
But it also, like the basic thing that you would,
once you booted the computer up,
it was a basic interpreter
and then you could just kind of input your code
and do stuff with it.
So as I said, there was a plethora of books and computers and stuff that came out that
are computer books that came out that had this code just transcribed in it. And so instead of
passing around floppy disks or CDs or anything like that, you would just write the code line by line.
And so it was a good way to learn, you know, what the code kind of kind of did. And that's pretty much
the, I much the entry level
for a lot of people, I think, to get into programming around that. That was how they learned.
Interesting. What else were you into as a kid? Outside of computers. Baseball cards, magic Magic the Gathering. I don't know, just magic itself.
Like, I just kind of a normal kid sucked at sports,
complete dork.
I tried, played football, played baseball,
but it was absolutely horrendous at it.
Computers were really just the thing
that I gravitated towards mostly.
In my teens, I got into cars and doing engine swaps
and type of thing.
But it sounds like you grew up in a really,
in a great home.
Oh yeah, a family-oriented wall.
It was, I mean, I said, my dad, you know,
he's from the old school, I think I showed you a picture of him,
you know, like, you know, there's,
it was obviously some things in my upbringing that probably
it wouldn't be too kosher today.
I mean, my dad, it wasn't like a super violent person
by any stretch of the imagination,
but you know, we got beat a couple times, you know,
that type of thing.
My mom, you know, to, I think she came from military household as well. So there was a little bit
of strictness, but I, all in all, the intentions of my parents, I think, were always really, really,
really good. My dad wasn't around a whole lot just because he was working and traveling and,
you know, going to rock and launches and stuff, but know I said I have my mom there pretty much and you know she
was always really good about growing up you know any types of extracurricular programs I wanted to do
like there's these competitions like Odyssey of the Mind I don't know if you're familiar with that
but I was in Odyssey of the Mind oh hell, hell yeah. All right then. Yeah, so it took state one year.
But yeah, just the way, what was your project?
Did you do the balsa wood thing?
There's the bridges.
The ping pong ball has come out.
Yeah, I'm trying to remember the,
that's cool dude.
I did that.
Yeah, right on.
But yeah, those were the after school type stuff.
We did like what what there is these
kind of plays that you had to do, and then you had to have certain elements in them, and
need like kind of design machines to go with the play. There was different categories,
but yeah, they had the bridge strength ones where they were trying to break them. Yeah,
so just any of those types of weird math engineering programs that, you
know, were extracurricular then. So you're a super creative type as well? I probably, I
mean, I loved poetry and writing too. You know, I was like a huge thing. He's just
write stories all the time and stuff. But yeah, I'd just say that, I don't know, for whatever reason, I'd say computers
have just always been this thematic thread.
Luckily they're everywhere now, so.
It sounds like this is interesting because it sounds like things one kind of array, maybe
as a teenager. Yeah. I mean, for somebody who, I mean,
Odyssey of the Mind was for creativity.
It was.
It was for extremely creative
kits.
And the other stuff that you're talking about
computer programming, learning to read it to
poetry, writing,
to drop it out of high school, Sounds like maybe there was some car theft.
Yeah. Stab, stabbed in the neck. That's true. What happened? What happened here?
Uh, well, I think like most teenagers I got in this rebellious, there's some things
I can pinpoint because I wanted to be an astronaut. I think
to say growing up there and everything, that was just what wanted to be a pilot in the
Air Force, go to the Air Force Academy. My grandfather, my mom's side was in the Air Force
and it was right up the road, so I was obviously exposed to it. And then in sixth grade, this dude Chris Ray told me
that you needed 2020 vision to be a pilot.
And my vision's not that bad.
But at that age, it just destroyed me.
I was like, oh, okay, well then I can't.
I guess I'm not gonna be a pilot.
So that was a left turn there in some senses,
but, or that was a right turn, but left turn.
The, then in my teenage years,
I was obviously, I think every teenager
kind of goes through a rebellious phase.
And I said, we lived in a pretty modest, like,
middle class household, like there was no reason
to really get into too much trouble,
but I don't know if it's the rap music
that I would listen to, whatever,
you just had this like, and identity crisis.
And pretty much everybody that I hung out with that
from that era wound up in dead or in jail.
And I think that's, it's hold on.
We gotta go, we gotta go back.
Okay.
So what, so you got into crime?
Yeah.
What age?
Well, probably 15 is when I got my,
when I was arrested for the first time.
What did you, hold on, you got,
what did you get arrested for?
I was spray painting buildings.
So yeah, I was in the graffiti. But the thing
that there's a simultaneous like the computer stuff like said happened in parallel like the
entire time that this is going on. But kind of the crowd that I got involved in was, this had more traditional crime.
We designed, I don't know if you know those can safes that you can hold, like drugs in
and stuff, we'd made all these devices to help us shoplift better.
So like these lined cans that had PVC pipe in them,
so you could still pour liquid out of them
if anybody ever came up to you and told you that,
hey, what's in the drink?
But we'd exact on I have to top out
and have a foam covering and PVC,
and then just use it to steal jewelry and stuff
from the store.
I haven't thought about this stuff.
But, oh my God.
Yeah, just, again, I had no real,
like, you know, some people have to like steal
to eat and feed their family and, you know,
that's kind of go out and do those things.
But this was just all, I just,
I've always loved crime for some reason.
Like, I don't know why it's just something that,
that also is just inherent in my life.
I just find, it's the hacking thing.
You know, you find out how systems work,
find out, you know, the things that you can do
to exploit them and then kind of carry on.
But this is so it's a challenge.
Challenge, yeah, yeah.
Is a meat, can you do this without getting caught?
I never got caught shoplifting.
Never walked me through this.
So you would take like a soda can?
Yeah, I'd take like a soda can and then I just cut,
like, so take the aluminum top part off
and then hot glue a PVC pipe to that section
of the can and then have a bottom on it,
and so I could pour liquid in there.
And then, but in the can, line the can with foam,
so it wouldn't like clatter or anything.
So I'd have, but we used to go to place,
they steal jewelry, anything like little
that could actually fit into a can,
that was like kind of high dollar item.
And then that, the top would fix over it.
And so if anyone ever questioned her, whatever, it looks like a of high dollar item. And then that the top would fix over it. And so if anyone like ever questioned her,
whatever, like it looks like a can and you know.
You have to try to see me putting it in there, you know.
So it was just this kind of spy craft,
you know, whatever you call it at that age.
But yeah, it's just these devices to help us shop,
live better.
Ugh.
Anyway.
Brrrr!
Interesting, very innovative.
Yeah, try to be.
Yeah, it's just gotta,
necessities the mother of invention,
but in this case, I guess there was no real necessity.
It was all just about, yeah,
what could you get away with?
The necessities was the challenge.
Yeah, yeah, I suppose so. That's it. What
did that lead into? Well, so the other, there's another turning point that happened when I was
around that age and I had gotten a, so I was on the, what would have been considered like the internet at that time.
It wasn't like anything super, super crazy.
But I was working with these people on internet really chat.
And there was a company called Network Associates in the Bay Area, like Santa Clara, I think, and they did Anavirus Software and stuff,
but they had seen some of the work that I had done,
and I was, I said, 16 years old, and they had offered me a job.
And I was like, so I went to my parents and I was like,
can you emancipate me so I can go out to California
and take this job?
Because this is what have been 98, I guess,
and both my parents were like, no,
you're too young, too stupid, all this stuff.
Well, that's a thing is that my parents were the type
of people they could say, like you could do anything,
it could be anything you want.
But then the moment those opportunities start to come up,
it's like you can't do that, you can't do that,
you can't do that.
And I was like, how are you gonna sit there and tell
like a kid, you know, because she's like,
you need to finish school.
My mom was, you know, huge on that.
She didn't want to be the mom of somebody who dropped
out of high school, because she knew idiots
that graduated high school.
And so how could you do this and stuff?
But in my estimation, I'm like, well, the entire reason
that people go to college and graduate high school
and go to college is because they're
going to get a job at the end of it.
So I might as well just skip all that stuff.
And I would have been into looking
value when the dot-com boom was sort of percolating.
And again, if it didn't work out, I could have always come home and stay in my parents' couch again.
But the opportunity, I had presented itself and yeah, they were all just totally against it. And so that kind of just made me well, and I don't really care anymore. I'm just gonna do whatever I'm gonna do.
So that's like I started getting into the
like the rave scene like really really hard.
My first like the first rave I went to was in
I think 96 I think I was like 14 or 15. I'm not even 97, but yeah, that was an entire world that I adored because I loved music
and electronic music and stuff, and I'd been making it.
But that obviously that culture, I think Brian had talked about that in some of his
upbringing, but that lends itself to a lot of kind of weird behaviors
that, especially at that age,
a formative kind of teenage years,
I do recommend it for anybody,
because it's a blast,
but at the same time you gotta be able to pull yourself out
of it when it comes,
but that's where I said I got involved
with a lot of drug dealers and, you know,
people drug users and that's doing a lot of
stupid things myself. What kind of drugs? I would just
exococaine, math, you know, the
all that I tried heroin like once snorted it. I'm deathly afraid of needles entering my skin. So I
totally missed that boat. On like I said, Ryan, I think that was his drug-disior. But yeah, the
crowd I was involved in, I said, the way that none of them really had gainful employment or anything in the time.
And so you're trying to find a way to like get stuff.
And I was the, you know, the smart,
the brains of the operation in some senses.
So did like breaking and entering in businesses
and just, yeah, I was like,
let's get into some specific examples.
Oh God, like, there was like, there was this stereo shop
that was a kind of near,
that was so dumb.
So there was a stereo shop,
it was called Sunshine Audio.
I don't even think they're in business anymore,
but we had rammed my homeboys truck through
because they had an install bay,
like where they would do all the
like the installs of the stereos and stuff. And so we backed my homies truck into it and we just took out the garage door and then just ran in.
It was like probably six or seven of us and we were able to jack everything
that we can get our hands on and then get out of there.
But then like just just to tell you
like how dumb the crew I was hanging out with
was then like about two weeks later,
that same group of friends, a couple of them were like,
let's do it again.
And it was just like me and my buddy Jason,
we're just like, that's stupid.
Like, you know, like lightning striking twice,
they had like a board over where we had kind of
wrecked into it last time.
And so you guys didn't even get caught?
They didn't get caught that time.
I didn't get caught for any of the stuff,
which is like very, but it's where now,
like if things happen, like we used to take,
you know, the spark plugs,
the porous one on spark plugs and shatter windows
and just grab shit out of people's cars.
But I said in retrospect, it's worth a karma,
any negative karma I've incurred,
I've tried to spend the rest of my life
sort of like washing it as much as possible
because there wasn't an immediate need
to really do any of these things.
Like I said, it wasn't like I needed to feed myself or anything.
It's just the thrill of the adrenaline rush, I guess, of all this stuff.
But yeah, most of the homies wound up getting caught the second time.
Like, I don't know if they'd installed a better security system or, you know,
what had happened, but yeah, the cops swarmed everybody and they said, my buddy Jason,
I just weren't there at that time and we were able to avoid prosecution.
Man, I haven't thought about this stuff in a long, long time. That's so crazy.
long, long time. That's so crazy.
Here's, yeah, it's getting a back.
But yeah, the car thing, like I do before fast and the furious came out, there was a ton of us that were into this
import tuning shit. And so, you know, I did, there was a few
shops in the area, but there were also kind of notorious shop shops and stuff.
And so you had friends that you knew that we liked these people and we never jacked their
cars and stuff like that, but the Honda's an Acura's around that.
That was my focus.
I had a 98 GSR that I bought with spam money.
I'll get into that later, but that was yeah, that was when I was 18
This is a little bit kind of going up and I had a 89 CRX
with a B16A front clip from motor swap from Japan
So I just but I cars another like engineering fascination. So I loved working on them
But then you know, yeah, we were that those motors were just
So I loved working on them, but then yeah, we were that those motors were just the cream of the crop You know, and so like other integras the GSRs and type Rs and the specifics
That that
OBD1 series and OBDZ your zero series is this really really easy to steal
And so you know, we're like stealing cars and then we take them like how would you steal cars?
Like just we'd find them, you know, just be like cruising around and again like
if it was somebody that you know we didn't know or you know didn't care about
then yeah just said the whole smash the window get in there
call them out, screw driver, take off and then just take it to one of the shops and
pull.
What would you do just dismantle it?
Yeah, just dismantle it.
You know, because some of these things you said just that the good exhaust or they had,
you know, but the motors on those ones were just like insanely expensive.
So they said the heads, the people would do these Frankenstein swaps with the LSS and the GSR heads. I don't know how much you said the heads. People would do these Frankenstein swaps
with the LS's and the GSR heads. I don't know how much you know about these
rice racers. Yeah but yeah it was just this and this is before you know then
like movies like Gone in 60 seconds and Fast and the Furious are coming out and
we just felt like vindicated. This is it. So we were training for, but yeah, that whole,
I said, a lot of those, I don't know.
One of them, I don't know, just,
all those people, again, in and out of jail,
I said, I somehow, there was one time I know
even that they were investigating me
and they'd gone to my friend and they were asking her about, you know, my involvement and she didn't snitch.
She was like, he's just a computer nerd.
He doesn't really do any of this stuff and I had the pedigree obviously to back that up.
But it was just, yeah, living this kind of weird double life in for no reason at all. Like it was just simply, I think just a teenage angst and, you know, what not.
Yeah.
You had, it sounds like you had premonitions that you were going to die by your 18th or the,
yeah, that's part of it. So like I had. So I had this, I have these dreams and everything,
like when I was super young, like teen,
like 13, 14, that I just like was gonna die
before I turned 18 for some reason.
And so I think that, what did you know how?
Not a dream.
It was, yeah, like it was in a lot of ways.
It was like car accident, shooting,
like just something, but that was the kind of the overarching
theme, like something you just, I just felt
that it was gonna happen.
I mean, I talked to like a lot of my friends about
and stuff and you know, they were just like whatever.
Obviously, it didn't happen, but yeah,
a month before my 18th birthday,
a bunch of the carnards, like we were out
in the back of, best by, best by parking lot
and my homeboy had done like a burnout and he left.
And there was a ton of people there.
You know, we're just kind of hanging out.
And then these two like workers come out from Cove Foods, which is like a super market.
I don't know if it exists anymore, but you know, they're like you guys smoking up our, you
know, you know, we're trying to work like all this other stuff. And I was talking to my
ex-wife sister at the time. And all of a sudden, I just this frog just break out. And one of the guys has my buddy in a headlock
and he's like doing this to him.
And I didn't even react.
I just saw kind of what was going on.
So I left the conversation.
I just go up, just ran straight up to the dude
and I punched him three times.
And he let go of my friend.
And then he came after me.
And he, like I said, I didn't know. He had a box cutter in his hand. He let go of my friend and then he came after me and
He like I'd said I didn't know he had a box cutter in his hand and so he was cutting my buddy up He had like just slice those and so he was yelling like he's cutting me. He's cutting me. Oh, and I didn't
I said I didn't react to that. I just reacted because I saw that happen and then
He sliced my arm and then when I drop down the hit him I opened, I exposed my neck and he sliced me twice like one, there's one big one
here and then one little one here but it was like three millimeters from my
karate artery so I'm like bleeding everywhere. My buddy Jason was able to pull
the dude, so he like kind of suplexed the dude. Not the same Jason, that was another Jason,
but he got him off me and then the other dude was like off fighting my friend Adrian and
then they took off. And I remember just like looking at my friend, I was like, is this
bad? And I'm just bleeding like all over the place. And he's like, no, that's no good.
So they hopped in this car and we went to the hospital.
And I remember passing out on the way to the hospital,
but I wound up getting like 18 stitches.
And I was like, this close, I almost died.
Like it was just to say that I leaned into it just a little bit more
or anything. I would have been a goner.
But yeah, that was just one of those.
Again, just said, you hang out.
You are who you hang out with, like, type thing, and so it was dangerous.
But yeah, I survived.
So was that a wake-up call for you?
Not at all.
No kidding.
That's the part of the problem is I think, like, that if anything, it just galvanized my false
invincibility at that point.
Again, your teenage, or you think nothing's going to happen to you type thing.
It made me spiral even more in a sense, because there was a period of indestructibility.
I think that I was inheriting, you know, because like Manic couldn't even kill me.
My neck is like sliced open and stuff. So, uh, yeah.
What was it that finally, I mean, the final, yeah, that scared you out of it or grew, you grew out of it or what was it? I would say that my daughter, being born,
was probably the one thing that really,
because there was a, so after that had happened,
there was this year that I had spent,
and it was like a personal challenge myself,
but I was like, can I deal drugs and
support myself just off of dealing drugs like for a year?
My apartment, my car, all this stuff.
And this is like, even after I'd hacked NASA and stuff, I was just still in this kind
of mentality.
But that was before my daughter.
It was more so I was like kind of 18 to 19.
I worked three months at Gateway Computer,
which was a computer company.
I was doing tech support for them.
I got hired shortly after,
sat down the next stuff.
And then I worked the floor for three months,
but everybody that I met there,
loved cocaine and meth.
And so I pretty much just got this clientele
from the tech support world.
And then I had the rave people and stuff.
And so I had a decent roll of decks of people
that I could trust that weren't necessarily, you know, violent or anything.
And so, yeah, that's like, I said, I just, this was this person challenge.
I had all this seed money from spamming the internet.
And this is how I use that to parlay it into drug dealing.
And, but that got it's mat annoying because it's like tweakers and stuff would call you
at like two in the morning, they don't care what you're doing.
You know, they drive them like a, you know, a gram
then you'd be like halfway back home
and they're calling you and they're like,
can I get another gram or whatever?
And it's like, why is she just buying both way there?
It's gonna be cheap before you.
So that type of stuff is just,
it's not conducive to a very restful lifestyle.
So shout out to all the drug dealers out there.
I don't know how you do it.
I'm very proud of you.
Stickin' to it.
But again, everything I said, there's a lot of stuff
I've done, it's in retrospect, even saying it now.
I just sound stupid.
But yeah, it's sort of what, you know,
I hear all the sum of your experiences, you know,
type thing. So like kind of just engaging in all's sort of what, you know, I hear all the some of your experiences, you know, type thing.
So like kind of just engaging in all this type of behavior, I think showed me like quite
of it.
So the birth of your daughter, however you want she was born.
I was 20.
20.
Wow, that's young.
Yeah.
So the birth of your daughter is what got you to the realization, hey, this isn't that
end road. That's kind of there was a little bit of a tapering. Yeah, shortly after she
was born, like I think I there was still some kind of remnants of stupidity, but yeah,
that the realization that yeah, you now have this other life that you're responsible for and
Steve, so I encourage everybody out there who doesn't have kids to...
Well, I mean, some people, I guess, it's like having a baby to save your marriage is always a
bad idea, but I'd always wanted to be a father, you know, so it's just one of those things
that might as well get it right, So that was probably a huge turning point.
And yeah, definitely all that type of behavior.
So I mean, going through all of your, I'm sure we didn't touch on.
There's a lot we didn't touch on.
But on a serious note, there's a lot of kids that go down this road.
You know, what would your advice to them be?
That part of what's problematic is that, and I think some people have a gift for this,
but learning vicariously through other people, and that with me, no one could tell me anything. That's the thing. Is that if I, I mean, and that's
even so much true to this day, like that there's a certain, if somebody tells me something's
impossible, like, let me take a stab at it first and see if it's impossible. I'm not just
going to take people's word for it in a sense. And I think that's part of the problem is you can't really tell anybody the advice that
I would give again is that it's a very personal kind of experience.
And of course I knew things were wrong.
I had men's rehab.
I understand what's good and evil and what's right and wrong and stuff. And they still kind of made the choices to act those ways anyway.
But I will say that, you know, you can always turn it around. I don't think it's ever too late. Even if you've murdered somebody and you're like, you know, coming out of the other end and, you know, you want to make a conscious change, but people have to want to help themselves type thing.
And so the biggest thing is, you know,
for the people that kind of want to get out of that lifestyle
or whatever, just know that it's possible.
It just takes discipline and dedication.
And again, I also wasn't really forced into that.
These are just things that I, for whatever reason,
found fun, you know, for lack of a better word.
I mean, it did. It was exhilarating. Like, it had a good component to it that, you know, made it very fun.
But an interesting and, you know, obviously, you see adrenaline pumping. The same thing,
you know, I said, I probably joined the military and, you know, get shot at or something.
the same thing, I said, I probably joined the military and get shot at or something or what that would have been
a little bit different, but yeah, so.
Military couldn't take me anyway though.
Well, I appreciate you sharing that because
there are a lot of kids go down that road,
and then I think a lot of kids wind up deep into it,
and then they just continue.
Yeah.
It's unfortunate.
And I pulled them so many of friends that, yeah,
there's people that say that still from that era
that are in and out of jail to this day,
you know, just don't want to get their act together.
And is one of the, one of the first businesses that I had,
I had a call center, but like it was huge. One of the biggest things I I had, I had a call center, but it was huge.
One of the biggest things I try to do is hire convicts and stuff.
Not only do you get some cool associated tax breaks, but I think everybody deserves
a second chance.
Sometimes a third, sometimes a fourth, you got to just work with people.
I see people just kind of go through weird stuff in their life.
I would say that the perspective I gained from that, there's a lot that I understand from
that end, like why people behave the way they do or what they do.
Again, there's people that are forced into it and there's people that are just doing
it as a hobby. And so, you know, both of those obviously have different reasons and outcomes and stuff.
But I have that it's also under childhood that you were starting businesses and selling
them.
When did you kind of entrepreneurial career begin?
So that,
one of the, I think,
one of the services that was really, really prevalent
to get on the internet was America Online.
It was pretty much the only gaming town
for a really long time.
And it made
The internet accessible to just normal people
My first exposure to the internet was through
my father had
What's called a slip accounts your line internet protocol? It's it was an account through work and there wasn't really a
Worldwide web or anything to that nature yet. It was all like Archie and Gofer and FTP and these antiquated protocols that you know
People rarely even use anymore
But AOL was this kind of gateway for people to comp you serve
Prodigy there was a few services
But America online had kind of the biggest people to comp you serve, prodigy, there was a few services,
but America Online had kind of the biggest user base
and it was just for the every man to kind of see
what was going on on the internet.
And with that, you know, obviously the technical competency
of the people that were on that service
was drastically different than, you know,
the people who came on the internet before.
There is this concept that started in news groups called the Eternal September.
It was something that the early internet nerds had noticed that when kids got back into
school and would use the university computers, then the posting quality would go drastically down
in these news groups and stuff.
And so people would just say,
like, oh, September must be September or something,
because obviously everyone's back in school.
And so there's this concept.
It's been a place attributed to different places
in internet history, but the eternal
September is kind of, you know, what's considered when there was a corollary to win AOL kind of
came on the scene because then you just have all these, you know, normies that are using
the internet now and they're posting on these news groups and doing this stuff.
So it's the September that never ended. With America online, they made
it very, very easy to programmatically extract because they had chat rooms and they had member
directories. And so they had all these ways to basically cultivate the members of that
service. And so unsolited commercial email,
like spam became just a giant force of nature,
like to be able to make money like off these people.
Because you knew they had credit cards obviously
and they are on the internet.
So you could go through programmatically,
like we'd write programs to go and grab the names
out of the chat rooms and grab the names from the member directory
and just harvest all this stuff.
And then you could just email, like just constantly.
So whatever products that you wanted to sell.
And at the time, you know, obviously pornography in the internet kind of go hand in hand.
So I was doing affiliate programs. So you'd get like a cut of the sales
when you would, after you would drive traffic to these sites, you know, when they put their
credit card in or whatever, you'd get a certain amount of money per sale or they would pay
you per click, but you had to have a certain ratio of clicks to sales, you couldn't just send garbage clicks or whatever.
But when I was, I'm a teenager in high school, most people are having summer jobs.
I worked at the movie theater for a little while with my friends, but even when I worked
at the movie theater, it was all of us.
We were all friends.
If we were working the ticket counter and two people came up and wanted to buy a ticket to a movie,
we would sell them one, rip the ticket in half,
give them each a stub, pocket the other half,
which short count the, there was a scams everywhere.
There's always running scams,
but I didn't have like a regular said job.
This was how I made money was like I'd go home and I would dial up. I was on
another, I was on Earthlink which is another ISP that I stole those accounts and then I would
just use AOL accounts that we would crack and then I would use those to send out all this spam messages, I guess, to porn
sites.
And so, you know, at that age, you know, I'm doing this maybe like one, two hours a day and
I was making about a thousand dollars a week and just, you know, as a kid.
And this is like 1990s money.
So these affiliate programs go all the way back to the 90s.
Yeah. So these affiliate programs go all the way back to the 90s. Yeah, and again, porn, the thing about pornography
is it is the genesis of a lot of internet technology
and these types of concepts that the affiliate program
was really, really birthed and metastasized
from porn industry.
I mean, the VHS, beta masks, I don't know if you remember
like the tape format stuff.
Yeah, and then VHS wound up winning largely due to porn.
I mean, broadband internet, you can attribute pretty much to pornography.
The pornography has always been this weird sort of vanguard.
It's this oddly enough, like in the industry itself, like you would always refer to porn as porn and mainstream as mainstream
like these kind of these two pieces even though that it was weird a lot of the advertising techniques and everything that were being
employed in porn, you know, sort of eventually found their way into what we'll be considered mainstream and
You know, that's just been true since maybe the dawn of time, but especially like in this, you know, in the internet.
So porn is, porn is, it's like the pioneer to advertising in the affiliate program.
Big time. Yeah, a lot of the ways that the operating models that the affiliate programs
used in porn, like now they're ubiquitous and you find them
in a lot of different programs now,
like any type of affiliate program you're going into,
there's some sort of ancestral thread
that goes back to the porn industry.
But at the time, again, it's just one of the more lucrative
that you could sell most products
and stuff, but it just seemed to be, you know, it was always the one, and you knew that they paid
on time, and you knew that they had the coffers to do it. And so I wasn't even really old enough
to look at porn at that age, but so I signed up with fake information, but I had to be able to cash the checks and stuff.
So that was it.
Just a lot about my page and started slinging that.
So how, if I just, this is the snapshot I'm getting.
So basically, you infiltrate some of these chat rooms
or whatever messaging services extract all the email addresses
out of them, create some kind of a marketing email with porn clips in them, something to
something to capture somebody's attention.
You send it out, they click on it, it does capture their attention, drives them to the site,
and then there's some kind of tracking that goes from your email or like a cookie choreel or something.
Yes.
And then you get paid off of that.
So you have a, so a lot of times, so there was these things called thumbnail gallery posts
and movie gallery posts, TGPs and MGPs. And those were considered like the kind of the clean ways
to generate traffic.
There was a huge one, the hunt.net,
I don't even know if it's around anymore,
but it was the repository and it just had like daily lists,
but the affiliate programs, the porn companies would
basically post these landing pages, that just had links to them on these
TGPs and MGPs. So this was more of a direct... The way we'd set it up is the same way only fans and
things like that are done now, they're based around single-girl structures And so we'd have landing pages that looked like a girl
like using a webcam or something like that.
Our friend Lindsay was like, love her.
She was like the model for a lot of our stuff.
Like willfully, we could use her pictures
to, I don't even know how much porn,
Lindsey sold back in a day,
but her handle was magic.
But create a page that looks like it's just her
kind of homepage and then, hey,
if you wanna see me naked, click here, type thing.
And so in the query string, back then it was done more
with that, aside from cookies, but you know, so as part
of the URL, you know, you would have like an affiliate ID that kind of get put in the
code. And so then that's how it would track you. When you clicked on that link, you know,
and it sent you to the page, that's how the affiliate program tracks that's you're
the one that sent that and who you sent it to optionally. But yeah, you're basically just pretending
to be that girl emailing people, like,
hey, it's me, magic, like, or Lindsay or whatever.
She's gonna love that I've dropped out of this,
but yeah, this is, you know, it comes to my pictures,
or it comes to me lie, whatever it was,
and so then they would click on that link,
and then, yeah, then usually the thing thing is that you'd get paid on free
trials. So whether or not somebody, which is another thing that porn started and then
mainstream kind of picked up on, because it's in the nutraceutical industry and all types
of things now, like where, you know, you get the, get the free bottle. And then they hit
you every, every month, that's called a continuity offer.
Like where they will rebuild you, they'll hit you for $40 a month and keep sending you
bottles until you cancel.
It was a similar thing with like the porn sites is that they'll pay you as an affiliate
on the free trial, but then you know, it's said in three days, five days when the trial's
up, then they're hitting them for $100 or you know, whatever it was.
Because there's usually all these cross sales and network sales and stuff that we're working on.
But yeah.
What age did you get into that?
Why?
What age?
What age?
15, 16.
Yeah.
Wow.
Yeah.
That was fun.
You don't like the cutting edge of all this.
Yeah, and back then, there were no real limits.
For very beginning.
So now if you try to send a ton of emails, you'll say, no more that.
You probably see it now, especially with captures and stuff, like if you try to do something
too much, it'll pop a cap shop.
I mean, there was nothing like that.
A lot of the reason that those technologies were developed was because of people like
myself that were just having a field day on these sites kind of doing whatever.
Because there was no limitation to how much, you know, all you had to do when you pulled somebody's
screen name out of these chat boxes and stuff is just at at awl.com and then you have their email
address. And so they had an entire basically directory, like just a list of, you know,
the chat rooms that were open at the time. And so you click this, who's online or who's chatting, button.
All this is done with the computer program.
So you subclass the windows, and then you would basically simulate the click
to these buttons, and then read these text boxes, and so this was all done programmatically.
Visual Basic was the, has almost nothing to do with the basic I was talking about.
But visual basic was kind of the language
that a lot of kind of AOL hackers were using
to create these programs.
But yeah, the AOL just made it insanely easy
to blanket the carpet bomb, their whole service, and
iteratively they improved on it, you know, over the years, but there was always some sort
of work around to kind of get in.
Very interesting.
Let's take a break and when we get back, I was going to say, let's start with the beginning
of your hacker career, but I think we just did that.
So we'll just pick up right here.
Those of you that have been around SRS for a while know that we take mental health very seriously
here. So seriously that in almost every episode you'll find a segment where we discuss how to
improve your mental health. And part of improving your mental health is keeping your mind sharp.
And part of keeping your mind sharp is given at the fuel that it needs to balance energy,
focus, cognition, and just regenerating your brain.
That triggered me to go on a journey to find the supplement that supports brain health
with the cleanest of ingredients on the planet.
And I found it.
I was actually gonna start my own company and do this,
but I found lared superfoods.
I've partnered with them, now I'm a partial owner,
and I really believe in these products.
Here's my favorite product, performance mushrooms by Laird Superfoods.
Brain fuel. You can put this in your coffee, you can put it in your tea, you can drink it raw,
you can mix it with their greens, you can do all kinds of stuff. Bottom line is,
this is the best possible supplement with the cleanest ingredients, all sourced in the United States that supports brain health.
And here's two other products that I'm a fan of.
Lared superfoods creamer.
Guess what?
Contains functional mushroom extracts.
Put this in your tier coffee.
And most of you know I'm not a caffeine or coffee drinker,
but a lot of you are and they just happen to have
Lared superfoods coffee,er, but a lot of you are and they just happen to have layered superfoods coffee,
organic, proving coffee with, you guessed it, functional mushrooms that support and regenerate
your brain.
Go to layeredsuperfoods.com, use the promo code SRS, you'll get 20% off, guys, this is
the real deal, these are the finest of ingredients.
Check it out, layeredsuperfoods.com promo code SRS, 20% off.
BAM!
Hey everybody, I wanna talk to you about two products
from first form.
One is Optigreans 50, the other is Opta Reds 50.
We all know how life can get very busy, hectic. It turns into a lot of stress.
Next thing, you know, a whole month has gone by. You don't even realize it because you've
just been going so fast. And when you get in these situations or these, these, these little
sections of life that are like that, what's the first thing that always goes to the way side?
You're diet. I'm guilty of it too. My diet goes to complete
when I'm stressed out, when I'm busy, when life gets hectic.
And you know what? The first thing to go for my diet, it's always
greens.
Just how it is. I don't know why it's just always greens.
And so I started trying this new product from first form,
Opta Green's 50, these are great.
They are processed with low temperature.
That way they don't affect the ingredients.
There's no synthetic colors, flavors, sweeteners,
or preservatives.
It's 100% non-GMO and gluten free.
Here's the cool thing.
They come in these little travel packets now, right?
So you can keep these in the truck, keep them at work, keep them at home, open one up, dump it into a bottle of water,
and there's your daily vegetables, greens, whatever you want to call it, intake, right?
Then on top of that, they also have Optoreds 50, which is your daily reds intake.
These are also amazing.
They actually taste pretty good too.
So if you're looking to get your diet back on track, or at least supplement vegetables
and reds and greens when you're busy and you don't have time to cook the way you'd like
to, I suggest you try first form.
Check out opta greens and opta I suggest to try first form. Check out OptiGreens and OptiReds 50 from First Form.
It can help fill those gaps and give support to your hectic life.
Visit firstform.com slash SRS to get yours today.
That's firstform.com slash SRS to get yours today.
And get free shipping on orders over $75.
That's OptiGreens and Reds 50 from First Form.
Thank you for listening to the Sean Ryan Show. If you haven't already, please take a minute,
head over to iTunes, and leave the Sean Ryan Show review. We read every review that comes through,
and we really appreciate the support. Thank you. Let's get back to the show.
All right, Bryce, we're back from the break.
We're getting ready to dig in to kind of how you got into hacking,
even though we talked a little bit about it
with the porn industry and AOL,
but I want to talk about some of the beginnings. What was your
first caught your interest in hacking?
As I said, I think it was a natural progression of insert thing, get system to do thing type mentality. But the first hack that I remember doing,
so before the internet,
there were these things called bulletin board systems
that you would call into with your computer.
And then you access information,
they had file libraries and rudimentary
chat and kind of threaded stuff. Similar to Bolton boards now that are on the web, but
except, you know, you just basically call these systems. And there's a ton of hobbyists
that ran them, some companies ran them and stuff. So I ran a couple myself. And they're the way
to kind of get files and knowledge. Like the anarchist cookbook, I don't know if you've
ever heard of that. But it was just booked to tie you had to create bombs and you know,
do all this ID theft and you know, all these different things. It was a print, I think it was in print,
but then the online is kind of where it was disseminated.
But I said, pre-internet, these systems were linked
through a thing called phyto net for a while
where you can send electronic mail to different systems.
But there are just these sort of local nodes.
And so it was just cool little community,
because a lot of times you'd dial in those BBSs
and it would just be, you know, people,
we'd have meetups at Denny's, you know,
Smokeshager ads and drink coffee all night type thing.
But it was kind of the precursor to what, you know,
we know as the internet.
And the public library, library system ran one of these
bulletin board systems so you could see what books were checked out and you know it had news
and all types of things but it was a multi-node system meaning that it had multiple phone lines
that you could dial into and so there could, it was a multi-user environment.
A lot of times, it is kind of a one-to-one thing.
If you had a single node BBS,
you could only, only one person could be on it
at one time.
And so you usually had a time limit
that you could stay on there.
And other users would try to call in,
but you'd call and you'd get busy
and you just know you had to call back later.
But the public library had a bolt-in board system that it was running.
And I found it was running some custom software,
but I found out how to drop into an executable shell,
which basically like command prompt that would allow me to type in and do anything
with the system that I wanted to.
that would allow me to type in and do anything with the system that I wanted to. And so I had used it to set up an egg drop bot, which back then it was hard to find
computers that were online all the time, because again, the whole thing when you call in
the systems and stuff, then you get knocked off if somebody picked up the phone line type
thing. So universities, obviously companies, they had these dedicated lines that
were set up and have persistent connection to the internet. And so this was a way for me to
have a machine that was online all the time. And internet relay chat was this is kind of like
where a lot of hackers and stuff hung out.
Computer enthusiast period, but it's you know think AOL chatrooms, but it was way more
bare bones than that and predates it. But if you you would have these channels that were
assigned to different interests or groups or whatever. And the thing is, is if the last person left the channel,
then the channel would shut down.
And so you want to have computers that were in there at all times
that would basically hold the channel for you like while you were gone.
And so the thing that I had set up on this library computer was basically a persistent connection
to allow me to have a robot online all the time that was monitoring these channels.
And that was cool.
But then, yeah, the AOL was kind of this breeding ground for a lot of hackers too.
There was a software that had come out called WinNuke that it took advantage of there's
a port that's open on Windows systems even to this day, but it's used for file sharing.
If you're sharing information between two computers, but there is a specialized out of band packet that you could send a port 139 on a system that was online, and if you
send it this malformed packet, it would basically blue screen the computer, meaning that it
would lock it up, and you couldn't use it anymore.
And so if you had someone's IP address, this is before consumer firewalls or people usually
plugged their computer directly into the internet.
There wasn't routers or anything.
So anything that you're sending to that machine is direct to that machine.
So this win-nukes software, when it had come out, it just allowed you if you knew somebody's
IP address and they heard a Windows machine, you could always knock them off line and crash
their entire computer, basically.
And so that had kind of come out
and some other people on the bolts and boards
that was talking to you, one of the coasters ups,
I said, man, this tool is really neat.
Like I can't believe it works this way.
And he's like, have you ever been on AOL?
And I kind of dowled on it,
but hadn't really ever taken anything seriously. He's like, you ever been on AOL and I kind of dowled on it but hadn't really ever taken anything
seriously. He's like, you got to check this out because on there people are just, you
can knock people off line all the time and it's like again with the computer enthusiast
crowd, it's like one thing but then to do it to just completely normal people is another.
And so that's where I got into America online and doing, I said, the spamming and everything
kind of sort of came out of this curiosity. You could send malformed HTML in over instant message,
and it would have the same effect,
like where it would knock people's computers,
or there was certain reserved directories in DOS,
which was the operating system that things ran at the time.
There's certain protected directories that if you try to
access files on those directories,
it would knock people offline.
And so you could place sounds on AOL,
like you could make me say, goodbye or welcome
or the IAM sound and just do it like a,
well, a curly bracket S and then a directory of a sound.
And then some of them were just built into AOL, but that using that
formatting and then trying to access like con con or a parallel port or something would
knock an entire room offline. So you could get into a chat room. 23 people are in there.
And then you drop this sound file that's fake and then it would just kick everybody off.
And so these were just,
it was just hijinks like stupid stuff like that.
But then it was just the thrill that caught your attention.
Oh yeah, yeah.
I mean, does it seem like there's really a point to it
other than getting a thrill out of it.
Yeah, it's well, it's just that, you know,
the internet's always been a source of acrimonious behavior
in some senses and flame wars and, you know, people talking shit to each other and stuff.
So the ability to, you know, just screw someone's computer up after, you know, you get into
a fight with them over, you know, who is the best power ranger, you know, what's an inditerrable
was your favorite or whatever, then you just knock them off line.
That was the appeal I think of it,
is it just, it's powerful, you know,
you're able to just kind of,
yeah, just, it's your playground,
like you own this stuff,
but so, you know, people, and again, back then,
you know, it wasn't very common, you know,
your screen name baby, like some people would pick
screen names that would give away their birthday.
They'd be like, Bryce, 192 or whatever.
And so you infer a little bit of information
about some people, but a lot of times it
was completely anonymous as far as you were concerned.
And so it kind of became more of our focus
to hack the system itself.
And there were these private rooms that were on AOL that were just sort of the in the back,
the back channels of, and it was all people that were, you know, kind of
interested in these types of things, you know, or making programs that interface with AOL to do
the spamming or, you know, these programs that would automate the punting, there
was terms of service violation programs. I mean, these types of things work on Instagram
and stuff today. Like, if you have what we used to call them network tosses, but if I
have a ton of Instagram accounts and then I report you and I say, like, you know, you've
been harassing, you know, me, then if there's multiple people that are I say like, you've been harassing me.
Then if there's multiple people that are saying,
like you're harassing us,
then what they'll do is they'll just take your account offline.
There's automated systems that do this type of thing.
So we used to submit reports that somebody's harassing
my children or whatever.
And so you craft these custom mails,
you send them from a much different accounts,
and then you kill people's accounts.
So as I said, these are just kind of hassles,
but this is all just figuring out how,
to manipulate the system for our advantage.
The progressively, like what had happened
is started to investigate the internals of AOLs.
So with these groups, you know, we'd get together and there was one of my partners, Glitch,
that I lost touch with, but we got into hacking into assets, like AOL, like internal assets,
ones that only the employees could access.
And we found kind of debug tools that allowed us
to use the America Online Interface
the same way an employee would,
or we could access hidden forms,
like sometimes instead of when they deprecated
like a mail form or something like that,
they might still be in the code
and there might still be a way to interact with it,
but as far as the front end is concerned and anyone else that was using this system,
they are getting the normal one.
But then we have this kind of alternative version that we could manipulate and use.
And things back then too, wasn't like a lot of people had AOL keywords instead of websites.
And so, you know, if you look at any kind of video
from the late 90s, early 2000s, you know,
they'll see CSON AOL keyword NFL or whatever.
So instead of NFL.com being a place
where a lot of people got their stuff
because the American online had so many people on it,
like you'd go to keyword NFL
and that would be where you'd get all your information
on football.
So, progressing through that, like it was fun to take those keywords over.
And like, if you could find the accounts that were basically view ruled to edit those
keywords, then you could make it so that, you know, NFL keyword was whatever you wanted
to put on it. And so, we would edit keywords and deface keywords with these
empowered accounts. And again, AOL just had this, the most of the member base was just regular,
you know, everyday people type things. So it was insanely easy just because they're non-tech
to take advantage of a lot of kind of just miss assumptions about how the technology really worked.
Even though they would have a notices on instant messengers,
A.O.L. staff will never ask for your username or password that you could craft like especially, you know, like a name that looked like it could be an employee,
like, staff end nine, two, three, four, five,
and then say like, hey, you know, this is AOL tech support,
we need your username and password.
Again, these attacks still persist today,
but this was the sort of approving grounds
for how all this stuff worked.
And so we got into actually breaking into AOL employees employees accounts, as well as what's called overhead accounts.
These were ones that AOL, if you were advertising on AOL, they basically gave you a free account.
And so, and they had certain powers because they were able to add a key words and stuff.
But after targeting employee accounts, then we were able to pivot into
the internal network of America online.
They had some compensating controls.
But me and this guy Carbox and Casey developed,
well, I wrote the software for it,
but it was a reverse tunnel.
So I was saying there's not a lot of systems that
were persistent on the internet at that time. So I had a university jump box and what it
would do is it would tunnel into AOLs internal network and then it also had an outgoing
connection that we could connect to and then it would basically get us into the local
area network of America online. And so if I connected to that jump box, then I could log on to employee accounts without any secure ID, any type of two factor authentication.
And so from there, you were able to access Chris, which was the customer relations information service, or I forgot exactly what it stood for but
from that panel you could type in someone's screen name and it was like customer service you could get your address, phone number, credit card, all the accounts, you know, everything that had to do
with those accounts and so that it evolved into now if I'm having a flame war with someone on
the internet I can just look them up and be like, you live here.
This is where you live.
Oh my gosh.
So, you see people just, like, because there was, you know, your buddy list would show you
when people were online, when they came online, when they didn't.
And, you know, said, Messendr, everything kind of stems from this, but yeah, you wouldn't
see him sign on for weeks.
They'd just be terrified because, you know, again, this is information that's
supposed to be secret, but, you know, you're accessing it from this, from, you know, AOL's
control panel, basically. But the major thing that we used it for was to take screen
names that we wanted. So like, I had my first name, like, I had Bryce at AOL.com. And,
you know, so all of the homies hell had my first name, like I had Bryce at AOL.com and you know,
so all of the homies have their first names and they had their handles, you know, and some
people's handles are a lot less, I guess. Like Oday, for instance, you know, is a term
in computing that I actually know multiple Oday's besides Ryan, but you know, if he wanted
that screen name, like I would it for him, type thing.
We used it more for that type of stuff.
Again, we weren't stealing people's credit cards to charge or anything, but it was just
fun to have that type of access.
Again, it was very...
Imagine you could just look somebody up that you were having an internet fight with and
knew exactly where they lived and how often they paid their bills and stuff.
Man, it sounds like you were really on the precipice
of packing the very beginnings.
I would say that in the 80s is like when it really took flight,
there was a lot more you could do with phone systems
and computers back then.
There was absolutely no compensating controls at all. And so glory days like in New York, there was like
masters of deception, Legion Doom, like there's these hacker wars of the 80s that were just legendary.
But I would say a lot of kind of the modern twists and stuff. This was, yeah, it was very
cool to be a part of that time
because, again, the internet was just barely coming into itself
and it was just starting to get available to normal people
and that's kind of why I really like the era I grew up in.
Because I had that kind of the giants that came before me
and sort of set that foundation, but the stuff
that we were doing around then is a lot more analogous to the types of threats and everything
that we're dealing with today.
When you talk about some of your buddies that you were hacking with, I think you mentioned
him somebody named Glitch.
Yeah, Glitch.
I mean, do you know these people?
Or are these online connections?
You don't know what they look like.
I've never met Glitch in my life.
We had talked on the phone,
and we do conference calls like a lot.
Like that was another big thing in the hacker scene
is we would hijack conference lines
and then everyone would just kind of call in
and say, but he had the deepest voice
of anybody I've ever heard.
But I don't know if he was white, black,
like nothing about him, never saw a picture of him, and he was like my, my boy, like we were super, super tight,
and I don't even know where he is now. I mean, how do you, how does this work? Where do you, how do you meet him?
So, like, oh, I'm Bryce, I'm a fellow hacker. Let's be friends. Let's be friends. Like, how does this work?
So like I said, we had these private rooms that,
so once you kind of get into the network, the fabric,
then you sort of spider out into, you know,
the other kind of corners, but there are these,
because of the programs that were being released on A-Wall,
the time there were rooms that were named after programs that people would go to.
You would just type in the name of the program.
FateX was a huge program, Havik was a huge program.
That's the first room that I was really, really a part of.
But they had a ton of software piracy rooms.
So if you wanted to get what we called
wares, it was short for software. You would go some people
pronounce it war as but it's wares because it comes from software.
And you would go in these rooms and they were like numbered. So it's
like server one, server two, server three, server four, dot,
dot, but any type of software that you wanted to get, they basically
would use AOL as a file distribution service.
IRC has an analogous system called DCC, but on AOL it was stored on their servers, and
you would just basically get emails with pieces, chunks of a file.
So if you wanted Photoshop or something, you could go into these server rooms and then
download sequentially each chunk of this file. But going into these rooms, like,
there was a, just a network, I would say,
of like this person would be in these two rooms,
person being these three rooms, type stuff.
So you just get to talking and collaborating.
And I was already a pretty good programmer at that time.
So, you know, I was going in there and it was a very,
like the open source community.
There's software that is released now that you can look at the source, you can contribute
to it. Anybody can contribute to this stuff. Linux, you know, the operating system is
a, is an example of this open source software where, you know, everything's available to
you. You can see all the code. You can edit it. If there's a feature that you want in there and you can code it, you can submit a pull request
and then they'll put it in. AOL had that same type of culture except very, very early where
we would share methods with each other. If I found a cool way to punch somebody, then I could
copy-paste my code to somebody else. And so you just sort of gain a name for yourself
in that community.
So it's just sharing information and innovation.
Yeah, it was very collaborative in those years too.
That was very little, I mean, of course,
you had some things you kept close to the chest,
you know, some secret sauce, but I, like,
the things that I was famous for writing
were I had like an all in one check command program. But then I did a, I wrote a program
called concert that allowed you to get free AOL accounts. It was when AOL and some messenger
had been released and used to not be able to have lower case screen
names. Everything had to be uppercase. But when A, when
America online released aim, then you could create, you could
take your aim account and you could turn it into an A well
account. And we called them eye cases because if you when
the account, let's lower case i, or capital i looks like a lowercase l,
like in the font that was,
that was in the font that A will display it in.
And so the,
that these were kind of desired screen names to have
because everyone else had these uppercase screen names
and you could these lowercase screen names,
but the program that I wrote,
it used, it leveraged Canadian registration
to create free AOL accounts that would last
for about three to five days.
And so people that didn't,
I never paid for AOL in my life.
Like I always used stolen accounts
or cracked accounts or something.
And so a lot of us were like that too.
And this program would just basically defraud AOL
to make these free accounts that, you know,
were just burner accounts.
They would last for a few days.
But it was a way, it just, it leveraged a problem
in the way the Canadian registration system was set up
and how it validated credit cards that you could basically get these burner accounts that would stay alive for a few days.
And then I made this series of animated movies in Visual Basic that were kind of about
what was going on in the AOL at the time. And the music was kind of adjacent to it too.
But that's sort of how I got a name for myself.
Do you have any of those videos?
Which ones, the...
Any of the ones that you created?
Yeah, yeah.
Can we put one in the episode?
I would have to...
Because I converted them to Flash, and now Flash is not really a thing, but yeah, we could...
I could...
Yeah, fine.
There are stick figures and stuff.
It's just really dumb, but...
It would just be cool to put that...
Okay, yeah.
History in here.
Yeah, that's fine.
Somebody has seen it.
Somebody watched it.
Somebody has seen it.
Yeah, they were micro-popular.
But then I said, once AOLs hacking sort of taken seriously,
then I said it was more about breaking into the actual systems
that AOL ran on rather than reverse engineering the protocols and how it talked to each other.
Like we were building thin clients that could emulate America online pretty closely without
actually having to use AOL software.
So those were the, that was kind of the progression of how we weaponize the hacking stuff.
But there's a ton of people on AOL that this day, it was like a set in an academy.
There's a ton of people that came from that era that moved on to my form at DG and are
doing insane things now, but they got their start.
I think Mark Zuckerberg even talked about like he used to hack
A.W. on some messenger and that's like, he wrote a,
what was called a fader and what it would do is it would
change the text color like as, so as you typed it,
it would just be like a cute rainbow type thing.
And I think that was one of the programs that he'd mentioned
writing, but that sounds like something Zuckerberg.
What are the nuances?
I'm sorry. But will you mention, I got a couple of questions that he'd mentioned writing, but that sounds like something Zuckerberg would have done. I had tons of science.
But will you mention, I got a couple of questions actually.
So in these online communities, would you call it a forum of hackers?
These are more chat rooms.
Yeah.
How many hackers would be in a chat room? I had very 10 to 15.
And people of all varying skill levels.
There was maybe a couple handfuls of us
that were really that got to the upper echelon.
Yeah, but then you had a lot of people
that were just, again, learning.
Some people didn't care to learn too much.
They just really liked running the programs that we would make, you know,
and make themselves look cool and stuff.
But yeah, the, there was a group that I looked up to
insanely, there were somewhat local,
they called Lithium node.
And those guys came up with some of the,
just most gangster things.
There was limitations on the amount.
You had to have at least three characters in your screen name.
That was kind of a bear requirement.
They found out how to make one and two character screen names.
They also had found exploits in AOL's web server, the software that they used to serve
all their web traffic actually exploited a bug
in that I think it was in TCL.
But just that even then, there was people
that were kind of a strata above my crew.
There was, I said, there was a ton of different groups
but all of various skill level.
No, it was probably the most elite, but I was part of A.O.L. files and observers.
Those were probably, like, said the second tier.
I don't know how the hierarchy of, I'm sure there's one special force is there something, but the groups that I was a part of were up there,
but not like the top, top, top, top, tipy top.
Not the tip of the spear.
Yeah, maybe other people had different opinions
and they were like, oh yeah, you were at the top,
but yeah, I just said, I remember just at the time
there'd be things that people were pulling off
and I was like, how the hell did they do that?
So, you would mention, you don't put everything out
some stuff you keep close to the chest.
Did you have anything you were keeping close to the chest
that was for your eyes only?
By the end of it, probably not.
It was more, yeah, that there was certain, I would say, internal websites that I knew about, that I didn't
want anybody else scraping or knowing because then it would just raise the signal on them
type stuff.
But as far as the, we call them methods, like it just, as far as any of that stuff goes
eventually, I would just try to share that type of knowledge.
Because generally, it'll come back to you.
If people aren't super greedy, they'll take your stuff and then they might mutate it in
some way and then you're going to get back something cool later, the very sharing economy.
People that weren't like that, they just kind of consumed, you know, you don't deal with
them.
They didn't last long.
They didn't last long.
Yeah. So it's more about the people that were really forthcoming with all the cool technology
that they were developing.
Give-take relationships.
Exactly, yeah, yeah.
Right on.
Would this stuff that you were doing in AOL
would that be considered black hat hacking?
100%.
Yeah, there was nothing benevolent about any of that stuff.
It was all just, and the way I think about it now,
and there's no way, I must have,
I terminated on the order of hundreds of thousands
accounts probably, and the member base of AOL
was in I think the eight figures,
as a mid million, I don't know,
there's 20 million, I forgot, 25 million.
But significant chunk of those, I mean, I definitely spammed everybody on A.W. at one point,
but the hassle thing I was saying earlier about, you know, when your credit card gets canceled,
if you A.W. account got terminated because I happened to break into it or something, that's,
you know, three hours on the phone that somebody had to,
it's not far-fetched to think some nine-year-old grandma
who just wanted to see pictures of her grandkids
sitting on the phone for three hours and had a stroke
because she was so frustrated with talking to customers.
There may have been some ancillary deaths.
I could take it to the ant degree on any of it,
but yeah, there was nothing.
I mean, I'm learning about the system and it was really cool because you know things
that maybe some most of the internal employees don't even know and you're kind of consuming
on this.
So, but very selfishly.
And yeah, there was no way to characterize that as anything but blackout. Did you, did you meet any of these like glitch or any of these other people?
Did you meet any of them?
Oh, yeah.
Oh, yeah.
Yeah, so like a couple of my best friends of all time, like we started out on a well together.
And they actually, I mean, they're, most of my friends that I still hang out with on today,
they came from some facet of online,
but the AOL, my friend E. God, my friend Flow,
my friend Heretsu, all of them,
they all came from America online,
that's where we met and know each other.
So we've known each other for, yeah, whatever it is,
25 years.
How long did it take you to meet them in person?
Probably in adulthood, like, yeah, mid 20s type thing, it was like when we finally came
together.
We weren't really...
And this stuff was starting at age 15.
Yeah, yeah.
So it took a decade to start meeting people.
But we'd been, you know, internet.
Well, some of it was, earlier in the Ash price,
they like, 22, 23 even.
I think like when Taylor was in college at UCSB,
I was 19.
Yeah, so maybe it was the few of them, yeah, we met,
like, but a lot, a grand majority of them,
yeah, I would say throughout my 20s,
it's kind of when we started kicking it, you know.
I mean, man, that's weird.
Very much.
I mean, you think about nowadays and people that,
you know, they made all their friends on social media
and you were doing this what, 30 years ago?
25, 30 years ago.
And back then, it was, you know,
you don't meet weirdos off the internet type thing.
That was the attitude that a lot of people had.
But yeah, and they're my best friends now,
to this day, the people that I've,
you know, and it's known through that, that scene.
And it's, it's cool.
But they're the people that I identified with the most,
you know, obviously, and, you know,
we had like a lot of common interests and stuff.
So this is, I'm, but this is fascinating to me.
Do you, do you think that, look,
everybody has a stereotype, right?
Mm-hmm.
Stereotype and the Special Operations Community, Stereotype, it's the AA, Stereotype and NSA,
all these different places I've worked at, there's definitely a stereotype that kind of fits
the mold.
Would you say there is a stereotype in the hacking community?
Oh, yeah.
I think everybody sort of pictures the guy in the hoodie with the
anonymous mask on and cans of red bull or monster or whatever just polluting the desk and
that's what's so crazy is that a lot of or you know ultra nerdy like super you know
a cuck bought a glasses like any of that type of, that archetype is just, you see it as a trope in Hollywood pretty consistently,
but what I found is it's a really eclectic,
it's it all races, all creeds, religions, whatever,
you know, different looks, it's very,
there's a lot of people that you wouldn't even know
are, you know, looking at them
that they had anything to do with computers,
as it's a very, it was a wake-up call, I think, even then.
You know, it's like, well, not everybody's just a dork.
It's pretty cool people here.
What about personality traits?
That, I think everybody that's on the computer, as much we are has some mental illness like this you have to
So that stereotype is true. There's no no going anywhere
There's everybody's subject to some idiosyncratic behavior or trait
But the most is that there's a lot of depression anxiety
schizophrenia bipolar, you know all that type of stuff.
Coalescence in the hacking world fairly
Regularly I said that stereotype I would say is pretty true about everybody I know and autism is like super super big like that
It's an in joke
Within a lot of us,
the more autism you're showing,
like the better you are,
type thing, the Asperger's,
you know, just focused and just super meticulous
and everything,
it's a quality that I see as a superpower in a lot of ways,
you know, when it comes down to it.
Interesting. Interesting. So, alright, so let's move past the AOL stuff. What, what started coming
next? So I started doing the web page defacement type stuff in parallel. I said the keyword defacement
was one thing, but I was, you know, watch
television and there'd be an ad for a car dealership or something, and then I would just go
type it on my computer, and then I would just hack the car dealership, or whenever I'd
see any sort of indicator. So it wasn't very prescriptive about which targets I was doing to see if I could do it.
But eventually, after doing a lot of those types of defacements, like...
What would you do to a car dealership?
Oh, there was a Honda dealership called Empire Honda and I had posted a picture of Christina
Aguilera on the site and I said that I'd demand that they
give me a Honda so I could drive around with Christina Aguilera.
So I just held there at their webpage hostage because I had a crush.
But things like that, just to where anybody else that would go to the website would see,
you know, but I'd put up there.
Okay, so let's dissect this.
So you put an image up on the homepage of Christine and Aguilara.
Yeah.
What, I mean, where does the reaction come from?
Oh, I don't even know what the, I would love to see what people's faces would look like
when they saw that or when the people that, uh, that, yeah, that own the website.
Would you be the one to take it down?
What do you mean?
Like eventually would you just be like,
all right, fine.
No, I would leave it up until they fixed it.
So just do it, then drop the mic and I'm out.
Sure, somebody's gonna notice eventually.
Yeah, but it was just funny things like that.
And I was, did I had infected my high school pretty well.
And it was eventually part of what I got investigated for.
But I hacked every school district in Colorado.
Like I had all there, anything that was internet facing
or in an appropriate, either defaced
or I had some sort of foot hold in
because I could bounce my connections through them,
all kinds of stuff.
But I had kind of, after just doing the company stuff
for a while, but the government, the dot govs and dot mills,
were the, that's the top level domain for government
and the military sites.
And that was the progression against given addicts,
more and these were just shinier targets
than card dealerships and stuff.
So I...
So pride started getting in the way.
Yeah, it's...
Well, in the challenge, like, can I, you know, I'm just a dorky high school
kid. Can I break into, you know, the military's these websites.
And I was part of a group called Global Hell that famously, you know, we hack like White House.gov and Army.mil and we, I don't know, we looked
at it that, you know, people were like, well, why'd you hack this where you're looking
for UFOs or nuclear secrets, right?
Like that.
And it wasn't really like that.
Everything that I was doing was just, whoa, let's backtrack for a minute here. So I think we're going into, we're going into
when you defaced all of the .gov.mil big government agency websites. Right. So let's go down the list.
Okay. I know this is what I have. You defaced NASA's Goddard Spaceflight
Center website, a cartoon of a hooktacker, a hooded hacker, a piece symbol, and a warning
of website security holes. Did you also hack the FFA or FAA DCAA NATO Colorado Springs Police
Department, Texas Department of Public Safety, Honda, Nissan,
and AT&T.
Yeah.
Am I missing anything?
I'm sure you are, but it was a, it was a crime spree at that point.
Yeah, again, it's done great things for me, obviously.
This is, it's a fantastic resume to have, but in retrospect, that again, it was the juice worth the
squeeze.
How old were you when you're hacking these?
17, 16, 17.
16 years old in your hack and nassam.
Yeah.
What?
But was the juice worth the squeeze? I mean, the consequences weren't really that bad.
I didn't do it prison time and they didn't keep the computer away from me or anything.
What was really telling about it was my investigation.
I had seven different agencies investigating me at the same time.
And I wasn't really careful about, I wasn't deleting logs.
I was really up for, I figured, the more transparent I was about the crime I was doing,
and whether or not that worked in my favor is debatable.
But I knew specifically how to keep myself out of it.
If I would have done it under a different handle,
there's things that I did under different handles that,
but everything I did here,
I was pretty much looking to get caught in some senses.
And I'm a minor, I'm not, what are they gonna do to me?
So that's the attitude that I have.
But that I think about it now says an adult
on the other side of stuff.
And I just, I don't even know how many days I ruined,
people chewed out by their boss or people got fired.
I'm sure it was,
for not very, very fun.
But the things.
Well, I mean, you did expose a vulnerability.
Yeah, and this was, so this is a turn to the millennium.
And I was really, you know, I've always been insanely patriotic.
I love my country, fear my government type kind of guy.
And that it was sort of, I just saw the way
that the winds were blowing.
And that if somebody with some high school
kid with free time on his hand is sitting there and just doing this massacre of all these
government websites and huge companies, that that doesn't, if I was a concerted, you
know, state actor, and I wanted to get persistence in these machines, or I really cared about
doing more than instead of being loud about it and defacing the front pages if I wanted to get in there secretly
and stay there secretly.
That would have been very, very easy for me to do.
So as a kid with free time on his hands able to do this, imagine if you were paying me
quarter million dollars a year to do this type of thing and do it
nefariously. Like I just, that that's the logic I had walking
into it is like, you know, why aren't, why isn't people
fixing it? Because I could, I would email, you know, web
masters and I'd be like, Hey, this is wrong. Like, you need to
fix this, nothing. But the moment you break it, like then
all of a sudden, it's a sudden it's a rush to fix it.
So that was the onus for a lot of what I was doing is just to raise this awareness that
this illusory power structure that exists that you think is all impenetrable is being
defeated by.
So you actually had a positive motive?
You're 100%.
Yeah, yeah. being defeated by. So you actually had a positive motive? You're 100%.
Yeah, yeah.
I mean, but again, as I said, the means by which I accomplished these goals,
probably considered criminal or black hat, but yeah, it's,
so I'm on record and I've quoted that since then, it was more,
just like, it was absurd to me that you have companies with all this money
or governments with all these resources weren't paying attention to this type of stuff.
Now, it's even more of a death sentence than it was.
There's just so much that's hinging on technology.
Let's walk through the beginning then.
Just walk me through step by step.
You started to see the way the winds were turning. And all these
agencies were extremely vulnerable to being hacked. So what got them on your radar just
at the very beginning, you were just up in the anti-sync, if you could do it, then you
realized, oh, this is atrocious. Yeah, that hacking a car dealership,
a local car dealership,
and holding the ransom for a Christine Aguilera
or something is one thing.
But then, yeah, being able to do these types of things
to government websites is totally different.
But you realize it's the same, in a sense,
that the amount of protection that that car dealership has it's the same, like, in a sense, that the amount of protection
that that carduorship has is almost the same amount of protection that this has.
So there's an asymmetrical value to, you know, where you would think the people would be
paying attention to.
But again, it was the same type of thing, like, it was just, as as a hip hop fan, you know, there's elements of hip hop
or like, you know, turntableism, break dancing, I'm seeing graffiti was always considered an
element of hip hop. And so I, the first ticket I got, like I said, was spray painting. And
so it was just the same type of behavior, except using the internet as a medium for
my graffiti.
And so yeah, whatever manifesto I had about the state of security or whatever dumb thing
I was ranting about at the time, it was called hacktivism was the kind of term that it
emerged is that whatever political message you're trying to send or, you know, trying to drive
Traffic to a cause like that's but my evangelization of security was more, you know, hey look, I'm
A dumb kid and I'm packing this stuff. So, you know, what are you gonna do about it? What was the first website that you hacked government wise?
The first one I
Oh, I don't remember. Because the one that say it was the
the three that NASA and the defense contracts agency, defense contract audit agency and
the F the Federal Aviation Administration were the we're all done in the same, I think it was November 23rd, 1999.
Oh man, you remember the exact day.
Yeah, I'm pretty sure, I might get skill checked,
nerd sniped, but that was like what caught
the attention of mainstream media.
Yeah, this one every worker, right?
Yeah, it was on wired CNN Fox.
It got pretty big traction.
Yeah, but that's the one I know,
because I've said I was doing local government stuff.
I had done the thing that was crazy
that I found out later was that the police department systems that I hacked actually
like if I would have traversed the network, I would have been able to pull up like access, like the, is it the NCIS? I think it is the national, like to be able to look at warrants like international
or national warrants and, you know, I could have manipulated like actual police records,
like speeding tickets and that, that the, what, for whatever reason their website was on
the same network that all the rest of that stuff was.
So I didn't find that out until after the fact.
Again, my message, my mission was basically to go in.
Sometimes I would install
some amount of some kind of persistence that way I could get back in, but for the most
part, it was just, I would deface the website and then it would have instructions on how
to fix it, how to remediate what was going on. So, yeah, just trying to remember, I'm
pretty sure that some of that stuff stuff some state government stuff had happened before that
But the NASA one was the one that kind of blew up
But I didn't stop after that. I still kept going how long does it take how long did it take you to hack into NASA?
Not long so the the thing that was
I think people have a
Misconception about what hacking really is.
I think you're just grinding out passwords or anything.
There was an exploit that I was leveraging in a database service that came on, like if
you had a website that was running on a Windows system, there was a MSADC.DLL. It was for data connections, but it was dynamically
labrated, it was accessible from the internet. The problem is the way that it
was configured out of the box is you could send it, shell commands, and
basically issue commands to the box as if you were, you know, sitting there, if
you had an account on the machine, and it would run under the web user permissions.
So I had modified a lot of people when they were using this way of defacing.
All they were doing is they would echo a text string to the index page of the website.
So you would just get this black and white screen that said Sean Ryan was here type thing.
The way I did it was I was, I would basically manifest network shares on the machine that
I could connect to and then I could do, I had full direct access.
And so it was basically more robust than what was originally designed, like the proof
of concept type thing.
So it was, next point somebody else,
this guy Rainforest Puppy had developed and found,
and then I just kind of did my own little spin onto it.
But it was really easy,
because you could just grind out sites.
And if you saw that this library existed
on the website you were investigating, then you knew it was probably vulnerable.
So I would write grinders that would take
like Sean Ryan Show.com, visualinsleet.com,
that are all these different websites.
And then I could just plug in and see,
is this file present?
Is it not present?
Type things.
So it was carpet bombing the internet. If I saw one not present, you know, type things. So it was carpet bombing the internet.
So if I saw one that I, you know, if I was more focused on something, then it was easy
for me to just kind of go in there and look, but I was just loading up domain lists, anything
that ended in .gov, you know, .mil, you know, I had a, there was a site called Netcraft
back then that would, it kept a repository of what operating systems and versions and stuff that sites were
running.
And so you would, you can get good DNS intelligence from that and find out, you know, what, not
only top level domains, but subdomains of, of, uh, the, belonging to the government or
the military.
Uh, so there's different ways to do it now through passive DNS scanning and stuff, but
that was how I got
That was how I got the laundry list back then
How many of these how many government organizations that you hack at once?
20 some
A lot. How did you get approached? I mean, well, I got a lot of questions. How did they
approach you when you were on to you? So there was this kid. There was, again, these hacker
groups, we all have these little clicks and shit. We had this one called Sesame Street
hackers. It was a joke on Secure Shell because SSH is a software that you use to log into a machine
securely.
But we had the same initialism, but it was Sesame Street hackers, and there was this kid,
his name was Darkness, and he was 15.
He was a little younger than I was, and he broke into a satellite. And he instead of deleting the logs, he accidentally
deleted everything on the machine, like completely screwed up. And the administrator of that machine
was named Blackdog. And he came into our IRC chat. And he was like, you're all like all of you are, you know,
they're after you, like you don't understand.
He even put this site back up and he had like edited the stuff that we edited.
So he'd read to FaceDar to FaceMint, but he said they know all about you and he knew
way too much for it to be a
troll.
Because sometimes, obviously, we'd be messing with each other.
But this guy was 100% for real.
Logs on from, you know, you could see the IP address that he'd logged in from and it
was a NASA Gov1 and he just knew way too much information about what was going on. And so he was like, you know,
you should probably contact them before they contact you.
And so I was like, all right, I'll call.
So he gave me the number of...
NASA has an investigative arm called,
oh, oh, YG, the Office of the Inspector General.
I think a lot of government agencies have a similar thing,
but it's like the law enforcement arm of NASA.
And so I called Sheila Brock, I think, was her name.
And yeah, and I just said all the information came out
later.
But the Texas Department of Public Safety was after me, which is, they're Sheriff's Department
because I had hacked them.
There was the FBI.
You hacked the FBI?
Why didn't hacked the FBI, but they
They were obviously they were really investigators. Yeah, there was DCIS
like which I forgot what that stands for defense criminal investigative service
I'm like, I think they handled like DOD stuff
There was now so not so obviously Inspector General
There was the Carlos
Springs Police Department. I know there was seven. Like I then number seared into
my head. And I was the case report file was you. But what I found that it was
nuts because it said after all this stuff, NASA came in. it was two agents sat down at the kitchen table.
You know, we went over everything.
But the interagency coordination,
I mean, I'm sure you know how this stuff works.
Just, I cannot believe that it happened,
but the FBI was supposedly two weeks away
from kicking my door in.
My, the local police department,
they'd been set up across the street
and just monitoring, you know,
my how, when I would go in and out of school and stuff, they were getting ready to kick it in.
Somehow NASA was able to contact all the agencies that were at open cases against me and tell them that was their caller or whatever.
So I never, well, I'm getting my door kicked in, like it was just nice invite them in, have, you know, coffee or whatever,
and we just kind of discussed everything, but they took them in, have, you know, coffee or whatever, and we just kind of discussed everything.
But they took all my computers and, you know, back for forensic
investigation. A lot of that stuff set emerged during the case,
in the case report was just huge. But yeah, all the different
agencies that were investigating me, like each had a little kind
of section in this file, which was insane to me.
There's just like how much manpower had been wasted on little me.
But yeah, said I...
Did you see the news? Did you see the news break?
With all the website defacing before you had these meetings?
Well, I was interviewing with the press, and so that's what I mean.
They had contacted me through.
So the site that mirrored all of the hacks that people were doing called it.
It was a trition.
They're a trition.org.
They still have the mirror there up, but they're password protected.
But they used to kind of keep track
of all of the different defacements that were happening. And so it became this leaderboard
amongst hackers, like who could hack the most stuff? And so the different groups,
and all, but there's a whole just chronicle of every website defacement that has ever happened,
pretty much a tradition was keeping kind of record of that.
And so we would be sending stuff to them,
to make sure that they mirrored it and showed that we had done it.
And so a lot of times media would contact them and say,
like, how can we get in touch with this hacker,
or that hacker, or whatever.
And again, if you're looking for that fame
and that recognition, then it was no brainer.
And a lot of us around that time,
so that we're kind of pointing out the insecurities
and government all shared that same ethos.
And so talking to press was just another way
to getting the word out of what we were doing.
So did you talk to the press before or after?
I talked to the press before I got busted, yeah.
Wouldn't that be cat out of the bag right there?
Well, I said, I didn't really care that I'm 17.
I was like, what's worse, can happen to me type stuff.
And I wasn't thinking about the consequences in that way.
And I'd written an article for Hacker News
too about that, you know, it's like the best time
to do things, obviously, is like when there's no
real repercussions.
And this was before 9'11, so it wasn't,
there wasn't a whole lot of,
and it was apparent what I was doing.
Like I said, I was very open about the way I was getting in,
how I was getting in, what I was doing.
There wasn't much, you know, cland't much clandestine secret behavior going on. I was really upfront about the how and
the why, which I believe saved me in a lot of ways. I didn't do any jail time. I was on
probation for a really long time and I had to pay a shitload of restitution. But other
than that, there wasn't much fallout,
you know, in the sense that it didn't affect my professional career at all. What did, um,
I mean, what does that conversation like when NASA walks into a 17-year-old's home and is
asking you why you hacked their website and defaced it? They had, let's say, this is the wealth of evidence
and they had chat logs.
They're monitoring our chats and they had a list of people
that they were asking me if I knew
and even if I did know them, I said I didn't know them.
I was real cagey.
I'd, about, I, again, anything that I did,
I was taking responsibility for and ready to go down for,
but the conversation was super cordial and they just said they left with all of my hard
drives and equipment and stuff and off for analysis and imaging or whatever they did to
it, but they had most of the evidence, obviously there, you know, in my confession, but, but the most impressive thing was that somehow
they were able to coordinate with all the rest of the agencies, and so I didn't get my
door kicked in seven times, and then I'm like, oh, the computer's already gone, and that's
already got him.
So, that was nice.
Did they fix the problem?
Oh, yeah.
Oh, yeah. Did they need your assistance to fix any of the problem? Oh, yeah. Oh, yeah.
Did they need your assistance to fix any of the problems?
No, and that's something people ask me all the time.
It's like, why didn't the government offer you a job?
And the answer that I actually got was an odd one,
but it made sense at the time.
And it was just that justifying the catch me
if you can type a philosophy.
Can you justify the taxpayers that we now have a criminal overseeing the security of
our systems?
And so, how do you go from being this prolific hacker and then all of the sudden, change
of heart, and now you're working for them type things?
So that was the justification that they use that they never did.
There's some stuff that I had done for the FBI later.
Like, because I have a strict code of no snitching, like, I'll never, like,
go down on my boys.
I mean, even in this day, like, it's something never sits right with me.
And, you know, but like technical type of, uh, consultations, you know,
like, how does this attack work or something like that?
Those are the types of things that I was
about offering to agencies,
part of my community service that I had to work off.
How is this credit card attack work?
How are they finding these numbers
and how, I don't know if you know how that works?
What's going through your head when you have the FBI
and NASA and all these
government websites or just government agencies asking a 17 year old kid. How how does this work?
the
the movie matrix had come out that same year and I
Did it's just those things that are fused into your head, it's just weird, because you
just feel like you're living in a movie in some senses.
That was probably the weirdest takeaway from it, because the reality set in, it's like,
well, you do the crime, do the time type thing, but it was fascinating to me that I can't even imagine the amount of manpower there and
resources it was taking to compile because the stuff that they had, I mean, it's like
a King James Bible, this thick full of all this, you know, I said chat logs and pictures
and images and, you know, things they had already had informants that had flipped on us
and stuff.
So, you know So they had documentation
from other people that they'd already encountered and talked to. One of the leaders of the group,
I don't think he ever got busted. He was a Canadian national. Maybe R. Sampey did hit him up,
but one of my homies missing link, Rackmount, he never got caught. That's part of the reason that the anonymity was super important for a lot of us is that,
you know, again, if you didn't, we didn't know who each other really, really was, you
know, just a face, a name, and we just respected each other's skills.
So you don't know what race somebody is, you don't know what gender they are.
It's just, you're just a name on a computer screen as far as I get. So I guess, I guess where I was going is did it did the incompetence of the government
agencies as far as cybersecurity did that register with you at that age? Oh, yeah. The, but
again, with age comes experience type thing. I understand the defender's dilemma,
some brought that up and we were eating dinner,
but a defender has to be successful against
all points of ingress or an attacker.
Only needs to be successful with one.
It's very, very hard to maintain a decent security posture
with all of the attack service that might be going on.
And some of these systems that I was breaking into
were probably just overlooked on the internet some kind of.
Well, I mean, you had mentioned earlier
that you were sending them emails or messages
or something and saying, hey, there's a hole here.
You guys might want to fix this.
Okay, you don't want to fix it, then I'll expose it. I mean, so you gave them the opportunity
to fix it. Did you did that come up in the interviews? Oh, yeah, yeah, yeah. That's why I said,
my sense, as far as I think most of my contemporaries was really, really lenient,
that pretty much like so the restitution was charged. It was a quarter million dollars,
but it was like that they basically justified it
through the salaries of how much time they wasted,
and how government math is where toothbrushes is $500
and screwdrivers, a billion.
So yeah, there was some kind of gorilla math
that had gone on with how they calculated it.
But the said in looking at it now,
especially just the resources I think
that were available and the types of professionals
that were doing it, I mean, I know knowing now,
like what I, or knowing then what I know now,
is just that, of course, a kid is gonna be able
to do these things.
Like I have all the time in the world.
I'm on the bleeding edge of this stuff that my adversary on the other end may have been
a long time computer user or something like that, but they have no idea of the realm that
I'm operating in type thing.
Each generation that comes after me is going to be better than mine was type stuff.
So I forgive them, but in a sense, these are the stakes you don't want to be playing,
especially today, in this day and age, you want the best and brightest protecting that
type of stuff because just the opportunity costs, well, I mean, anything that would go to the contrary
has catastrophic consequences, and if you not.
I mean, I'm just, I'm just really curious how the conversation,
when you told them, I mean, I don't know if you remember,
I realized this is a very long time ago.
This is a while ago.
But, 24 years, I realized this is a very long time ago. This is a while ago. But, um, 24 years, I guess.
But, uh, yeah, when you, when you tell them, I mean, cause they're, they're sitting
there telling you, hey, you know, all the, adding up the, you know, their guerrilla
math, I know, well, we had to expend this amount of money, you know, because of salaries
and whatever.
I mean, in your response could have been,
well, actually, this issue could have been fixed with zero.
Yeah.
With zero money, had you been on the other end of my message
that you said, you might want to fix this.
Yeah.
You could have done this in an easier way.
And so I'm just curious.
I mean, they have to feel relatively foolish
talking to a 16 year old, 17 year old kid who just broke into NASA's website after giving
them warnings about what you're going to do. I assume I would feel like a fool. Well,
I told you guys to fix this, but you didn't pay attention to your customer service platform,
so I had to hack it to get your attention
because this is a matter of national security.
If the administrator had come to my house,
let's just say, this is just, you know,
a couple of agents that just have all this information
that I'm sure the conversation would have been completely different,
you know, because from the tech side.
But it just blows my mind, because a lot of these, you know, you think that it's the government
and it's got to be secure.
Like there's some sort of inherent, you know, just feeling that you have.
And that I don't know the reasoning
why there could have been a huge patchback log
or maybe that email isn't monitored as closely
or something.
There's a million reasons as to why
that they didn't act upon the messaging that I was giving.
And I said after a period of time,
I was shoot first, ask questions later type guy because that's what it happened
It started out as I was emailing people and like this is fucked up and then they wouldn't respond
Or fix it and then so that's when I just went on the warpath, you know
And then there may have been other agencies that I hacked that would have been more receptive to that type of you know
that I hacked that would have been more receptive to that type of, you know, exchange.
But I just, I had a few of those ones
where no one did anything and so I was like,
all right, you know what?
The best way to fix it is to, you know, break it
because then somebody's gonna see it.
You know, somebody's gonna be like,
oh, okay, you know, just guess for real.
He wasn't just pulling our chain.
And you can imagine that, I mean,
they might get people trying to prank them all the time or fake ransoming them or whatever so I'm seeing is believing so you got to demonstrate
the virus.
Sometimes he out.
Well let's move into your forum, digital gangsters.
So it sounds like this was a very prolific forum. Yeah, a lot. So
there was some other internet forums around that time that I was kind of a part of,
but there was no... there wasn't one that kind of brought together the hacker community that we had fostered during
the A.W.L. days.
So there was a period of time kind of between the A.W.L. heyday and digital gangster.
So in 2005, digital gangster, I'd started it out as a production company.
I was throwing raves because I was DJing and all this stuff. So it started out as this local production company that I was
throwing raves and stuff on earth. The website used to just point to whatever club nights
and things I was throwing, but I'd stop doing that. And so the website was just sitting
defunct. I had nothing point into it.
And there was a couple of the forums.
There was this one called General Mayhem
that was kind of big.
And it was just kind of, it started out
as a computer gaming kind of forum.
And then there was one called GFY,
stood for GoFund yourself.
And it was an adult oriented for adult webmasters
and stuff for the internet.
So I had this semi-community from the work I'd done
in the adult industry and then the gaming stuff
and then all these people from AOL that didn't have a home.
And so that's when I started digital gangster
and then all the kind of the elder statesmen who were
Already quit hacking a well elder statesmen meaning like, you know
2324 year old type
You know came to the forum and the current kind of a well hacking scene was more shifted to aim and then they had joined and then I had
the internet marketing people join and some gaming
people join.
And it just started a snowballing game traction.
We were hugely active on kind of just the more that data sharing collaborative, like tech
to tech to techniques and procedures that will be useful
against places. I think one of the first things that we did was we created a bunch of fake
coupons that would say like thank you for being an e-trade investor, you know, take this
coupon into McDonald's to get a free extra value meal. And we just make them look like super, super legit.
And so people were always taking videos.
And then this is before social media was really prevalent.
But yeah, using these coupons at places
like getting free pizzas and free McDonald's and Taco Bell,
I had a guy that works for me now
that had no idea that that was us that had started guy that works for me now that had no idea
that that was us that had started doing that
and he was like, you I fed myself for like a whole year
like with this shit.
And it got to the point where these stores were putting up,
you know, do not accept these coupons type thing
but it was all this disruptive kind of bullshit
that we were doing.
But there was a guy, Camo, Cam Zero, and
he had hacked into Parasilton's sidekick. Sidekick was a phone before the iPhone that had
like a full keyboard, and it was sort of the phone of the stars before the iPhone became
big, but her password was
her dog's name was Tinkerbell.
And the thing was, is that that address book was just full of celebrities and then a bunch
of images on it.
And so that hack had happened and that kind of brought...
That came from your forum.
That came from my forum, yeah. And so then my forum got known for doing just things like that.
So hold on, so what did you guys do with the information?
We posted it, like we just shared it.
So I mean,
so we had all these celebrities, names, addresses,
phone numbers.
Yeah, emails, yeah, and then there's private pictures.
And I said, in retrospect, it became a huge
sensitive thing, especially recently, I don't know if you remember the fapening, like
when people had their, they were getting their eye clouds hacked and celebrities had their
sex taste posted. And was that you guys? That wasn't us. But that's, but by that, these
are the things I think about it now. And it's like that's a, it is a serious invasion of privacy type thing
Like I totally see the wrong in it and whether or not people or media figures or not
It doesn't necessarily give you the right to be posting stuff. So of course regrettable behavior
You know, but at the time it was juicy and, you know, the media was just all around it and
so did that break the new cycle too? Oh yeah, yeah, that totally did. And tangentially, like,
that's the thing is funny is that on the on the porn side of things, like one of my buddies is the
dude who brokered, because remember her sex tape is like kind of what launched that, I mean, theoretically, by butterfly effect, it launched Kim Kardashian's career in some
senses. But that, yeah, that that was, there was an entire, you know, deal being brokered
between like Rick Solomon and Paracelton and this porn company that basically released
the sex tape for, to buy it. So all of this press, I think, was in a way it was good, but at the same time the methodology
is, you know, for what we had done with it.
I don't, it's not something I would condone, you know, now or whatever.
And, but that's kind of what our board was doing for a while.
As my space was really huge. And so we'd hacked Tom's
my space who was the founder. He was everyone's friend. And we'd hacked his website and we
directed a bunch of people, the digital gangster. We hacked he let the keyless my space. And
she was like the starlit. This is all ancient internet history stuff. How much of this
stuff hit the news cycle?
Quite a bit of it.
Yeah.
We're going to put it all up here.
And that's where it really started to snowball, because then members would come in
that were to fresh blood.
They did heard about this hack that had happened.
So everybody wants to be a part of this.
Exactly.
Yeah.
And so you had these, but the thing that was funny is that people would come in and then
just like any club, there'd be just insane amounts of hazing that would happen because
you'd get all these newcomers.
And then it would be everyone who was sort of veterans on the board, it would be there.
It would be their job to kind of weed out and find, you know, who's just, who's a
poser, who's just here, who's trolling like whatever, and would just run these people
through psychological torture practically.
And then anyone who on up staying, you know, made the grade.
And then they would be the person that would make fun of the next batch of people that would
come in.
So it's just revolving door of just idiots, but what's cool is
then people would come and maybe like, how did you do this? Like, what was, you know, what was the
method? And they really be curious. And then we would, you know, mentally mentor these people
and teach them, you know, exactly what we're doing and how it worked. And that, since some people
would stick with it, some people wouldn't.
But that was what was most awesome is that you basically had this pipeline of fresh talent
at all times, and people were just really curious about what was really going on.
Is the digital gangster form still in existence?
It is not anymore.
I took it off line a while ago.
There's remnants of it.
There's a lot of stuff that was posted there.
I mean, I still have backups of it,
but successfully taking off the internet,
like Ryan, even I'm sure,
has a lot of embarrassing things on there
that shouldn't see the light of day.
There's, so, for like what?
Who knows?
Help me out here.
What would be on a hacker forum
that you wouldn't want to see the life by today?
Just this humiliating.
Maybe not humiliating, but you know, just,
we're very, like self-nitching on, you know,
very public about the types of things
that we were doing and engaging in,
just the behavior and self-incriminating.
Self-incriminating, yeah, very much.
And there's some people may not want that out.
Like I said, I don't care personally, but the other thing is too, is that all the private
messages that were sent between people and stuff in the forum, I'm sure I have a copy
of, there's ones that we got, when we got HACTIQ few times, there's dumps that exist
of all the stuff to so it's not like it's completely out of the
the record but yeah, just I
Just felt like it when I sunset it. I sunset it. It wasn't
Big but in its prime. What is the most amount of users you had on there? Oh millions? It was millions
Yeah, yeah, it was a sense of hackers
Well, just the
user base was probably like in the hundred thousands, like, but the page views were just astronomical,
because we had really good page ranking on Google and stuff. So people would type in, you know,
anything, and they'd wind up finding their way to the site. But yeah, I mean, like in any given
moment, yeah, there might be a million people active on the site. It was, I mean, like at any given moment, yeah, there might be a million people
active on the site. It was insane. The one, the big one that actually happened was when
Miley Cyrus's email got hacked and she was still like a teenager, but it got, it was,
there wasn't any like naked pictures or anything like that, but they were just like silly because she was still Disney kind of person
There was one the hacker on my forum who
Had released those pictures and that made it on to like Nancy Grace and it was just funny because
You ever noticed in the news that if there's a story that you happen to know like kind of what really happened
news that if there's a story that you happen to know, like kind of what really happened, none of it matches, the narrative matches.
But you read another article about something you have no idea about.
You're like, oh, okay.
Like it's this weird cognitive dissonance.
And there's so much stuff that got published about us that was completely false.
But it's like what's in the news.
And then, you know, again, if you don't apply that same heuristic analysis to other articles that you read about in the news,
so it trains your brain to think like that,
where there's a disconnect between what's reported
and what's really, really happening.
So I tend to look at news through different lens that way.
But yeah, with respect to the Miley Cyrus one
was probably what got us the most
traffic and and traction
But there was a set a series that that formed had just a ton of different stuff that was attributed to members on it
Barack Obama's Twitter got hacked and
What yeah, it by homie
That came from digital gangster still.
Yeah, so you can look it up.
But the fuck?
It's stupid as they...
Okay, so the guy, he had access to Twitter admin panel and he said he...
I think it was, I was a guy, Mark Sanchez or something, he was a reporter.
But Barack Obama, so remember I said that there
was this amalgamation of hackers, internet marketers, and gamers that were kind of formed
the core group. So the bleed in our skill sets started to become apparent because we had
this section of the forum that was called Y-Work.
It was, well, Margorp, which is program backwards in Y-Work, and those were actually AOL chatrooms that existed back on AOL days that I had had a sub-form that was just named after those,
and it was for business talk. And, you know, things, I said, if you're doing internet marketing or
anything like that, it was like kind of the forum, for that. But when they took control of Barack Obama's Twitter account,
they were tweeting out gas card affiliate links.
Like, so it's just like the,
it's just too stupid to think about,
because how are you gonna get paid?
They have to know who you are,
because that's where they send the checks.
But he was like, hey, yeah, Barack Obama was like,
get your free gas card here at this link.
And dude, just.
So you had that on Barack Obama's Twitter.
Yeah, on Barack Obama's Twitter.
I said, you can, I said, there is news articles
about that that happened.
But, you know, and then just hold on, hold on.
So what? Just delve it down for me, explain you know, and then just hold on, hold on. So what just
debut down for me, explain to me, why of all the things you could have put on Barack Obama's Twitter account, why was it free gas cards?
I don't like the F as GMZ was a dude, you have to ask him like what was
thinking? Because there was well, as I said, like, what, who's thinking? Because they're with, well, that's just the other ones.
They were just like tweeting out like homophobic slurs.
Like there's no, that's,
that some of this stuff is financially motivated, obviously.
Some of it's just motivated, what we call for the lulls,
it's just, you know, for the hell of it.
Like you're just doing things just to do it.
And, but yeah, the gas card thing, it just was just funny
because it's an affiliate link,
so you're supposed to get money off of it,
but they're gonna bust you,
because it's like, what other,
you're totally tying it to yourself.
This is not, just moments,
not everybody's completely brilliant in these arts,
but a lot of times, everything was just kind of done for fun.
Like, it wasn't really, it wasn't a monetary gain
for a lot of those things.
They just get us.
And Nancy Grace and that crowd thought
that we were a girl, a paparazzi site,
that we were just, that was what we specialized in,
is just outing celebrities.
But that was only really like a small subset
of the types of things that we were really doing.
What are some other things you were doing in there?
What's I said that we had just this factory of like mentors, mentees, type stuff. Ryan was a...
He was an administrator on that forum eventually, but you know he had come and he was really young at the time.
He's younger than most of the people that were there.
And he just kind of took to a lot of the internet marketing stuff and learned how that game worked.
And he said he applied it to his rehab centers and everything.
It's just the school there is that we just had ways
of making money on the internet
and how do you take advantage of the systems
that existed and maximize the amount of profit
that you can get them.
And at this time, I was kind of one foot in
and one foot out of the porn sites.
I'd still getting mailbox money from it,
but I was focused more on like diet pills,
like Garcinia diet and a sidey berry stuff.
And like business opportunity leads,
like people that, you know,
how to make money from home type stuff.
There's all these plethora programs out there that like,
you know, again, you just kind of find out
what converts with your traffic and
you'd focus on on those
no, those verticals
but yeah, it was mainly I said a training ground teaching people how to program teaching people how to
How to hack teaching people how to mark it on the internet and stuff because a lot of us
teaching people how to market on the internet and stuff, because a lot of us, again, saw the value,
and you get some fresh eyes on it,
and then all of a sudden, they're coming up
with new methods and stuff,
and it becomes this cool collaborative community
where everyone's sharing things.
And so a lot of that,
the illegal activity was sort of inconsequential to the actual mission or what was actually going
on in the forum.
Like one of the crazy things, I think Ryan had spoke about it, the Bitcoin drive by malware
that he had.
There was like infecting, it was affecting systems.
Yeah, he had mentioned that you were in the hotel room.
Yeah.
And saw the actual amount of money.
Yeah, it was ridiculous. you were in the hotel room. They saw the actual amount of money.
Yeah, it was ridiculous.
I remember the computer that he had on his wall
that was naked.
That was a very intelligent, that's what I'm saying.
It's like he had this really cool way of spinning.
You had all these different components, these pieces,
but to put them all together
and to create an operation like he did was
one of a kind. And
yeah, it was
it was millions of dollars in those days like of just
yeah, Bitcoin and he exited his position. He didn't
I said he might still have a little bit, but as far as I know like all that
I remember
like when he got rid of it.
But he, if he, if he would have sold it now, like, or even at the all time high type thing,
it was 10X or 20X than what it was, what it was then.
I don't think he has any regrets about it because it was still like a good chunk, but,
uh, but yeah, that was just such a insane coup de gras, like the way that he had done, because
he was using pretty much to set each element, the driving internet traffic to things and
having this malware on.
So he used all of those elements that looked pretty much what Jidolganister represented and
he packaged them and he wound up making like a good amount of money off of it.
Did you have a lot of what do you call them, users in the forum?
Members?
Oh yeah, members, yeah, yeah, of course.
Did you have a lot of people in there that impressed you?
I mean, it sounds like Dad Hack that Ryan did impressed you.
Oh, yeah.
Of course, constantly, and there is one of my friends,
glue bag, we all have dumb names, real names Nate,
but glue, he had come on,
there was another four member that played World of Warcraft
with him, and he, and so my other friend told him,
like, hey, you should join this board or whatever. And he was just a teenager from Ohio, never
coded anything in his life type stuff. And we used to have this, it was called Adopt
a Noob program, like where, you know, you'd be designated like mentor for you know someone
depending on what they wanted to learn and
So glue really wanted to learn how to program and
So he I think he was under this dude audio and
within three months he'd already blown past
three months, he'd already blown past kind of what audio had been teaching him. And he started doing a lot of the affiliate stuff.
We had a porn program that was kind of like I didn't really get any cuts of it,
but it was a good friend of mine and it's other dude that I just sort of let them advertise
and have this what do you call it.
Like they're kind of their support form was sort of on my board.
But glue just started writing all of the software for the spammers and stuff that would do all this,
you know, hosting, posting, messaging type. And he was just giving this program as a way for free
for a while. And then another one of my buddies, like picked up on it and was like, dude, this stuff is a solid gold.
Like, we need to package it up and market it and, you know,
just do it with my program exclusively.
And to this day, like, he's one of the most insane programmers
on planet earth, like hands down.
Yeah.
And he, the stuff that he did just,
like, because I had worked really closely with them,
because he basically kind of worked for me,
like he was under me, like in this organizational structure,
but the stuff I learned from him, even,
and I said, I've been coding my whole life,
and you know, and he's what?
Like 10 years younger than me,
or a little bit more than that,
and just mind blowing, like the stuff that this dude come up with and just the ideas
You would have and it was fun because he would invent he would think he invented something and then I'd be like actually
This is like a huge problem in computer science that is existed or you know
This is a really cool solution for it or you know, he would just self-discover
You know, it's like learning how to make fire, you know,
everybody knows how to do it now,
but imagine like inventing like your own way to make fire
and stuff and that's the type of person that
we would just somewhat attract.
And yeah, some of the, like just some of the people
on there is just to this day,
it's just surprising and press me.
There's one of the guys who's like super big in the bug bounty scene now is, like,
say world class, but yeah, he came from the forum and just said a lot of business.
It's just, I don't know, I'm just really proud of everybody, you know, said Ryan being
another shining example of that, that there's a lot of people that took everything
that they learned there and applied it correctly,
you know, in some way that brought fame and fortune
and all sorts of stuff.
But can you explain Ryan's hack
into the end of the cryptocurrency stuff?
Yeah, it was just that, so the way to Bitcoin mining
has to do with,
if you think about your computer just doing
solving Sidoku's or something,
I don't wanna try to draw the best analogy for it,
but there's a, well, I'll just, I'll
do the technical.
So there's a cryptographic hash.
So there's functions that exist in mathematics and cryptography where you input something
into the function and then you get something out, but there isn't a way to get it back.
It's not bi-directional, it's unidirectional.
So you insert this garbage and you get this garbage out.
Even if you alter this data, very, very little, change a bit, like just change a letter,
any of that stuff, the output of this function is going to be drastically different than what
went in.
So there's even small perturbations in the input of the function
released to drastically insane output of a function.
And so one of the ways that,
the way that Bitcoin is mined,
like how you get the,
how you get allocated Bitcoin off of the network
is that depending on the difficulty,
you have
to find an input that combines the transactions as well as a nonsense value and you input
it into this function and you want to get a ton of zeros at the beginning of this output.
The more zeros, the less difficult, but that it's very, very hard because it's not deterministic
like what you're going to put in here and get out the other end.
And so that's the proof of work that how Bitcoin works is basically, unless you found a
way to hack mathematics itself, the way the function operates, you need to go through
this process manually.
Like it just has to be done.
You have to do an exhaustive search of,
give me random number versus this block,
and then you get out this output.
And so there's these pools that exist
that for mining Bitcoin,
where it's shared work of a bunch of people.
So we could each be mining
Bitcoin and so we're both solving Sidoku's our computers are doing like a percentage of the work that everybody else is doing
But let's say you and I are in a group of a hundred people and we've all contributed a certain amount of
Computing time towards this effort
but instead of the guy that mined it, actually
getting all of that money, it goes to the pool and then we all share it as piece of,
you know, kind of a portion to the amount of work that we did.
So even though you weren't successful in finding that, you would still put in, you know,
X amount of computer hours or whatever.
So you should get, you know, your piece of the pie as it fits with the entire pool.
What Ryan was doing was basically the kind of the Penny jar
type analogy thing was like one for you, one for me,
where he was mining, the,
they were mining Bitcoin for themselves,
but then they would also be doing work for his pool.
He's taking a slice of all the work that's being done.
Instead of all the computing resources being devoted to your mining operation and what you're
doing, there's a slice of it that's kind of cut out and carved out
for him.
But he had a botnet basically of distributed computers that are all doing this slice.
So while everyone else is doing something individually, like he's got a little piece
of everyone's action.
And it's with that piece of action that when scaled and it goes along, but you could
basically just visit this site.
And that was the thing is that before Java
used to just run in your browser,
like without any types of prompts or anything.
And so it was called a drive by, like where, you know,
again, if you just visited this site,
so I could put this plug in on like one of my porn landers
or I could put it on, I could have a game,
a flash game running
or whatever where you're just playing Tetris
but I have it running in the little corner,
you can't even see it and it's basically
just cooking your processor, making you mind Bitcoin.
So that, but interesting.
That's the, yeah, that's how that operation kind of worked
and this was,
How many computers did this go out to?
I would, hundreds of thousands at least.
Like the way he could see, that's the thing is,
it's where that line is drawn that with that same technology,
he could have done different stuff with,
like he could have taken over people's computers
and downloaded all their banking information, like that that these the access that this virus Trojan
horse would institute would be the same as any other type of malware but that's to say he chose
to use it to micro currency instead of key log you you know and steal all your passwords and stuff
so that it's like the lesser of multiple evils, I guess,
in his case, it is burning some non-tribule amount
of power mining coins for him.
But yeah, the way that he had done it,
it was the nicest way that you could probably get hacked.
It was a very gentlemanly hack, if you will.
Nice. Do you have a
something that you did that was a major payout for you? Similar to that? Yeah, but
well not similar to that, but in the same, a lot of what I was able to take advantage of
in with the marriage of hacking knowledge and then also the marketing stuff is
I being able to find exploits in like site account creation and things like that,
in like site account creation and things like that. I had this, I mean, there was a race condition in Google
that I was taking advantage of for a long time
because Google has one of the best anti-spam
filters on the planet.
It's called bot guard.
It's my card, I think is who developed it, but
the amount of work and research that these things have, like botguard is like one of the toughest,
I would say. Technically, it runs its own microcode in a site of JavaScript virtual machine, but
it's a way to detect if people are making automated accounts or just doing, making stupid
actions.
And if you think about the intelligence network that Google has in usage of its site, it's
very easy to identify patterns that exist that are human beings are doing versus ones
that are bots beings are doing versus ones that are bots or bots are doing. And so them and Facebook obviously has a huge network of being able to detect anomalous
behavior, like, you know, what are human beings doing when they're on Facebook as opposed
to an automated program, Google similarly.
But, and so one of the biggest things obviously is account creation. And I had found a way like using the path with like older Android phones,
they had a way to basically make accounts without capture things.
And so, captures just a speed bump in a lot of cases.
You can usually send captures over to Bangladesh.
And you can pay people pennies to fill out
captures and click them and stuff.
So there's not really a huge barrier to account creation and stuff.
All the bot protections, that's usually how it's done, is if it's not done through programmatic
optical character recognition or anything, there's usually a human being that's just getting
paid pennies that's playing it like a video game.
But finding bypasses and things like that
where I could get, I could defeat capture
or there was race conditions like where I could create,
create sub accounts off of like how Tinder,
for instance, if you use a Facebook account
to sign up to Tinder,
similarly, like Google has single sign-on type stuff that you could do, but there's a period
of time before the account gets deleted and detected by a bot guard that you're able to
sign up to sites with that Google single sign-on, and you get a valid token.
And so even though the account eventually dies, you wind up getting spider to count
on a much different services and using those to do whatever. But a lot of, say what was
lucrative for me is just staying ahead of the technologies that people were trying to
institute. Because the cool thing is when they do change something, like the change
of rate limit or they change the way software works, it becomes a new playing field because everybody that knew the method that
was doing it, they're taking advantage of it, then they change something.
Now all of a sudden, all these people can't do it anymore.
Now you're the only one on that site that's able to spam or whatever.
There's big with the dating sites, because obviously the CAM, I'm a girl, like, sign up to my webcam, prove
the 2018, you know, type stuff, worked really well as lucrative.
So those are the types of things that I did finding, like, just idiosyncrasies in the
way that sites operated to either create accounts or if they, how that protocols worked,
you know, what, what, order to things need need to be in what's the timing that they have to be in how do I emulate
a human being is as
accurately as possible so that way that their detections don't work. Yeah
Interesting stuff
We're Bryce. Let's take a break when we come back. We'll get into some of the equipment that you use to hack and
Then we'll get into your your
professional career. Sounds good. You want to kill our Black Friday deal? I've got one
for you. A free Moto G 5G phone from Pure Talk. No gimmicks, no trade in necessary, just
sign up for Pure Talk's unlimited talk, text, and 15
gig data plan for just 35 bucks and get the Moto G 5G phone for free.
But here's the deal, you need to move fast because these phones will be gone by the end
of the month.
So if your current phone is on life support, upgrade for free with PureTalk.
Enjoy two-day battery life, an exceptional quad pixel camera, and a whole lot more.
Just go to puretalk.com slash Ryan
to get this exclusive offer
into select the plan that's right for your family.
Remember, PureTalk gives you America's most dependable 5G
network at half the price,
so make the switch today.
Go to puretalk.com slash Ryan
to claim your free Moto G5G phone
with a qualifying plan. Again, puretalk.com slash Ryan, PureTalk. I want to tell you about a product that personally resonates with me as a former long time dipper in the military and that's black buffalo. You see when I was in the SEAL teams almost everybody in my platoon dipped to back.
I want to tell you about a product that personally resonates with me as a former long time dipper in the military, and that's Black Buffalo. You see, when I was in the
SEAL teams, almost everybody in my platoon dipped tobacco, including myself, but I'm the leader of
my own pack, and I wanted to quit, and that's what I did do. And that is why Black Buffalo,
chewing tobacco alternative, really resonates with me. Black Buffalo is a tobacco alternative that does not contain tobacco leaf or stem.
It's everything you love about dip,
nothing you don't, no compromise.
It's made here in the USA with only the finest ingredients
like specific varieties of edible, green leaves,
food grade ingredients, and comes in classic flavors
like winter green mint, straight peach,
and even blood orange.
Black Buffalo delivers the same experience
as traditional smokeless products.
The Black Buffalo herd never compromises tastes, value,
or quality.
Being part of the Black Buffalo herd is not about following.
It's about charging ahead on a path
to keep and honor the ritual.
If you're a smokeless tobacco user,
get Black Buffalo a try. I'm very confident I'll see you on the ritual. If you're a smokeless tobacco user, get Black Buffalo try. I'm very
confident I'll see you on the trail. Black Buffalo is available for sale online
and in thousands of stores across the country like racetrack here in Tennessee.
Head to blackbuffalo.com to buy or check the store locator to find a retailer near
you. Use code SRS at blackbuffalo.com right now and say 15% off your first order.
Blackbuffalo, no compromise, different leaf, same ritual.
Warning, this product contains nicotine.
Nicotine is an addictive chemical.
Blackbuffalo products are strictly intended for use by current adult 21-plus consumers
of nicotine or tobacco products.
All right, Bryce, we're back from a long lunch break. And so I think we left off,
we were talking about digital gangster,
some of the stuff you and Ryan did together,
dissected his whole cryptocurrency hack,
and we're getting ready to dive into your
professional career. But I know you and Ryan are super close and so
I've actually got them on the line here. Beautiful. Yeah. And uh, so what was it like, Ryan, you on here?
and uh... so what was it like ryan you on here
yeah i'm here
welcome back to the show man
hey
uh...
hey
but uh... we were just talking about how
you found
the forum digital gangster
got it so
uh... back in i guess
i couldn't tell you what year it was but when I was a very young kid, I was
on that.
I'm sure you guys have spoken about it already, but AOL instant message.
Oh, yeah.
There was another way of communication back then called IRC, which, you know, he can go
into detail if he hasn't already about.
It's a monumental part of both him and I's upbringing in this field.
And on A1's, at Messenger, there were group chats
and then individual chats.
And somebody introduced me to Digital Gangster
as a platform for affiliate marketers and hackers.
And I was just getting myself into cyber security
at that time.
Didn't know much about affiliate marketing and found digital gangster.
And I don't know what it was.
Because I didn't know anything about Bryce.
I didn't know anything about the spam game.
Didn't know anything about any of that at the time.
And I just, like I said, don't love with it.
And I learned from everybody there quickly at Bryce.
And I got a loan very quickly and got into marketing.
And using my, I guess, cybersecurity abilities
along with the marketing to automate things.
Am I allowed to conversate because this is.
Yeah, absolutely.
Yeah, yeah.
OK, so Bryce, like, did you already
talk about what we sold back then?
Naked women?
Right, well, I was more on the dating website side, things, but there was a combination
of all of it when I was a very young teenager, and
that was where a lot of the money was made.
But there was other things we worked on to, like, business opportunities, like, rich, quick
time.
Exactly.
Advertisements, they would pay out ridiculous, they would call it like a cost per click or
for a pay, I'm sorry sorry I'm getting a
brain fart. A paper sign up, PPS, and there'd be pay for free sign ups. Did you
already explain all this? Let me ask another question. So me and Ryan had
become pretty good friends in a relative in a very short amount of time. But he is always, so I asked
him about you and he had said that you were one of his mentors. And so when I'm wondering
is, I mean, it sounds like you had millions of people on digital gangster.
At least tens of thousands, tens of thousands of people on digital gangster.
What was it that caught your attention with Ryan
out of all the people that you had on there?
Just really sharp.
And as I said, a lot of his, as I said,
in my space era, he was a bit of a force to be reckoned with.
So there was already some inherent ability
for self-marketing, I think, that Ryan,
again, he wouldn't know this externally.
Like, you'd only know this externally.
Like, it's something I don't know
that if he kind of recognized his own shining type thing,
but obviously just naturally kind of understood everything.
You can kind of tell when people already, they
already have that spark or like what's needed to position somebody in for success. And
so those types of people to try to identify fairly quickly and again, because the more
money you're making with your friends and the collaborative nature of that stuff, it
makes it that much more fun to do.
And I said in Ryan's case, again, he was super young when he was engaging all of us and
then also just had the mind for it.
And that's, I mean, he was eventually an administrator, moderator on the forum where he basically
was able to ban people and make decisions unilaterally for the good of the board.
But yeah, he just started out as like a user.
But you can just tell by people's posts and how they interact and stuff if they happen
to have what it takes.
So it's a great proving ground.
Some people are just shit posters and that's all they do.
Typing, but Ryan definitely took a huge interest
in the holistic picture of how to make money online.
It's like a big thing.
And as I was saying, investigating methods
and trying to figure out ways to outsmart
like these dating companies or any type of place
where you could possibly get your message out,
there's a hacking component
to that where you have to figure out how to defeat things like rate limiting and IP restrictions
and just whatever protections are in place and the less amount of people that can target a platform
successfully, the more money you're going to make because it's basically no one else has the
secret sauce to break into that market.
Interesting. Ryan.
Yeah, and you couldn't have explained that better.
One more thing I just want to cover with you guys.
We already covered up Ryan's crypto hack
that seems to be pretty ingenious.
Famous.
And, uh, end up.
But, Ryan, I'll let you pick.
What, what was one of the, what was one of your favorite,
it sounds like all these hacks happen as a group.
A lot of them.
You guys are working as a collaborative team.
So what was your favorite, what was like the first big,
exciting hack that you were a part of,
with digital gangsters, Ryan?
And then both
you guys can tell the story.
Let me try to think of something that people know about.
Yeah, give me a second to come up with something because I don't know what you guys
already talked about. So that matter just go for it. I think I think I don't know if this
is even called with knowledge. So even better. Which it. And it's celebrity.
And uh, Paris is never mind.
Paris Hilton.
Um, no, not that one.
Oh, no, yeah, it's not a big deal.
Yeah.
I guess I'm lost.
Come on.
I can't do it.
I can't.
You can do it.
No, no, I shouldn't. The audience is dying. I think that the better
thing for me to do is talk about how we would put together methods as he said to bypass
certain restrictions and back in that time, especially in the early days,
there weren't as many restrictions for email.
So you could inbox a lot easier than you can nowadays.
I mean, there was a time in my life,
and I remember most email providers,
not even having a spam or junk folder.
So you could just send literally a million emails,
or you can send out a different
completely different angle. You can send out a hundred thousand text messages with prepaid
syncards. So there was these things back in the day called GSM modems that you would,
you know, I have a little doc for mine and I don't know if Bryce did too but most of us did and we would we would perform not only
these mass email campaigns that was sent billions and billions of emails out with ads from
SAE Weight Loss Berries to you know dating websites you know you name it we were we were
spending the crap out of it and and then that you know progressed into text messages,
which are a felony, you know,
you're not allowed to spam via text.
It's a it's a serious crime.
You're going to prison for it.
And I think there's a specific court.
If there was at that time,
there was a specific court in Virginia.
You'd have to go to for it.
It used to call it spam court back in our time.
Yeah.
And you know, if you got caught for doing something like that, luckily, I didn't.
And we'd have her ended up on that, that, that list.
I didn't.
Yeah.
What is that?
No, I said, I didn't either.
He has tallest blade of grass is the first to get caught by lawnmower type things.
So just, you gotta, you gotta do just enough. What was it? It was the rock. Go, right? Yeah, things. So we got to do just enough.
What was it?
It was the rock.
Right?
Rock so.
Rock so.
Yeah, so luckily we did end up on there.
And there was like a spammer most one in this.
So I guess that was probably my favorite part.
Because not only was it fun to send out a ridiculous amount
of text messages and millions of emails, but not only the process was fun,
but making the money, you know, seeing something digital
that you did, that is an automated process
where you put in your message,
you put in your recipients, you press a button,
and then you just sit back and refresh your screen
and you just see money and you're related.
And you just wait, like, let's say that program
has a net 15 payout.
In 15 days, you're getting paid out.
Some of them had a net one payout.
So you get paid out in one day.
So even if they don't agree with the methods that you're spamming,
you know, like maybe it's against their policies to incentivize
somebody to sign up for a product or it's against their policies
to to to text message spamming. If they have a net one
payout you already got paid out sometimes that number is pretty large. So I'm going to say outside
of the hacking side of things we still were hacking and we still were we still were a collaborative effort
but um you know that I know I I'm really like that that was my main motivator there was making money in this field.
So hacking was a passion for me, but so was marketing and so is making money.
So I would say if you had to ask kind of all of the attacks that we've done,
something that I won't even bring up.
I don't even know what price to hold you.
I hope it's nothing horrible, but you know, that's it.
Definitely spamming and the money that came from it
How about
the first swatting experience
Well, gosh, this is crazy. Um, do you remember this phrase when when I did become a administrator?
You uh, you gave me administrator to the site and
There was this guy which I won't say his name because he
doesn't deserve the attention. Yeah he doesn't deserve the attention.
This guy sucks it. Not just because of not just because of me.
This guy is just over-backed human.
Yeah, in one of his friends as well as horrible human being, if they're watching
this they'll know exactly who they are. They'll be watching. You know that will be.
I hope they are. So back then he makes me a administrator and that gives me the pretty
much of this. It pretty much if not the same abilities that he had. You know, so I could
do anything. I could put a picture of me on the front page of the website. I have the
same permissions that he did. And when
that happened, people got upset, you know, because the same way people get jealous,
nowadays, of things, and become keyboard warriors, that was the same back in the day, but just
maybe a little bit more of a, like a jungle back then. And one of those guys, like I said, named redacted, decided it was
a good idea to use what's called an IT relay service, which is a service that is for people
that have a disability, and you can type into a prompt and you say, what you want the
person on the other end of the phone to hear. So let's say I wanted to call you Sean and I used an IP relay service, I'd say, hey, how you doing, Sean? And then I
would hit enter. And then a man or woman would be on the phone and repeat what I typed
to you through this IP relay service. So this guy used an IP relay service to call the
local police station of where I lived. And each said that there was
bombs strapped to my windows, that there was people tied up in chairs, and I already killed
some of my family members. If anyone came in, they were going to get shot. All kinds of
these horrible stuff, but it was claiming to be me. So what happened was, I remember the
exact number. There was 86 different types of, 86 law enforcement officers, bomb squad snipers, police helicopters,
you name it, they were there. So what happened was they originally they went to the wrong house,
they went to my old address, 10 houses down the street. So they were close, but they had
my own home address, but what happened after that, because at this point, nobody ever heard of what swatting,
no one ever knew what it was.
So one of the officers knew me, and he said, I know Ryan Montgomery, and he brought all
of those officers, the helicopters, everybody to my current address, and then ran down,
you know, just, you know, he ran down to where I was staying at that time. It was like, Ryan, are you okay? He's freaking out. And,
uh, and I have no clue what's going on. I had no indication this was even going to
happen. So, you know, it all ends up being okay. And I didn't, I didn't get hurt. I didn't
get shot. But if you think of, you know, the dangers there, it was not only the first
swathing to ever happen in the state of Pennsylvania, but it was not only the first swadding to ever happen in the state of Pennsylvania
but it was one of the first to happen in the country and I still have the news article on
on my computer
almost are not news article I still have the
uh... news clip
uh... where it says
like in the exact words are
it's like a new incident called swadding and it goes into like explaining what
swadding is and you know how he used an IP relay service
and they talk about what happened and how I got swatted. But the dangers here are what if I did walk
outside and I made the wrong movement, they've never heard of any incident like this before and I
went and grabbed from my arms down or I didn't like, I made any wrong move,
I would have been shot.
Like they were really believing that I had,
you know, people dead in the house,
bombs on the window, I was like, they believed it.
So this person put my life in jeopardy
because I became the administrator of a website.
Holy cow.
There was, what is that?
I was talking about that yesterday. Without me, without me, you know, making
myself sound. And I think people would agree with me here. He got revenge just in a more
non-life, not life with the word for it threatening.
Got this revenge. Yeah, he got his revenge in a non-life threatening way but I
definitely got my revenge. Well what was it?
I don't want to say that but just trust me it was not
it you will never do that again to me. Yeah right on man right on who
off the record are you talking about like when we were prank calling like Lawrence Fishburden and Cameron and all that?
No, and I'm talking about his mom social everything.
His mom social.
Yeah, I'm, no, no, I'm talking about the address book thing.
No, I'm talking about Paris.
It was, yeah.
I was Paris Hill.
Yeah, where'd he, yeah, I already,
I talked about that already.
We're gonna get back to the interview Ryan, but hey man. I appreciate the call and once the last time you guys hung out
A couple months ago. Oh right on yeah, or last month. I guess yet last month cool
Like two months before that and yeah, I'm sorry right after our podcast started to go viral
strong. We met at a conference called Hack Miami and someone hit my car out front which was
not fun but then we see each other month after that and he was performing at an event called
DefCon which is the largest hacking convention in the world.
And it was amazing.
I mean, I don't know if you're in the Nard Corps hip hop,
hopefully you become a fan now.
The name is, you know, he's the best.
He, there is nobody better than in Whitey Cracker
when it comes to Nard Corps.
We're getting ready to dive into that subject right now.
Yeah, thank you.
We're gonna have to get both of you guys in one show
at the same time.
Yeah, yeah.
Oh, that's cool. But all right Ryan. Well, thanks again man and be safe and I'll talk to you soon. Love you dog
Yeah, the that's swatting stuff I had mentioned that some of us would never ever go there
You know something we would never ever go there, you know,
something that we just never, ever do. But the IP relay service that he's
talking about, it was set up for, um, for deaf people to be able to communicate.
It was a service that was run, but you would just, you could instant message
a screen name and then they would call you on their, on the other parties
behalf. And so the trick was, and I said,
it used to be trucking, which is where you'd send
the fire department to somebody's house.
And so you could see, if you're using IP really as a vector,
you'd get on IP really and you'd say,
hey, my phone's inside, I don't have my mobile,
but I have my laptop and I'm still connected to the internet.
And I need to send the fire department
to go all my address or whatever.
So I give them your address and not the real one
or whatever and then the fire department and show up.
But then it became this,
I said the next evolution of that was the swatting stuff
where they make a fanciful story about how you're
murdering your family or like you said making bombs or there's
definitely drug activity over here or something and invariably what will happen is they send
just a million officers over to your house and again they're jumpy you know because they
don't know what they expect in there and so yeah there's been cases obviously since like
it's one of the things that like I said I said, I wouldn't say they originated on digital gangster,
but the first swatting,
I said, his was the first swatting incident in his state.
And there was a lot of that.
There was Sim swapping as another technique
that is kind of, people do it now,
but it's where, if I walk into your wireless provider and I'm like,
I'm Sean Ryan, I lost my phone, I need to set up a new phone with, and I have, and I
know some of your details.
And let's say I've made a fake ID that has, you know, your picture on it or something.
I say, I lost my wallet, here's my library card, like, you know, you're dealing with somebody
that's making, you know, whatever, 15 an hour or whatever.
So what they'll do is they'll swap over the port that number to a different phone.
And this is like where two factor authentication and stuff breaks down a little
bit because if I'm able to take over your phone number, I can, there's a lot of services
now that'll text your password to your phone or you can reset your password as long
as you have that phone.
to your phone or you can reset your password as long as you have that phone. And so I got Sim swapped.
I was at South by Southwest and I was performing.
I think it was in 2011, but this same group, you know, had this is when this attack was
really like kind of in its infancy stages, but they'd taken my, they'd hijacked my phone
and then they went and stole all my domains that I had had. Now people use it a lot more for
to steal crypto wallets and bank details and anything that you can reset via a
phone, but obviously it's very difficult because you have a very short
window, like you're going to notice that your phone's not working, you know, especially if you're
looking at it all the time.
And so that's, but it's really, really hard to get that back while that attack's going
on.
There's a lot that can happen in that short amount of time before you're able to get into
the AT&T store or whatever it is to fix it.
But swatting is a huge problem.
Like, now, again, it was something that was reserved
for your worst enemies, you know, back in the day. But now you'll have kids lose on
Call of Duty or Fortnite or something. Oh, man.
Oh, man.
People. So the police departments are a lot more aware of it. It was funny because I basically,
the police already knew who I was, obviously, because I'd eviscerated every,
the local PD, it's my name, I don't know,
they might have a plaque of me up in every department
or something, but no swatting attempt against me
was ever successful because the police knew that was,
you know, if that was going on,
it was probably a prank call.
Yeah, I got lucky.
Is this SimSwap thing?
Is this still happening all the time?
Oh yeah, yeah, yeah.
It happens all the time.
But as I said, it's a targeted attack.
Like if somebody knows details about you,
your phone number, your nose, your carrier,
and you have something that they need to give from you,
you can just go into a store or whatever.
And I'd be like, I got robbed, I lost everything.
It's just about being convincing.
It's all social engineering,
but you're just taking advantage of the fact that again, this person wants to be helpful. And you're, I'm Sean Ryan,
you know, that's all of this as far as they know. So if I can just, but I can basically just
steal your number. And then depending on what services, usually these attacks are really targeted.
Like, I know a reason that I want to attack you. On my phone, there, notated, like just a bunch. Like, it wouldn't, there's
nothing that would really stop an employee from doing anything, like as far as a compensating
control that's in the system itself, but I just know that in my notes, in my cell carrier,
it's like, do not, you know, I have to bring in two forms of ID, add a store in order
for anybody to do anything with my account.
That's just notated like crazy.
So I haven't had a Sims whopping event a while.
I'm sure if some viewer wants to try and ruin my day, test the security of whatever
cell phone carrier I'm using, then that's fine.
But please don't.
Please don't.
Please don't.
Yeah.
Well, hey, so we pretty much have wrapped up your
black hat or very dark gray hat career, but how I would like to wrap it up before moving into
your professional careers, talk about some of the equipment that you use. Okay. So wherever you want to start. Yeah. So similarly, I said it to think that
Ryan Montgomery popularized this mine doesn't have a lot of the funny antennas on top of it, but
this has been part of my everyday carry since it came out. Mostly what I use it for though is
friends that live in condominiums or apartment buildings that have fobs.
I just copy them so I can break into their houses with permission of course.
The other thing it'll do is it'll also write them.
So usually apartment complexes and cond associations will charge like $30, $100 just to have extras.
But I can just make extras for my friends
and just subvert the whole process.
So it's a good thing.
This is the Prox Mark III.
It's a more of a grown up version of the flipper,
but it deals with near field communication, arphid devices, or chips.
It has Bluetooth power, I think is it.
Is it on here?
Dude, dude, yeah.
So this one, I have the battery attachment
that goes onto it, but you can use this to copy hotel keys.
It'll read passports.
Use it to copy hotel keys. It'll read passports. It can use it pretty much anything.
I said the same fobs,
apartment fobs that the flipper can access,
this access, but this is more of a grown-up version of the flipper.
It just has a lot more functionality and extensibility than the flipper does.
It's not as versatile.
What can that do that the flipper cannot do?
So I don't think,
like for instance, the passport documents and stuff,
I don't think that the flipper can do that.
You may, there may be a plug-in or something
that's some sort of firmware modification,
but as far as I know, it doesn't support that.
But this has pretty much any type of wireless access mechanism.
The ProxMark for a long time, this was the gold standard for all the NFC type.
Said copying, writing, dumping, it all came from this was like the device that most of us hackers used in order to
to do those types of attacks.
But it said it doesn't it lacks the IR capability and stuff that that the flipper has.
I also have the this is a hack RF.
I don't know if I said I don't know if Ryan had the port of pack add on on to it,
but this is just a software to find radio.
Um, I think I have.
Some amount of power I forgot, which firm where I'm running on this one too,
but this interface,
like this, the HackerF itself,
this is kind of an add-on that bolts into it,
and it has another case,
but when you buy the port-a-pack, then you kind of use this case and this interface.
But it does everything from, I said, it can send and receive ADSB,
which is the, I said, airplanes, like when they go by, they have a beacon that they send, obviously,
to tell air traffic control where they are, where they're positioned.
But with a strong enough antenna, you can broadcast
those types of signals as well.
This is a telescopic antenna, but I don't think
you're within the studio.
We're going to have enough juice to do anything interesting
with it.
But this, I said, if you just think of this like an AMFM
radio for all wireless bands
I mean you can actually listen to AM and FM radio on this if you want
but it you could tune to a TV the analog television signals not digital anymore
I guess you could technically if you had a decoder but the
technically if you had a decoder. But the firmware that's in the port-a-pack
is different than the actual,
the SDR software-defined radio itself
is extensible like programmatically through,
like you can use new radio,
you can write custom applications
that basically interface with this SDR
and use it to decode
I said p25 which is a
I said trunk to radio that police and fire and stuff used it's encoded
Pock sag which is a member of the old school pages
Sometimes restaurants use those to keep track of and what where orders are and so this is basically a listening device
It's a listening and a transmitting device.
So it does both.
So what would you transmit?
You could transmit those signals too.
Like I could send a page or message.
I could send, I could, I said,
if I could hook it up to a microphone
and I could transmit, I could do ham radio off of this
if I wanted to.
You need a stronger antenna and more power, obviously.
But yeah, I mean, obviously, but, uh, yeah,
I mean, it's determined. It said, both for listening and for, uh, and for, uh, for transmission.
Um, some of them are bit like the RTLSDR is just built. It's a more of a dongle and it's
built just for receiving, but, uh, the HAKRF is used for both. But anything that goes over the,
that you can't see is all wireless,
like all that technology is facilitated by some version
of the electromagnetic spectrum.
I mean, even infrared is just not visible light,
but it's the same,
it's that same kind of,
and this picks all of that up.
Yeah, it's got a very wide spectrum of frequencies
that I can basically tune to.
This one down here is,
this is a spectrum analyzer,
but, and this is just a battery operated one,
but you can see it's just got like,
I don't know where the camera would be.
But you could tune that to,
like I said, same thing, tune it to a radio, frequency can see where the peaks would be.
But that device is just all in one,
to just monitor frequencies.
So, I mean, for somebody like me that has no idea
what the hell you're actually talking about,
what would you be monitoring with this and why?
Well, let's say you had a wireless protocol
that exists in an off public band,
like the FCC, like in our case,
which is our governing body of federal communications
commission or whatever, they have certain bans
of frequencies that they've allocated for public use.
So like the 900 megahertz band, like 2.4 gigahertz,
five gigahertz, these are the things
that wireless technologies exist on.
But let's say there was a command and control channel
that was happening in some low bandwidth frequency and say like 800 megahertz range or something and I wanted
to attune to that and pull out like the data like what was going over it, analyze what
type of data that was, I could basically tune, whatever the signals
that are going over that frequency.
So if there's, so like if you're doing a site survey
or whatever and you're looking at why,
like is a frequency busy or not,
is there lots of traffic?
Cause in those bands that I was talking about earlier
that are public use, there's a shared by all manners of devices. Like Bluetooth works
over 2.4 gigahertz, but so does wireless, like Wi-Fi. Wi-Fi has, in the States, there's
a centering on the channel one, channel six, channel 11, and the band's kind of overlap, but you could just the band width,
which is the width of the band,
kind of done that down,
and since you're in 20 megahertz,
or 40 megahertz hops,
and you can actually see like,
okay, how much traffic is,
you know, how much signal,
what's the signal noise ratio like on, you know,
this band in and of itself.
So you can pull just signals out there.
I said, it's just like tuning your radios.
The best way I can explain it.
Um, did, did, did, did, I'll shut that off.
The other thing that I think I told you about
is this the phone and my buddy manufacturers.
Oh, sorry.
But yeah, this phone is an oblisk one
It's by an obsidian intelligence group and it's a hardened
Android phone that does it has
Pretty much a lot of functionality to we get within a laptop just but it's in a phone
It can do it runs a version of Linux, well, it runs a planet like a penetration testing version of how to explain that because it is Linux,
but it's designed for tablets and phones. It's called Andrax. And so you would use this in the same way
that you would use Colly Linux.
I don't know if you're familiar with that.
But it's a distribution that's designed specifically
for kind of hacker tasks.
But this also supports software-defined radio.
So it can do some of the similar things
that the flipper and the Proxmark and the Hacker F2,
but it's obviously a little more stripped down version
just because of the phone itself,
but this phone is just available,
like when I go anywhere internationally,
this is what I use to tether my communications through.
It has a static IP address that's associated with it,
so it never changes,
so I always know kind of what
it's like if I want to contact it inbound, I know exactly what it's always going to be. But it
works pretty much everywhere I go. And back, I use it to backhaul data, but it's very, very
locked down version of Android. And it only supports secure communications. So there's no, it's all voice over IP
that there's no regular phone kind of conversation.
It's all done, you know, signal-esque.
There's like 3CX and signal-on stuff on here,
but I just use it.
I said, when I'm overseas and I want to make sure
that I have a secure internet connection
or back all, this is my weapon of choice.
What does the single IP address do for you?
I don't understand that.
Well, a static IP just doesn't change.
So most times, an IP address is dynamic,
which means it'll rotate or anybody can kind of come in
and take the lease and so it's not consistent.
There are services that you can use
that will every time your IP address changes,
it'll automatically map it to a domain.
You'll find these no IP services,
net gear routers even have a version of this
that they offer their customers to where you can get a subdomain
on like, or you can set up a domain
yourself that just knows the point to that. So you can always type in home.shonrionshow.com
and you'd always get your home computer or whatever. The idea behind that is just if you have,
like, I connect to my home network through a VPN, I have a VPN that's set up on my home network.
So if I ever need to access files
or I need to look at what's going on on my computers,
do remote desktop stuff,
I have to log in through there.
But most of the ISPs, like cable providers,
you're gonna have a dynamic IP address,
it's subject to change.
Static IP address, again, stays the same all the time no matter what. So you know what to have a dynamic IP address, it's subject to change. Static IP address, again, stays the same all the time
no matter what, so you know what to expect.
I mean, I could refresh it if I want to,
but that would be something that I would have to initiate
myself.
Otherwise, I get to keep the same one
no matter where I go and what I do.
So running services off it, like I could actually run,
because the way that the internet mapping
service works is you have a name and then that name points to an address the same way your
home address would be. But, you know, again, if you move, then you need to point that name
towards a new address, just like a post office forwarding type thing. But with a static IP
address, it just stays consistent. So it's the same address every time.
And so you don't need to have it associated with a domain
if you don't want to.
So that's just about as close to 100% secure.
Yeah, I can.
Communications as you can get on the civilian market.
I can't make, there's no outlandish claims
that I'll make that it's unhackable or anything,
but just for the sake of brevity, I'll say that the way that this has been stripped down
and built from the ground up, there isn't any, like with Android, a lot of times you'll
have a lot of Google threaded in through there, and depending on how you might feel about Google or whatever,
there's a lot of telemetry that Android phones wound up sending, invariably debugging reasons,
whatever.
Some of it is just advertising tracking that type of stuff, but a lot of that has been
stripped out.
So, there isn't a phone you would use
if you use ability is not what this phone is after.
It's more after security.
And the slider, the way I always explain it is,
if every time you left your house,
you had to unlock seven dead bolts
and then lock them up again
and then you realize you forgot your wallet inside.
Well, then you got to unlock seven dead bolts
and you got to open it.
So you do that enough times it's gonna be a hassle.
So it's all the compromise becomes one dead bolt.
You know, is that secure enough?
I don't know, that's the compromise that you reach.
You know, if you want to have a house door,
you know, block on it.
But with respect to this phone,
it's not for necessarily for
being a social media, running a social media empire, anything like that on, it's completely
locked down. There is no Google Play Store, so you have to side load all the applications
that you want to use explicitly. And so it's designed more with the security first rather
than usability first, which for most consumer devices is a little bit counterintuitive.
But it is for again, I've been using it for a couple of years.
For my rating or whatever, it goes hard. Like I said, I've never had problems with it.
It's been to UAE, been Europe, been to Asia, like all over and said just it works as intended all the time
and I haven't had any problems with it and said the phone itself is hardened to a little degree.
Sometimes you get these things like the, they call them M&Ms you know because they're cronchianning
outside and chewing on inside. This thing tries to be like a job breaker. Just like, right on.
Yeah. You got to suck and suck and suck unless you want something to happen.
These are fun. So this is a, this is an OMG cable and it's designed by my friend Mike
Grover, but he was also a member of Digital Gangster and he had started out in the IT world and sort of came on through to
computer security and introduced to it through digital gangster and he's
become an insane hardware hacker but I have this is an OEM iPhone cable that
you get from Apple itself. I think this one came actually with my AirPods. And then this one is the
OMG cable. And within in this little piece right here, it exists a full computer and full
wireless radio to basically connect to. And it's like winds up being a command and control channel for anything that's plugged into.
So any phone, any computer, this would more, this more works against the computer that it's plugged into.
Not but functionally, it still does all of the same things that an iPhone cable does. So it's still
charged as you can still do data transfer over and everything. It's just that in this little piece right here, there's a ton of system packed
into this little plastic and MPs here that allows you to connect, you can connect to it wirelessly
and then exultrate data, you can take control of any machine that this stuff is. So if I gave this to you and I said, hey, I need to charge my AirPods really quick.
Then, I mean, I can show, I said, I can do it right here.
This is where it's very important to be careful
with,
cause looks can be deceiving.
Oh yeah, this was the,
this said the NSA has a,
I don't know how I should show these to the camera.
This is a...
Yeah, just point the screen towards me.
The NSA was developing utilities like this.
This is one of the data sheets that was in a leak,
but they were charging $20,000 for these cables.
And so now you can just get them as a consumer for 20 or for less than $200.
But the implants, you know, obviously this is the old USB-A,
B connector.
And within that, you basically have this command and Control channel that you're able to access
wirelessly even those plugged into an unassuming system with Apple keyboards
like they charge the same way that the phones do so if this cable is actually in between a keyboard and
between a keyboard and a computer, then it will do all the key logging for you.
It'll take any key that's been pressed into the keyboard
and exaltrated over this channel.
How much range does that have?
How close would you have to be?
Pro, I mean,
it obviously depends about the topology,
the room and stuff as well,
but I mean, I can probably be within just within wireless range.
So as much as, you know, you would think maybe like 50 to 100 feet type stuff with clear
line of sight through a fair day cage or something.
Obviously, there's nothing.
There's certain, but yeah, that's obviously one of the problems as you can see.
So basically in the same house, same house would work.
Yeah, for sure
uh but the
again it functions perfectly as a charger does so you know charging my
AirPods there you can see the orange circle
uh i cooked a couple payloads up i don't know if this is going to be visible.
You can screen record it too and send it.
Oh, I could do that too, yeah.
Didn't don't know.
Wait, let me connect to.
So I just have it named.
I have the table SSID broadcasting is Hotel Wi-Fi.
So it looks inconspicuous.
You wouldn't know that it's anything evil.
If you point that just a little towards me.
Sean Ryan has the best broadcast on the internet.
Holy shit.
Let them know.
And then this right here, I said just loading up a website.
So what it's doing is it's emulating a keyboard the same way as if I was there typing in front of it.
But it's just inconspicuous. It's still charging the AirPods.
It's still charging the AirPods.
With this payload here, we'll open up a website.
The football season is underway and believe podcasts are talking about it. When you went home and went to sleep, Michael Parsons is terrorizing you.
Believe has podcasts covering all 32 professional teams
and many of your favorite college teams too.
And to be only producing 15 points of game,
that's something that is definitely just heartening.
Sidelight to sideline, end zone to end zone.
As a quarterback, I would expect them to be acting like that.
Take the account of the hook.
Quick that on yourself.
Don't put it on your teammates.
Search BLEAV podcasts wherever you listen.
Let's open up.
There you go.
I needed to close the other one first, but yeah.
Easy as pie.
So you just control on that entire computer through?
Through a phone, through a phone.
Through a script that's connected into that cable.
Yes, it just, yeah, it's just,
it's set up the same way a wireless network would be set up and it has a web
interface and again, on engagements and stuff, if you're
testing the security of a company and I somehow am able to leave this plugged in a computer
or whatever and I have an employee that's using it to charge our phone as long as that thing is
plugged into that computer, it's basically like having a USB keyboard attached to that computer.
But...
And you can extract whatever you want as well.
Correct.
I mean, these examples are very low,
like low brow type things that realistically,
what I would do is instead of making the computer
say something is I would have it download.
I could echo into a script that basically, so even airgapped computers,
you know, like in a skiff or, or if they're not connected to a network in any way,
I can still manipulate them until they get on a network. There's a payload in the Elite series
that I don't have in here,
but it can actually do a data exfiltration.
Once I run a payload on the computer,
it can actually do key logging and stuff.
And so I can go back and I can exfiltrate it
through this cable still.
So even if it's an air gap machine,
it's never been on the internet before, I can
basically type in the commands that will allow it to store that data for me and then I can zip it
back out when I need to. So there's a huge risk, you know, because again, these things look
completely benign, but they, this is now in the hands of regular human beings.
You don't need to be in the CIA to get a OMG cable.
You can buy it as long as supplies last.
It's like similar to the flipper,
but they said it's used more as in my line of work
the context is like red team engagements
where we're testing the physical security of a business.
But I mean, you can see that there's applications
in stalking, if you were an enterprising young lad
who was trying to figure something out,
it basically has all that utility,
but don't recommend using it for those types of activities.
Hahahaha.
What else you got? Is that cover it?
I think that covers the toys I got right here.
Man, you know, I keep saying that she got her dangerous.
Everybody, I think that at a certain age or point or whatever, everyone kind of grows
out of the most people do.
They grow out of the bad aspects of it because it's like, the more energy that you dump
into negative things, the more negative energy that you kind of get out of it
And so he become a lot more like I was saying back in the day there be
You know when there be fighting on America online like we're talking about and then turn around and
be fighting on America online, like we're talking about, and then turn around and post their home address and stuff. I can't even think of any situation. I mean, you would have to go
after my daughter or something like that for me to have that type of angst. I mean, I've
seen everything and done everything by this point, but a lot of that sort of, that's what's
dangerous with a lot of hackers is when you have that type of power, your fingertips to be able to do things that really are movie worthy and stuff.
It's the same in your line of work that the moment that you can reasonably do these things,
it's like just the threat of force is just as important as like, you know, not, not acting on.
I like the great power comes great responsibility
type thing. And because the field itself is so lucrative, you know, in computer security,
there's rather than having to look over my shoulder and wondering if I'm going to get arrested
or anything, it's just not really worth it to invest time. And, you know, it doesn't make dollars,
it doesn't make sense, type thing.
So, make sense.
Make sense to me.
Well, let's move into some of your professional career.
Uh-huh.
So, I know you're working for a big tech company,
one of the biggest, one of the world.
And you are developing cyber weapons. That is a very sexy way of putting it, but
the short answer is yes, but not what you would think, I guess. The purpose of these cyber weapons
is actually a prophylactic. Like we're trying to develop cyberweapons
or weaponize these exploits and vulnerabilities
before somebody who's actually bad gets a chance to do it.
But I work mainly in embedded security, device security.
So internet of things is kind of goes to your cameras, your home IP cameras, your thermostats,
smart homes, or you know, everything is smart nowadays. You have toasters that can washing
machines, all that stuff. There's a underpinning, they all share a lot of similar components.
And so, if you find a bug and one thing,
there's a chance that you're going to find a bug
and a lot of different things,
just to see how the implementation is.
So we do vulnerability research based on what we find interesting.
Selfishly, like, look at products that our own company kind of is
using, but keep our ear to the streets on anything else that might be emergent. But the objective
is to try to protect customers from anybody weaponizing this before we do type thing.
And so we have a very, our focus is mainly on what's called zero day vulnerabilities, which
is every day that a vulnerability is known, then it becomes like a one day, two day, three
day, an end day.
But zero day vulnerabilities aren't published, and no one knows about them.
They're completely secret, so it's like discovering a new element or whatever, when you find one
of these things, because you could be the only person in the world that knows that that
vulnerability exists. And so we've found some pretty serious vulnerabilities in software
that is used widely throughout the IoT ecosystem ecosystem and we've developed patches for them.
So not only do we figure out the
weapon, but we figure out how to fix against the weapon as well.
And that's a huge part.
Have you ever seen...
So I get what you're saying. You basically develop the weapon that somebody could utilize against whatever system and then
you develop the whatever you want to call the
antidote.
Yeah, right.
And if you ever seen somebody, if you ever developed a cyber weapon and then seen somebody
else develop the same cyber weapon, but you already have the antidote for it, hasn't
happened yet, like in this case.
As I said, the research and development it takes to emerge some of these is a lot of
time and effort that goes into it.
And my team is all geniuses.
And there's some Venn diagram overlap in people's skill sets and understandings, but
largely it's just a superhero, it's like the Avengers-type stuff that you just, they
surprise and impress me constantly.
But the goal, like I said, the part of the opportunity that we have to work so closely with a lot of
these products is we have maybe some more, some of the stuff is open source.
So as I said, anybody can look at it and pick it apart and go for it.
But how it operates with the rest of the pieces of the system is somewhat important.
And so we have products that obviously share all of these components.
And so we're able to see how they interoperate and then work on something theory-craft.
But we know how they were built, we know how they were constructed.
So there's not much of a need to reverse engineer some pieces of this,
which shortcuts time considerably.
But the two dates, there isn't anything that we have found
that we have noticed was exploited in the wild prior to us discovering it.
That's not to say that it doesn't happen,
we don't have any telemetry on it.
The cool thing is, I know a couple of the findings that we have had
were super significant, affecting hundreds of millions of devices type thing I know a couple of the findings that we have had super-super-super-significant,
affecting like hundreds of millions of devices type thing.
And to be able to front-run that and get our customer safe
and do that is super-super important.
I mean, I use those products in my house.
I eat the dog food, I think most of my team does too.
And I think that's something that is sort of lost on the public at large is that the
people that are actually working on the security for these devices, especially said just
in my wing of the Starship, everyone cares tremendously about privacy, about security,
you know, because we're users of this stuff too,
so we want to see the best product out there.
It's very, very important to all of us.
We take our jobs very, very seriously,
just because I think about my grandma or somebody,
get something happening as a result of a screw-up
that I probably had the ability to fix at one point.
Again, the accountability is there, of a screw up that I probably had the ability to fix at one point.
So again, the accountability is there,
but it's also just the most interesting stuff
just because it really is bleeding edge.
You're finding vulnerabilities and these technologies
that are ubiquitous throughout the consumer space.
Yesterday we talked about, I mean, you've been recruited,
or maybe not recruited, maybe applied, I don't know,
but you found yourself in UAE.
Oh yeah, yeah, yeah.
What were you doing over there?
So the Dubai government, there's a convention called GI Sec,
that they, they had a, it's kind of like
their DEF CON.
They had a CES, like a consumer electronics show that they had a huge security presence
as part of that show and then they spun it off to its own show.
But they have a security focus conference,
but as part of that conference, they run a bug bash.
The government basically invites a partner
with bug bounty programs, and they invite a bunch of us
hackers to go over there, and they give us scopes of systems
to, they were allowed to attack, basically.
And then they pay us bounties based on the severity of the bugs that we find.
But they had us auditing defense contractors and telecoms, like things that are very sensitive
infrastructure.
But giving us permission to basically actively penetration
test these systems and see if we can find bugs.
And they say they pay us out based on the bugs that we find.
But one of the coolest things about, you can tell like how serious their cybersecurity their cyber securities are is, as far as the posture,
the security posture that they wanna take,
it's more advanced I've seen in a lot of other countries
is that they're very forward thinking about,
they know that this is the battleground in the future,
they know what they need to be protecting against
and so the talent that they're flying out
to do these types of things is best of the
best of the best of the world. I mean, I said, I'm like, and you're one of them. Well, like
I said, it's like the NBA. Like, there's a lot of people, some people that warm the bench
in the NBA, they're still better than anybody that played in college. But yeah, I don't
really consider myself like top, top, top, echelon, just self evaluation.
I'll let other people make whatever conclusions they want to.
But yeah, it's a lot of companies now do these types of things and governments.
UAE's, it's very advanced, I would say, just the fanfare behind it and how much they
are really pushing for security over there.
How many other countries have you been involved in with the Red Cell operations?
Uh, 24 or 5, I guess.
5 here in the US? Oh, yeah, yeah, yeah 5 here in the US.
Oh yeah, yeah, yeah, here in the US.
How does our, how do we compare to UAE in what way?
In forward thinking.
So it's getting there, I'll say, that there used to be a very, I don't know how to like cautious attitude, I think,
towards this type of work. But a few years ago, I did a bug bash that was sponsored by the US
Air Force, and then they had a ton of their assets in scope. And they again, they said, I would say the tide is changing,
you know, a lot, a lot more. I think the US government started to kind of get the idea of how
this stuff works. I don't know where they got the inspiration from exactly, but the same types of
groups of people, you know, are also doing, again, it's just mercenary work practically, so you're doing it for, obviously if they're
on OFAC or some terrorist list, then we're not going to work for them, but it's a very,
it's a mercenary is the best way to put it, it's just here to the hacker for hire.
Well, let me put it this way.
How would you grade, is an overall grade. Oh, like the US cybersecurity space, are we a D?
Not to disparage, yeah, but C plus, you know, there's a huge problem that the United States has and we invented the internet.
That's why we have.com and we have.net and everyone other country has.co.uk or whatever.
We're telephone country number one.
You don't have to enter any anywhere numbers.
We're number one on US and Canada, like when you're dialing our phone numbers.
So there's a huge concentration of technology
that, you know, the United States has always been
very, very tech forward.
Say, you know, in recent years,
I think South Korea per capita has the best internet
in the world, and that's largely due to their gaming infrastructure.
They've taken esports seriously
for a really, really long time.
But the, there's a lot more that you can attack
in the United States, if that makes sense,
that there's the systems and the way they're constructed
and how they're constructed.
And there's a website for every division or something
that you just, the attack surface is just very, very large.
And there's a lot more just exposure,
then again, the UAE as an example
has a very small subset of problems
compared to what the United States would have
infrastructure-wise. And I will say, that's something that there are things that authoritarian governments,
which I mean, the UAE would be classified as one, are going to do exceedingly better just because
of the bureaucracy is not as there. So the trade is off. So the trade
off that you have for democracy versus like autocracy is you're going to, you know, some
things need to be decided in committee here and there's just things get lost in the red tape.
But, you know, generally, if something's a problem in an authoritarian government. Like they're going to address it very far down.
But that's that Churchill saying about democracies,
the worst form of government except all the others.
I think he said that that's how I had to feel a lot about this.
That we're victims of our own success in some ways, like, uh,
and empires and how they, they tend to crumble after a little while.
Yeah, I think we might be seeing a little of that happening right now.
But you also did a lot of security in the adult industry, correct?
Oh, yeah. There was a lot of crossover.
I was the head of security for Grindr for a while.
And that was a, it's a gay dating site.
But there's a lot of weird problems that, so Grindr, one of the things about it is it
was designed so that way if you're
If you walked into a bar a straight bar traditionally, then you could it would tell you that there is another
gay man and proximity to you within a certain radius
so the utility of the program all exists in a proximity
sense and all exists in a proximity sense.
And that, as you can imagine,
that comes with certain safety risks as well,
because if I was targeting homosexuals,
I could just do it via that application.
No, I can say like, oh, within 20 feet,
there's a person here.
So there's a huge trade-off in usability
because we would, we developed these geoboxes.
Basically, you know, like the old school maps, how they had like a squares and they'd be
like, oh, Franklin, is it three, five or whatever, or a five?
The same type of, there's an algorithm to box the world out in the same way. And you can change
the resolution up to, you know, you can go down, it's called a geo hash, but you can go
down to inches, you know, same as what I'm macro micro macro. Yeah. And so, but we found
usability wise that whenever we would make this bounding box a little bit too big, the
customers would complain about the usability. Like I can't even use this app because it's not doing what I
Told it to and so it's a very like interesting case study and
What the users want and like what a security person when you would actually recommend in this case because
Tinder had a huge problem with this with
in this case because Tinder had a huge problem with this with stalkers and what's called trilateration like programmatically like if I emulated a phone I can make it so that way my location
is jumping around and so if I am 20 feet from somebody at this point and I'm 15 feet from
at this point and I'm 10 feet from at this point. You're kind of able to zero in on triangulated try. Yeah. Yeah. I think
trilateration is the is the
determined
the nomenclature for that methodology, but
there was a lot of countries that grind or operate it in where those features were completely disabled because it's just illegal to be gay. There was the death penalty,
just for whoever, just for just for being gay,
it's like an insane.
And so in those countries,
we had non-profit organizations that were boots on the ground
that were going kind of promoting different safety,
don't show your face, you know, meet in public places,
just a lot of meat space type protections,
but you had government agencies trying to entrap
users of Grindr by emulating
other gay people on the site and they were talking, so they would
converse with you and then they'd meet you and then they arrest you type
stuff. And so it became this huge human safety issue that was really
intense like because their lives are at stake. And I'm traditional
libertarian guy do what you want. I don't care. Like have fun, you
know, don't like just if have fun, you know, just,
don't, like, just, if it doesn't bother me, you're not infringing on me,
then I don't give a shit what people do with their lives.
And so with that ethos kind of carrying that into
that sphere, it was just nuts,
the real world stakes, I think, you know,
the lives were, you lives were in danger.
And so something that we worked really, really hard to prevent.
But then it was bought out by a Chinese company.
And they released pretty much most of the staff that cared at one point.
And what was nuts, I think I was only kept around for compliance reasons in some senses.
But all of that data technically belonged to the company, the bottom, who, you know,
most agencies or organizations within China are state owned.
And so who knows, I don't know to what extent,
but I mean, they did buy the data,
but I mean, there's a chance that they were looking
for senators, dick picks, and whatever else
they could find in there, and data mining it,
which is high possibility, but there was nothing
I could really do about it, you know,
as far as, you know, for my position,
but I wound up, yeah, they wound up eventually getting rid of me, and then
the US government stepped in and actually forced them to sell to a US company because of
the national security risk.
It was very strange.
It was a little late.
It was a little late.
We like to buy all that data back.
Yeah, yeah, yeah.
Okay.
Chats out of the bag.
Yeah.
So maybe the data is a few years old, but that was one of the weirdest experiences.
What?
Are we being serious here?
We're being serious here.
They bought, they sold the data and then the, and then the US government bought the data
back thinking that they didn't make a copy.
No, the US government basically forced
The company was called Kool-Lun they forced them to sell back to an American based company
It was a forced sale and I said forget there was some act that they had
Okay, let me we can edit this part out
the CFI US the committee on Foreign Investment in the United States, informed Kuhlun that
its ownership of Grindr was a national security risk.
And they didn't, so Kuhlun didn't submit its acquisition of Grindr for review, and so
then they basically unwound the sale, but I said by that time they had access to everything
if they wanted to.
You can imagine the amount of compromise that's in, I mean, there's a lot of people that
are in the closet, you know, until this day that don't admit that they're gay and you
know, they're keeping it on the down low and stuff.
And so, I know that Grindr was frequented by, you know, politicians and celebrities and
stuff that probably wouldn't want that information to be out there.
But yeah, all that data basically,
yeah, to win somewhere that we couldn't control it.
Interesting.
Well, I mean, you know, I'm really curious,
how do you get recruited?
I mean, you're at a very prevalent top tech company.
You currently, you've been an advisor for four to five
foreign governments, including our own.
You, I've worked for, you know, the adult industry,
Grindr app, I mean, these are like,
the adult industry grind or app. I mean, these are like pretty high profile extensive jobs.
I mean, how are you getting recruited to apply to them?
How does this work?
I'm pretty much all inbound.
I mean, you're a high school dropout.
Yeah.
No degree.
It's been arrested for defacing NASA. Yeah.
I mean, how like in these people we're going, we want you to perform red cell operations on our
company, on our government, on our applications on, I mean, what's obviously extremely sensitive
and or classified data.
How does this,
you're asking a black hat hacker
to do penetration testing and red cell operations
on governments, on super high profile tech companies
and
super high profile tech companies. And
what, as I said, I think
that the
maturity level has a lot to do with it.
That, you know, there's a lot of things I did.
Well, I mean, I wouldn't say,
I said, even in my mid 20s or whatever, I probably wasn't, you know,
washing my hands completely clean.
And there's always some thread of whatever.
But that my own moral code and stuff, you know, washing my hands completely clean. And there's always some thread of whatever,
but that my own moral code and stuff,
like I've always been,
people can always rely on me.
And I've always been, you know, very matter of fact.
And I never stabbed anybody in the back.
I have a very good reputation.
And that whole, like I have a tattoo of a green hat
that whole, like I have a tattoo of a green hat on my wrist that me and my buddy got. In China, this means something completely different.
But what, remember we're talking about white hat, black hat, hacker, that we've always been
green hats.
Like we just do it for the money.
I don't care who you are.
It can be, you know, someone been a lot of them caring. You got the money's right. But in realistic terms, like we all
have these codes of honor, you know, that we just don't violate. And, you know, so for that perspective,
the challenge is what's fun, you know, but it's like the same thing is
Oppenheimer, you know, developing this weapon that, you know, again, causes
mass destruction.
It's been something that's huge in the, obviously, it wasn't just him, but, you know,
the, it's in the zeitgeist, so I guess we'll mention it.
But yeah, that, you know, on the one hand, like, here, you're using this weapon to end,
you know, suffering in a war, but at what cost?
You're like, irradiating, you know radiating two cities as a result of it.
So there's always kind of these trade-offs in a sense,
but I've always been really, really trustworthy.
I think it's like one of the things that,
I mean, I'm not calling you a bad person,
you know, by any means.
But if I had your background and I was applying to CIA, I'm not getting that.
No way.
They're not going to give me the clearance.
Yeah.
I'm not going to give me the access.
Like they're just not going to do it, you know, and so what I'm asking, I mean,
you're, you're at that level.
Yeah, but this is the problem.
And I think this is like why,
I mean, there was an article I read a few years ago
about how the FBI was maybe thinking about lowering,
like allowing people that smoked weed
if they were hackers to join.
And that what's crazy is you're going to find a lot more people like me that are willing,
I mean, again, I'm insanely patriotic. I've been around the world. I love this country.
Like, they're still, for all of its faults, like I still haven't been anywhere else that
I'd love more than this place.
So, if I was ever called to cyber battle, or whatever, I know what team I'm associated with.
But would they even take me? That's a great question. I think that that's a misconception that
some people in power probably have is that
that person can be trusted or they're, because of their past, they're not going to be good.
But it's very short-sighted because if anything, the people that are behaving in that way
or know that way, they're thinking adversarily like at all times and so your
mind just works differently and I mean obviously if I'm out smarting government employees as a teenager
you know and then still doing it now like there's a there's said is say something about the system
yeah you know I mean it's just it's it's I mean does it cook so are they recruiting you or you
applying oh I I get I've been recruited for, and I said,
I did my own entrepreneur thing for a really long time
and then said, the grinder thing kind of brought me
out of semi-retirement and it was just so much fun
and then the company I work for now,
it's amazing because the tech I work for now, it's amazing
because the tech I work with this is bleeding edge.
The budgets are insane.
And there's nothing I could do in entrepreneurial space
that would even compare to what the type of things I can do
and have access to and leverage for
with the company I work for now.
So did they recruit you?
They did, because they were having some issues
with account takeovers and stuff
and that's something that I happen to know pretty well
and how did they find you, do you ask?
Well, I mean, I'm pretty well known in the computer security space.
I see this.
So, I mean, it's just, I don't know, just, I don't think there's
very many of you guys out there that, you know, have a, have a completely clean background,
but I mean, just going down the list, I mean, you defaced NASA, the FFA, the DCAA, NATO,
Colorado Springs Police Department, Texas Department of Public
Safety, Honda, Nissan, AT&T, Paris Holt, and Miley Cyrus, digital gangsters for them.
I mean, you've got quite the past.
Stabbed in the neck at 17 for stealing.
You know what I mean?
It's just interesting to me that like, you're the guy we want to run in our cybersecurity.
I agree.
I mean, at the same time,
you're the guy who would run in my cybersecurity.
So it's interesting.
I totally, I don't really get it at all.
My, I said, my hero, I told you before, has been Franklin.
The people like that don't exist so much anymore where you try to be an expert at a bunch
of different disciplines and study different subjects and try to be a student of the world
in some senses.
And you know, I'm not having these multiple lives and multiple careers. So I don't know what I'm going to be doing in some senses. And you know, when I'm having these multiple lives and multiple careers. And so, you know, I don't know what I'm going to be doing in 10 years, you know, if I'm
going to give this type of stuff up.
But everything that I've learned up until now has made me really effective, I mean, especially
from a leadership perspective, I've just seen things, you know, that other people haven't
in the space.
And so the younger people that are coming up now, I say it's a lot less geared.
There's just too many opportunities now to make money at this that aren't criminally related.
That's not to say that it's not happening insanely, especially in other countries.
But that for the most part, there's a path to green now that doesn't require you to
to green now that doesn't require you to hack the government.
And whereas back in the day, I think they're kind of was. So for me, I couldn't have gotten a college degree
in cybersecurity, it just didn't exist.
But now you can pretty much go to a junior college,
any community college now,
they probably have some sort of cybersecurity offering.
And so it's a little bit different, like the school,
you know, there wasn't anything before it.
And now it exists and it's a little bit different, like the school, you know, there wasn't anything before it. And now it exists and it's a profession and stuff.
So I'm just thankful that, yeah, that they look past all that stuff and they notice that
I'm, I mean, well, I'm not a terrible person.
You know, so I mean, they, we talked about this last night, but when, I wish we could just
say the name, but when then, when the tech company, the current one, that
you're around Red Cell operations for the and developing cyber weapons, I mean, they
give you, it sounds like a hell of a deal. Oh, yeah, yeah. You, we haven't even gotten
into your music career yet, but you're still going to other countries. You're going
to all these conventions. You're still have your music, you're music career, and they
allowed you to build your own team, correct?
I build two teams there. How many team members do you have?
Fifteen, I think. 15.
So what are you looking for?
What am I looking for?
When they asked you to build a team, who are you looking for?
A clectic mix.
Because if you get a bunch of people that think exactly like you, then you're not going
to get a sick of fantic.
Yes, men, yes, women that don't offer anything. But the biggest thing that I look for when identifying talent is that when I was discussing
with Ryan, there's a certain shining, like a passion that you can tell when people really,
really care about something as opposed to they're just showing up for a paycheck.
Now that there's anything wrong with people showing up for a paycheck, but that this work
and maybe it's somewhat subjective, but it's very easy to be passionate about this type
of stuff.
I don't know like what your feelings on the military are, but I'm sure you felt a bit
of a calling in some senses and then found out you're good at it and then you're passionate about it.
There's always some parts of jobs that we don't like, but again, I think you're just called
to do something in a sense and that shows in your work. A lot of the reason that I'm allowed
to do all those things and move around and do the music and evangelize across,
travel to different countries and do this stuff
is because as a recruitment tool,
if there's one thing that I've proven consistently,
it's the ability to identify and develop talent.
And that's something that I think a lot of companies
are really interested in.
And as far as my team goes,
it's all super brilliant, super dedicated, super amazing, just awesome,
awesome people.
And when you're able to construct a group like that from the ground up, I've had no
attrition on my team either, which is really awesome.
So yeah, it's important to me to find people, so I don't care what their background is if it's academic or if it's self-taught,
but you have to just show a bit of a love for the game.
Are these all, are a lot of these former colleagues of yours or former friends from digital gangster days or there's a couple that yeah from that
Just there's a few of them that yeah, we're friends prior to this but even the ones that
Some of them were fans of my music
And so new of me, but I didn't know of them
Others were just cold you know coming in and you know because I'm all about
just cold, you know, coming in and, you know, because I'm all about opportunity and, you know, in that sense, like, I don't think that it should be complete nepotism all around.
Nepotism is fun, but not all the time.
But yeah, it's a wide mix, but just being able to identify, and it's a very diverse
group of people to, you know, race's genders, like whatever, it's that so we've been good
on checking those boxes.
But yeah, it's that there's a certain passion
I just can sniff out in people.
And if it's not there, I find out kind of how there's something,
everybody's interested in something.
And so there's a way to kind of always peel and turn computer
security in a way that interesting to people.
And if there was one super power,
some like that that I would say that I have,
that's probably it.
It's just the ability to identify and cultivate talent.
Well, thanks for sharing that.
Thanks.
Let's take a quick break.
And when we come back,
we'll get into some current events.
What you think we need to be concerned about. And then we'll get into some current events what you think we need to be concerned about
and um then we'll get into your music career and that'll be a wrap. Let's do it.
I want to give a big thank you out right now to all the vigilance elite patrons out there that
are watching the show right now. Just want to say thank you guys.
You are our top supporters and you're what makes this show actually happen.
If you're not on vigilance lead patron, I want to tell you a little bit about what's
going on in there.
So we do a little bit of everything.
There's plenty of behind the scenes content from the actual genre and show.
On top of that, basically what I do is I take a lot
of the questions that I get from you guys or the patrons and then I turn them into videos. So we get
right now there's a lot of concern about self-defense, home defense, crimes on the rise,
all throughout the country, actually all throughout the world. And so we talk about everything from
how to prep your home,
how to clear your home, how to get familiar with a firearm,
both rifle and pistol, for beginners and advanced.
We talk about mindset, we talk about defensive driving,
we have an end-of-the-month live chat that I'm on.
At the end of every month where we can talk about whatever topics
you guys have.
It's actually done on Zoom.
You might enjoy it.
Check it out.
And if Zoom's not your thing, or you don't like live chats, like I said, there's a library
of well over 100 videos on where to start with prepping, all the firearm stuff, pretty
much anything you can think of.
It's on there. So anyways go to www.patrion.com
slash vigilance-lead or just go on the link in the description it'll take you right there
and if you don't want to and you just want to continue to watch the show that's fine too.
I appreciate it either way love you all let's get back to the show thank you.
I appreciate it either way, love you all. Let's get back to the show.
Thank you.
All right, Bryce, we're back from another break.
Another break?
I think we're gonna go to seven hours.
That would be insane.
Seven hours, right?
But I wanted to talk to you about some current events,
some stuff that we should be...
some stuff that we should have our attention
on, some stuff we should be concerned about, and hopefully some positive stuff too.
But first thing I've got is US government vulnerabilities when it comes to cybersecurity.
What are some of the top things that you think we need to be concerned about? I think that a lot of the,
what's called, FUD, fear uncertainty and doubt
on if you've ever heard that term before,
it just percolates in the media about our infrastructure,
like power grid and utilities, water purification,
like those types of things,
not necessarily have to do with the government themselves,
but many of the systems that run our infrastructure
are very custom.
There's a gentleman that works for me now
that he formerly worked for this company and their entire mission statement was securing all of this kind of these types of systems, It's insane just the amount of the horror stories that you hear.
Again, everyone's trying their best, but there's so much, the attack service is just so large,
and then some of these systems that are employed to do these, There's a concept called security through obscurity,
and it's something that is always considered not a best practice,
but just by making something hard to decipher or hard to work on,
it technically makes it secure because not as many people know about it,
but on the flip side of that coin,
not enough people will know how to fix it and remediate those problems either. So you wind up in this sort of nebulous area that is very, very hard to nail down like how exactly you improve these types of systems.
But that's kind of where I see, you know, the potential collapse of society in some senses. If, you know, you
were, I, a lot of people don't know how, I mean, I was a Cub scout. Like, I'd still know
how to make a fire with sticks and I know what a hunt food and feel a dress, you know,
just how to skin a deer, you know, those types of skin, I think, thanks dad. But a lot of times, I think a lot of people would just not know what to do with themselves
if there was a power outage that lasted.
It's very funny you mention this because I had an entire interview on the subject, on
the power grid. And that, I mean, I'd always heard, you know, in, in, I mean, from my previous career as
a seal and say, you know, we've, I mean, we're its contingencies, contingencies.
What if this happens?
What if this happens?
What if this happens?
I didn't realize how vulnerable the US power grid actually is.
Oh, it's nuts.
And, you know, I learned a ton from that interview,
but I didn't know that a lot of our transformers,
a lot of our power grid equipment is made in China,
which I guess I just assumed that
because pretty much everything's made in China.
Yeah.
But there is no law that forces the power companies.
I can't remember, I think there's seven major power companies in the US.
I don't quote me on that, but there's no law forcing these companies to do some type of an inspection on the equipment that they're importing from China to put into our power grid,
looking for malware, Trojan horses, or whatever. And I mean, the way that I understood it is
basically all they need to do is push a button. Yeah, I don't want to be alarmist, but there is,
I don't want to be alarmist, but there is.
So, I think about people, they go vegan, and then that seems to be somewhat easy,
but as a thought exercise, I've asked my friends,
like, do you think you could go China free?
Like, is there a way that you could live your life
and not ingest any China?
You know, and if you just look around,
there's so much stuff that's manufactured over there.
And it's part of, I think the CHIPs Act,
I think Biden's just recently signed in by partisan,
you know, to get a lot more of that manufacturing
of the silicon back here in the States
is super, super important because
from a supply chain aspect,
that if you don't have that whole control from seed to sale, there are, you could introduce hardware-based vulnerabilities that you
can't patch with software, like because it's exists within the chip itself and with a deliberate attack, part of it, you have to look at it
from a consumer market standpoint.
Is it worth it?
It has to, the juice has to be worth the squeeze in that sense.
A lot of juice, a lot of squeezing, but there's one manufacturing plant or something like that.
They'll win Rogue.
You might have some impact there,
but if there was a concerted effort to make devices that were
absolutely nefarious, the moment you blow that,
is the moment that trust gets eroded.
But all you need maybe is that one burst of this manufacturing,
these things. And so part of
it, I think, is just kept in check because of capitalism and economics, you know, but who
knows how long that, you know, if you're making some sort of longitudinal effort to undermine
a nation, then obviously the stakes, you know, do become worth it.
But that's the brutalness of a lot of our utility systems.
And again, I have very little experience myself.
There's some systems I've played with
and some protocols I've messed around with reversing.
So I'm just, again, parroting what other experts and stuff have told me on it.
But it is pretty scary, you know, like, and again, sometimes in reverse engineering, these systems,
you become the expert on them, you know, just because even the people that have designed it are so
disparate or, you know, how it's cobbled together, maybe people don't understand the Gestalt,
they have all their constituent pieces sort of figured out,
but then how they work is a whole,
is a completely different animal.
So just knowing that it's obviously scary,
but do I think you could take down the entire entire US power grid, you know, in one
fell swoop without an EMP level event? I don't think that that there is, because even
things like solar flares impact how, you know, we adjust power usage, because we have
to be concerned about solar flares and stuff. There's all sorts of things
from space that make you really research this. Oh yeah, yeah. I mean, but again, I wouldn't consider
myself a field expert. I don't know doctorate in this and I have never hacked a power grid myself,
but I just know the pieces of the puzzle in a sense
of how these control systems work and operate.
And some of them are...
You know a whole lot more than most people.
So, I hope so.
On a scale of one to 10, how concerned are you
of the vulnerability of our power grid from being hacked.
Pride, seven, eight, I mean, it's up there.
Just recently, there was those maniacs,
I think it was in the Pacific Northwest,
like we're winning with guns, yeah.
And I believe those in North Carolina.
Oh, it was in North Carolina.
I could be wrong.
I could be wrong. I could be wrong.
You could be right.
I said, maybe it's happening everywhere.
And we're just kidding.
But yeah, I know that there have been even just attacks.
They don't know.
I don't even know if the nature of what they are,
if they're just domestic terror cells or whatever.
But from a lot of these systems, like part of it,
we had this legendary attack against Iranians nuclear weapons program called Stuxnet.
I don't know if you're familiar with that, but that we, it was a joint Israeli-US operation and we were able to get malware in their enrichment
plants that it set their nuclear program back a number of years because it basically made
the centrifuge spin faster.
So I don't remember the particulars of it, but it was a very benign small change and
these systems they weren't connected to
the internet in any way.
They're air-gapped, and so they had to infiltrate, get somebody to actually install this stuff
on.
But in order to build something like that, you need to kind of have a be able to emulate
that environment or build a replica.
So the way that that attack could be orchestrated,
it's not something that a teenager
could probably do in their basement
because they just wouldn't have access
to the parts of that system in order to figure out
how to break it.
And so I think that is somewhat said
the advantage of the security through obscurity type thing
is that these systems
themselves, it's not like you can buy a cheap, you know, that some just kid can go off
the shelf and buy a system that is going to be employed or would be employed in the power
grid or the water treatment or anything like that. But it's not above a state level actor,
you know, to afford these things.
I mean, that's just a rounding error in a budget somewhere.
So that's where it becomes this arms race where obviously we are trying to secure our devices
and we need to get these things patched.
But there's just a engineering backlog that tends to balloon out.
It happens in every organization. And so depending on how they're prioritizing those patches, I just, I know that there's just a engineering backlog that tends to balloon out. It happens in every organization.
And so depending on how they're prioritizing those patches,
I just, I know that there's things that have been found
that do exist, that just have them in patch,
because they haven't been,
there hasn't been a priority for them to to be.
And, but again, this happens all throughout
the software ecosystem and hardware ecosystem.
It's just in these critical systems,
there's a whole likelihood of risk,
how plausible is it that somebody's gonna be able
to infiltrate and implant this type of stuff?
But again, it could be this quiet logic bomb
that lays dormant and just pops out one day
and completely cripples us. And I don't mean
to be conspiratorial. It's just that the nature of how a lot of this stuff works, there's,
I say, there's very few people that know how to work on these systems, and there's very
few people that know how to hack them. But there's a cross-section there that leaves a lot of room
for state-level actors, if one was so inclined, you know, to basically. Yeah, I meansection there that leaves a lot of room for state-level actors if one was so inclined to basically.
Yeah, I mean, a lot of companies in China are on both state.
Mm-hmm, oh yeah.
And if they're manufacturing our transformers,
putting them into our power grid,
we don't even have a law that makes these companies
check to make sure they're safe.
I mean, I think it's a valid concern.
I don't matter what. Yeah, that's insane to me because I even, you know, the devices,
if we have, you know, obviously we have manufacturing, you know, in Taiwan. I think mainly in China,
for sure, that there's, but we're still doing pretty comprehensive audits on, you know, the
internals of these things, making sure that nothing got swapped out.
And if the firmware that's on it is usually cryptographically signed, so we know that it is what it
purports to be the hash's match. So there can't be anything, any funny business, nothing added
into the system that we don't know about. But I did not know about the, if there was
not, there's no scrutiny on the transformers and stuff. It's just a very, it seems like
very odd, you know, that we would treat it that way. Because in most industries are really
highly regulated and you would think that would be one avenue where they would do that.
So again,
though, it's just finding like being able to audit these transformers comprehensively,
you know, you may need a transformer to kind of practice on or something. And that could be
something that me and the homies could look at and see if it's if it's what it purports to be.
As I said, my only real comfort or security in the situation
is China is not necessarily an adversary
like in a lot of ways.
Like I say, we're not at war with them.
Like there may be some shadow proxy war
and obviously there's a lot of designs
that they will,
we've discovered that time and time again.
I think statecraft in general,
like you're going to have these copycats
that come out and the cheap Chinese versions
a little bit of a trope.
But we are giant trade partners with them.
So the moment that that balance shifts
is the moment I see, like maybe there's going to be
a lot more
that we need to worry about as far as that,
you know, the build time supply chain stuff comes in.
But it does surprise me that there's no scrutiny
over whether or not a transformer has a limit to it.
Yeah.
You're concerned about our water treatment plants as well.
Oh yeah, like anything that you could... I'm just trying to think of what is...
The creature comforts the average American and I think running clean water is
something that a lot of us take for granted. If the Flint, Michigan thing, I just kind of showed even where human error or something can
botch, I think it was a year.
I think it's been fixed since 2013, 2015.
I don't want to miss quote, but I know that I think they're still having issues, but for
the most part, the lead problem was solved.
But if you look at that at a grand scale,
and again, if you just make these minute tweaks,
infiltration software, any of the analysis that's going,
I mean, you could basically make sure
you could ensure the particulate is getting through
or added or more of this chemical, less of this chemical
and within the treatment process. And if you're controlling
most of this stuff is all computerized, it's not like there's a guy going out there with
an eyedropper every five minutes and you know, checking it as, at least as far as I know,
you know, a lot of this things. We are just trusting computer systems to do that stuff.
And so by entrusting computers with the ability to make these sort of decisions, then I think it becomes a little bit scary, because from my perspective, computers are fallible if
you the right persons are hacking on them.
You know, there's also recent news about China hacking into a lot of government sites.
I think they just hacked into the State Department.
Yeah, China has been, it's something that opened secret type thing that China and Russia,
I don't believe their citizens are prosecuted, that they can kind of look at the US as a playground and act individually and they don't
really have much to worry about domestically. Whereas even in America, I think if you
get caught hacking, even our, well, we would consider adversaries, like it's still grounds
for prosecution, from one end, you know,
that when you're looking at it,
they could be building an active case against,
you know, whoever they're investigating,
or they might, they, like the government might already have
a foothold in a system, and then you come in,
and then screw it up.
And so you're basically ruining, you know,
however many years of investigation
that they've invested in it.
So from that perspective, I see why it's a little bit different, but that as I said before, the infrastructure of the United States is a lot more
robust. And we've been using, I mean, there's countries, I'm sure, that you've been to
where running water and power are, you know, a super luxury and stuff. So I mean, they wouldn't miss it. But yeah, it's just so much here that we again,
take for granted being the first world and just kind of
as advanced as we are, that we've installed computers
and all of our processes to a point where it's just fused into a place
where we're not carrying around water tablets
and boiling water to purify it or anything.
It's all just done upstream somewhere
and then through some pipes to your house type stuff.
But China and Russia, like one of the biggest things that's prevalent now
is been ransomware campaigns.
I don't know if you're familiar with what that is, but it's really crazy because they actually
operate much like a regular business does.
They're honest, but what they'll do is,
they will install malware on your computer,
well, one of two things.
They'll install malware on your computer
that basically encrypts your entire drive
with a key that only they know,
and then you have to pay a ransom for them
to give you that key to unlock it.
So if you have, let's say you don't do cloud storage for your show, it's all stored on some hard drive,
and then you run this malware or it's delivered to you through some vector.
Then it'll encrypt all of your videos, all the Sean Ryan show videos, and you only have one copy of it, let's say. So you're gonna wanna pay that ransom
to get that key to unlock it.
And usually they have an expiration date,
like they give you like a week or two weeks
or three days or something to pay this ransom
or they don't give you the key.
And if they destroy that key,
then there's no way that you're gonna get that data back.
And so pictures of your kids, whatever,
but this is leveraged towards healthcare,
you know, hospital systems, this is leveraged towards,
you know, financial institutions, you know,
again, where these records,
were they're able to pivot the network,
people have onsite backups instead of cold storage,
like where it's sitting on a tape drive,
you know, in some shelf somewhere,
they're able to penetrate the whole network,
and then even the backups become useless.
But the interesting thing about the ransomware gangs
is again, they mainly run out of China and Russia,
but they do, they will encrypt your data
if you pay them the ransom.
So they, some of them even set up customer support lines
and it's nuts.
The other ransomware type thing that they'll do
is they'll break in and they'll exaltry
a ton of the data and then they'll threaten to sell it
if you don't pay a ransom.
If you don't pay, then what they wind up doing is selling it to the highest bidder
and some of these groups, what they'll do is they'll promise that they'll delete the data. So they'll only sell one copy of it. They won't hoard it out and give everybody a copy.
But you know, there's these organized crime and you know know, again, state sponsored gangs that are
making millions of dollars just doing this type of work.
And it's generally unheard of here in the United States.
Like, it's not something that you can really engage in.
It's a great lucrative business opportunity, but, yeah, we don't, we just, we're seeing
to be falling behind in that department You know, we had a a really interesting conversation at dinner last night about kind of the imbalance between
hacking in the US versus hacking in
China Russia
I've been saying that I think that
Warfare is changing.
It's changing very rapidly.
I think we're seeing a,
without getting into all the woke BS
that's happening.
I think we're seeing a shift
in the military.
And I think that the,
I'm going to get a lot of flat for say in this,
but I think that guys like myself,
former seals, green, just on the ground, special operations, operators, I think that we're
becoming obsolete and the tech is taking over the battlefield. I think cyber security or cyber
warfare is going to be, I mean, it's, we're already seeing it. I mean, just the progression
from the wars that we just, that we've been in, you know, over in Afghanistan, Syria, Yemen, Pakistan, Iraq, you know, all these places. I mean,
you've saw AC-130 specter gunships turn into drones, you know, turn into unmanned drones
and that just the tech that I saw at the beginning when I first started, you know, I think I went to, I think my first time in a war zone was a 2005,
and to watch it, how it developed in 2015 when I left, I mean,
I didn't even recognize it wasn't even the same thing, you know. And, um,
anyways, what I'm getting at is
This cyber warfare or stuff is becoming more and more and more real
And the way you were describing how China and Russia does it versus the US. I mean that's
That's pretty alarming and then and then the the military conference that you just sat through where they're
recruiting hackers for the US Army and they were talking about numbers. I mean, just go into all of that.
So the cool thing is, I would really like it if warfare was just conducted by robots.
I mean, because then none of your friends would die in battle. Like, you basically just have a ton of junk.
There's just firing stuff at each other.
And the stakes, obviously, in cyber war, when you're attacking nuclear power plants or
any of that type of stuff, if you're not making them melt down and irradiating human population, there's probably
somewhat of an advantage to having UAVs encounter measures against UAVs and fighting each
other.
Then again, it's just people probably just handling joysticks or artificial intelligence
doing the fighting. So it may be another mature form of warfare in a sense,
but where the human cost is lessened.
It's probably not the way it's gonna go.
You know, there's always like these civilian casualties
that happen, and I don't think that soldiers
are gonna go away in that sense.
But let me rephrase this.
What I was really getting at was how hacking is becoming so
relevant in today's war firm. Yeah, so what I was getting into is that a lot of the equipment,
even that operators are taking in like smart hudds and you know, like how helicopters they can fly
like pretty much where you're looking and the gunner, you know, the gunner can just kind
of, you know, look and the gun points to where they're looking.
And there's just that everything is so warfare, so technology based now that inherently,
you know, the ability to control and, you know, if you're able to hack those systems,
like I said, even in the supply chain or, you know, saboteur or remotely, because all this stuff,
you know, the drones and everything have to be controlled somewhere. And wireless communications,
that's what's nuts is wide spectrum jamming will always work. You can do things like frequency shift keying and spectrum hopping and stuff, but realistically
like that if you don't have a wire, you know, like so the toe missile attached to the
actual thing itself that's feeding it any type of telemetry or instructions, then it's
going to be subject to some sort of electronic warfare. And part of the problem is that in America, like the way that we traditionally treated,
you know, our hackers hasn't been favorable, whereas, you know, just a trend,
I noticed, like, with China and Russia, they're basically able to use the United States as a playing ground and they don't suffer any consequences for it.
And so they're learning against the best systems.
They're sharpening against the wetstone of America and the systems that we have.
And meanwhile, I don't think we are practicing in the same way against them.
It's asymmetric as far as how these things are getting handled.
When it comes down to it, though, what's really strange is that hackers themselves, we don't
really exist without with borders. You know, we know I don't a lot of us
don't really think of ourselves as part of a country, you know, again, if it's kind of like
yeah, soccer, you know, football or something like that, like we're part of a team like we are,
but in a sense we are in the same league. There's these rivalries that maybe, you know, they don't
bubble up so much. I said within the hacker community, there's Russian friends of mine.
I have Chinese friends of mine, type things.
I don't think we really see it as, there's animosity.
In the event of a full-scale war broke out, we all kind of know, it's said like the Olympics,
you kind of know which country you're going to be fighting for type thing.
But I can just again, the development of the skill set and like we have very, very good
hackers here domestically, but internationally, I said amongst our allies, I also see strong hackers, but there's just more of a, I think, I would just say
predisposition or encouragement, I would say, over there for adversarial mindset and thinking
and doing these scams and stuff that's present in
Russia and China, we don't have that in our DNA the same way.
And so there's a certain way that they're doing things that I just don't think we can replicate
without a complete paradigm shift in how we treat computer security, how we educate on
computer security, because they just have even,
I said, even their hobbyists are of a,
they're employing way more personnel in their military
than we are.
We have contractors and stuff to back it up,
but as you mentioned, I said,
if I don't know if my fingers are correct,
but we had, I said there was an army recruiter
that had come to talk at this hacker convention
and was just basically begging,
like please come to the military
if you think you can hack or wanna hack for the military.
And just looking at the numbers,
I said I think it was around 1500.
I think they had like a thousand and listed
in 500 officer corps in the Army Cyber group.
And if you, that's abysmally low, if you think about the amount of coverage that we would
have to have.
I mean, you were saying you're the tech company that employs you currently has way over.
Way more.
And that's a private company.
1500.
Yeah, yeah.
And hackers.
So I mean, again, across Space Force, Air Force, Navy, you know, Marines, Army, like branches,
I don't know what the total tally of cyber operators is, but the other thing that is crazy
is that the private sector is insanely more lucrative than government work.
And so yeah, I mean, even,
I mean, I make insane amounts of money where I work
and the financial incentive in the military, I'm sure,
you know, is not super great.
So that's the other kind of barrier to entry a little bit is that the talent isn't necessarily
going to be drawn naturally to unless you have a super sense of duty or something to go
into the military to do this type of work. But as I said, if the gauntlet was thrown down and you know, I,
it was called up, you know, I'm fighting for America, like I'm going to do my part.
I mean, it just seems very imbalanced. I mean, you, to get to your level in this country,
you have to do it illegally.
It seems like when you have to be looking over your shoulder, you know you're doing something
wrong.
Whereas in Russia and China, it's encouraged.
It's encouraged to hack into our government.
And so, you know, when you have an imbalance like that, I mean, how far behind
are we? It's significant. What's I said, one of the things that's changed the landscape is that
because of bug bounty programs that exist now, which is companies and governments, it's what we,
like I was talking about for the US Air Force and Dubai, these types of things where you'll
get paid for these vulnerabilities that you find.
And based on the criticality of the bug, you get a certain bounty and award that with
the emergence of the bug bounty programs, you see a lot more, that's real world hacking
that's actually happening that people are getting compensated for.
And so there's now more of a financial incentive
to go the right path.
And you're also subject to safe harbor laws,
so they agree not to prosecute you,
whatever you're hacking, and you find,
as long as you're doing it in good faith, they won't prosecute.
So back in the day, there was none of that. If you wanted to figure out how system worked,
you basically just had to break the law. But now we've gotten to a point where it's a hacker can
actually hack real-world systems and then get paid for it. And the Americans that I know that are engaged in this
are among the best of the best.
So I know individually, we definitely,
if there was a hacker Olympics,
we could probably will be taking silver at worst.
Like, that there's still, we still have enough skills
in our thing.
But it's just more of the attitude and the way that
the trajectory of the way that they've architected their programs, they have legitimized and
formed businesses. We call them APT groups, advanced persistent threat groups, and they're
enumerated, but they're actually, they'll have office
buildings, people show up to work, and they're actually just criminal organizations that do nothing,
but hack us, and summer state sponsored, some are private, in a sense, but probably have some kind
of attachment to some state apparatus. It's fascinating to me, because I don't think we have an analog here in America
so much where you know, you can't just set up some sort of cottage hacker industry and
then you know, get like you just get a blank check to hack the foreign governments. At
least if it exists, I've never heard of it. So.
What are you most concerned about when it comes to China, Russia versus us?
Is it the number of hackers that they have on their roster or is it the skills that the
hackers have on their roster?
It's a little bit of both. that it's more the culture and how it, like, they're just ahead of us a lot of it in how
they manifested their security programs.
They're aggression.
Yeah, they're aggression.
How they carry these things out, They're just their SOPs.
They've codified this industry a lot better than I think we have.
So when it comes to actually fighting a cyber war or something, I don't know how equipped
we are just because we haven't, like, our side hasn't been cutting our teeth the
same way that there is has. It's like we're playing the same game but by different, different
rulesets or something, which is unfortunate. But saying that, you know, again, I think that
when push comes the shove, the elite hackers that I do know that are at least our ally
countries, or that we have, that the talent pool is still
really, really impressive on our side.
So I'm not really too concerned that we're going to get.
It's more outgunned, I think, just overwhelming,
overwhelmed by the amount of attack service we have and
the types of things that they can attack versus the types of stuff that we can attack.
You know, it's very interesting just to hear you say that about the rules because it's,
you know, I will say one thing, this country, one thing I've learned about from being a war is this, the United States is, I don't know
why we do it, but we handicap ourselves. We put these stipulations on ourselves and, I mean,
you see it in hand-to-hand combat, you know, or just rules of engagement, you know what I mean?
And it's, you can't shoot them
unless they're shooting at you.
If they drop their weapon, you can't shoot at them.
You know, and it's just, and then they're literally
decapitating us if we get captured,
cutting our heads off on camera.
And we put these stipulations on ourselves in more.
And now here we are, you know, cyber warfare,
same exact thing, we're handicapping ourselves.
We're putting these ridiculous stipulations
on our own people when our adversaries have zero.
And we're just handicapping.
It's like it's like Geneva Convention type stuff.
I mean, that works in civilized warfare, I guess,
with countries that are respecting some amount of rules.
But yeah, it's not...
I think people think there's no ability in it or something.
We're on worst enemy.
But yeah, we're not keeping up with the time.
And I don't advocate, obviously, like, you know,
the wholesale murder of civilians or any that stuff.
I mean, that's something that I think that, you know,
I don't either.
Yeah, right.
But, you know what I mean, if you're gonna handicap
your people one more literally being dismembered,
having our heads cut off.
I mean,
we've got a fight fire with fire.
So, you have got to go.
Yeah.
And you don't have un-uniformed combatants and stuff.
I mean, you're fighting,
but these are types of,
like that's Carilla warfare, you know, in a nutshell.
All's I'm saying though is it's bleeding over.
It's bleeding over into this stuff now, too.
And it's, oh, we play, we oh, we play by a different set of rules.
We like to handicap ourselves.
We're gonna make it tougher on ourselves here.
These people are getting ready to take us over.
Oh, yeah, yeah.
And we're playing by this ridiculous set of rules.
And I don't think, and what's odd is,
is sitting in the cyber world,
the stakes are a little bit different.
Like, depending on the crimes and everything like that, but it doesn't have the, it doesn't
carry the same interpersonal risk, you know, the warfare even does. So I would think they
would maybe not, but if they hit our power grid, you're going to see a hell of more people
die of that than the amount of people we killed and more.
For sure. No, 100%. Yeah, hopefully that's one thing I would like to see
just shifted.
They do need to, like, I think,
as you were talking about earlier,
the kind of restrictions on, you know,
becoming an operative or whatever,
I understand, you know, if you're deeply in debt
and you know, you're a drug addict or something,
they don't want you having a clearance,
and I don't know if you're gonna sell nuclear secrets
for a bag of Coke or whatever,
but at the same time, in this, in the side world
or whatever, a lot of the characters
that have these crazy personality flaws
are exactly the types of people that you would want
on your side, fighting in the cyber trenches type thing.
So a lot of that stuff, stuff I think should be looked at
through a lens of sure there's a cool calm composure
that you definitely want to have somebody have in battle.
But behind the keyboard, you might be able to relax
those restrictions a little bit,
just to make sure this happens.
Let's move into deep fakes.
Mm-hmmI. stuff.
Let's say a crazy topic.
There's an album that I finished that I just didn't release.
It was a prequel to another album that I had done, but it's all about the proliferation
of deep fakes. I said, I'd finished it a few years ago, and it's all about the proliferation of deep fakes.
And I said, I'd finish it a few years ago, and it's really weird,
because a lot of the things that have come out since then were stuff I was talking about.
But what's crazy is there's so much media over even just regular people.
Now, just everyone's TikTok Reels
or Instagram Reels and TikToks and YouTube videos
and just even your normal average person
is gonna have a ton of material out there about themselves
and that the maturity of these models and the ability to, you know, on your own home
computer basically create these pretty convincing deepfakes. I mean, some are better than others,
obviously, but the technology is only going to get better. And it's going to get to the point,
you know, you know, you listen, you and I are similar age. So when, you know, you know, you, let's say,
you and I are similar age.
So when, you know, you're gonna get picked up
by a stranger at school and then your parents have a password,
you know, that they have to tell, you know,
that school or you to know that you're supposed
to get in this car and, you know, leave with them,
that it's gonna get to the point where we're gonna have
to start having meat space passwords
because it's already started where scammers are doing FaceTime calls with people.
Like I could call you as your wife and just say like, hey, I need you to send $200
PayPal to this address or I need you to wire me this money or just completely nanchilant but in
her voice with her face and you if there's no kind of secondary authentication of who
that person is then it'd be totally convincing to you and this technology I said is it's
in the consumer space now to a point where people with a decent enough graphics card can train these models.
So we're just getting to a point where, you know, what you see isn't what you, seeing
isn't believing anymore so much.
There's a lot of things that have been memeified, like with Joe Rogan and the presidents and
stuff.
I don't know if you've seen those kind of joky tiktoks and stuff floating around, but
they'll be like,
it'll be like Trump and Elon Musk and Joel Rogan playing a video game, but they've just
made up fake dialogue with all of their voices and stuff.
These are things that are being joked about now, but it's real.
It's real.
Yeah.
And the moment it becomes weaponized against common people, which I said it already started to be,
it's gonna be nuts.
But the thing that I find,
how deep does this go?
Like how convincing could a deep fake be?
Remy through a scenario.
Well, where it would just be perfectly done?
Just if I had enough, maybe think about all the interviews that you've done and shots
of angles of you that I could train a model based on you and then have you map to my face. And then I can always, I can emulate a camera
programmatically and then just kind of I'm intercepting the image. It's the same way that
Instagram and Snapchat filters work like where they can just overlay stars on your eyes or make
you look younger or whatever. But again, like if I had said if I had to call somebody,
you know, one of your relatives or if I had to call your bank
or anything and just pretend to be you,
depending on the information that's available about you,
it's like it's combination of social engineering
plus technology that I mean, I just basically become you.
And I mean, so the implications of that are endless.
I mean, said if I wanted to, said say that, I'm being held for ransom, like I, you know,
Sean, I need you to send, you know, send money or I need you to come to this place and,
you know, come and get me or, I mean, your imagination is the limit of this.
So it's going to be very, very important for us as people to have, like, said secondary passwords
or things that, you know, only, like, you'd have to ask them, like, you know, what he,
what's something that only this person would know about that I've never told anybody else.
But the DNA thing is weird because their service is like 23 and me. They
know they do the genetic testing to see what your lineage is. But I remember reading an
article not too long ago about being able to reconstruct like the it's not going to be
we're not going to be far off being able to reconstruct deepfakes
from DNA.
So like being able to model what a human being looks like, just based off of some skin
cell they left somewhere, some lip print, that I can see that being like a future where
you know, people don't even have to have video of you as long as they have just one of
your cells, they're able to just recreate you in the aggregate over technology.
Super, super scary. So you're not going to be able to believe newscast anymore. You're not
going to be able to know like did Trump really say that or did Biden really say that or anything
because if it seems plausible, you know, Biden mumbling is
something that happens every day. So like, how are you going to know, you know, if it's
real him mumbling or some, you know, some fake shit.
You think we're there already? We are very, very, very close. Like, it's, there's some
analysis that you can do on videos. It's the same way you can do noise level analysis
on Photoshop pictures and stuff,
there's certain artifacts that deep fakes
are still kind of wrapping,
that they're still perceptible.
Even of the human eye,
there's ways that you can tell like some of these,
but the really good ones are getting really good.
And there's VFX artists out there that have done just fan edits of movies or the place
another actor in a role or something and just looking at it with the naked eye, you can't
tell the difference.
You would think that actor had played that role in those clips.
It's mind boggling. So it won't be long before everything we see is fake.
Seeing is not believing anymore.
It won't be, you'll have to have some sort of consensus
on whether or not something is real or not.
It's sad, but hopefully, this is where men's reach exceeds his grasp a little bit.
I think the ramifications of this technology, one of the things it was used for when it
was first coming up is, remember, as I said, porn is the thematic thread through all
innovation and this stuff. And so, this deep fake technology was employed a lot of times.
Like, if there was a person you wanted to see naked,
you'd find someone with a similar body type
and then you could map their face onto their body.
And so people were using this to basically make fictional porn
of people that didn't exist.
And that was going on even in the Photoshop era.
Like when I was growing up, you know,
people would put Britney Spears' face on, you know,
some nude model or whatever and say that
that was Britney Spears.
But yeah, now it's like even, you know, some girl
that you met at a bar at the gym or something
and you're like, I wanna see what she looks like naked
and then train a model, you know,
with a similar body type and then train a model, you know, with,
I said, similar with similar body type and then put their face on it and then, boom, fantasy achieved. But obviously, while that is questionable, you know, in as far as is that ethical or not,
probably not, I mean, it's not really doing any harm to that person, but if it leaked out,
you know, how would they defend that that that wasn't them or, you know, whatever. And then
I said, the flip side of that coin, though, is that you can totally use that same technology to
make people say and do things like one of the problems, so that we, you know, where I work is like if people are faking video footage, if people do somehow
transmit fake video footage to our back end, you know, how do we know if it's genuine
or not, how do we tell cause law enforcement, you know, may use that as evidence.
And so, you know, I could invent a domestic violence situation that didn't really happen. And then, you
know, that's the evidence against me. So it's just the drabberhole goes deep. And it's only
as, I didn't even think about that. Oh, dude, these are the things I have to think about all
the time. So it's a, it's, it's, it's scary. Let's move into machine learning.
How does this work?
How do machines learn?
Well, that's artificial intelligence
or what we kind of consider artificial intelligence
is machine learning.
When people think of artificial intelligence
and like deepfakes are a product of this,
and I think the goal of mankind in some senses
is to trend towards generalized intelligence,
which is having a computer think exactly like a human does.
generalized intelligence, which is having a computer think exactly like a human does.
So being able to learn abstract concepts, not necessarily, a lot of what AI is now is regurgitation of training data. Computers are just very good at certain tasks. Like image recognition is huge.
It's something that machine learning has been
employed on for a long time. How captures work actually is, you know, when they're saying like
pick the pictures of fire hydrants, you know, in this block. What they'll do is Google basically
what they'll do is Google basically for recapture, they'll add adversarial noise to those pictures until their own image recognition doesn't recognize it as a fire hydrant. That's why those images
sometimes look really grainy or stupid depending on the level of security on the capture.
And then you as a human are basically making that model better by, you know, it knows which ones are fire hydrants when it first places the them up for you to see, but it adds a ton of noise to those images that way until its image recognition software doesn't recognize them as fire hydrants anymore.
And then when you go in there and you click the fire hydrants, then that trains the that's reinforcement learning for the computer to basically know that now if I see something that's little boggly, it probably still is, is fire hydrants.
So that's just a kind of a rundown of how we've employed humans basically to make these
models better.
But one of the fascinating things about ML is that we don't mechanically how it works is you have intermediary nodes that
are all assigned mathematical values.
So there's something that goes in and then you have a desired output and then these layers,
it's like a brain.
It's a neural network.
It looks like the same way our brains
probably process things electrochemically.
But we don't really fully,
we understand how this all works,
but we don't really understand,
if you were to take a snapshot at any one point
in the computer's thought process,
it's just a bunch of values.
So it's meaningless really to us, but to a computer, that's how it interprets the data.
So if I have a picture of a dog and then through all this convolution, an output's dog,
like however the parameters are set up in the model itself to determine
that this is a dog, all of the thought that goes on in the middle there, if you were
to take a slice of that, we wouldn't be able to interpret it as human beings.
It's a very esoteric concept.
Even hardcore engineers in this stuff, again, how it works as a whole,
totally understandable, but like the real machinations of machine learning are still kind
of a mystery to everybody, because it's just mathematical values that somehow the computer
outputs, you know, fakes it, whatever you want to call it, and then it's able to reach these conclusions the same way that a human would, which is fascinating, obviously.
But there's things that computers are really good at doing, and there's things that they're
not very good at doing.
I'm sure you've heard of Chad G.P.T.
Yeah, like those for content generation and stuff, you know, these large language models,
super efficient, and they're very convincing.
That's part of what Alan Turing had this positive distinct called the Turing test, which in
a nutshell is if you were talking to a faceless something like just a machine, like, would
you be able to determine if the person on the other side was a computer or a human or not.
And we're starting to reach that point where even the chat bots and stuff that I was making
as a spammer were obviously fooling people, you know, and that was low level stuff.
And this is much more comprehensive and involved, but these LLMs now, the capabilities that
they have are just astronomical because they're
basically, you know, they can write you college papers.
There's lawyers that have been using it and getting caught because it was citing fake
cases and stuff.
So you're seeing it being trying to be weaponized in the mainstream a lot more, but it still
is really impressive to see, you know, the types of things that these LLMs are outputting.
But again, they're only as good as the data that they're trained on, which is
to say that what comes from is the corpus of whatever we've generated in human history.
of whatever we've generated in human history.
So that's why it has biases towards certain things because we have biases towards certain things.
That's where they're tweaking the knobs. What people say is like, wocafying the AIs and stuff because it's going to spit out racist statistics.
It's going to spit out things that just don't make sense, but that's just how the data
that's been fed into it.
So it doesn't really know any better.
It can make decisions based on feeling the same way that human beings can.
It can make decisions based off feeling.
Oh, it can't.
No, it can't.
That's unfortunate that it can. No, it can't. No, it can't. That's what I'm saying. But you said it can.
No, no, it's like, wow.
Yeah, the comprehension is different.
But it just fakes it well enough.
Now, who knows where this is going to go, obviously.
But ML has a lot of, where do you think this is going to go?
I mean, you read about it.
And it seems like just about every profession is going to be replaced.
They talk about it replacing attorneys.
They talk about it replacing financial advisors.
They I read something the other day that said that I don't even know what you call it a program
is they've they've fed it.
I don't know,
thousands of mammograms.
And this thing can diagnose cancer like 99% success rate.
That's where a lot of the medical field,
there's so many applications where ML's
like super, super useful in site optimization.
There's projects like GitHub Co-Pilot
and Amazon has one too that you guys want.
Yeah, like there's products like GitHub Co-Pilot
and AWS has one too that I should remember
that help kind of scaffold code. So that it's been trained on lots of different code,
chat GPT even can output, you know, certain programs like boilerplate type stuff.
The way I see it kind of going in the short term is it's definitely going to be a skill to be able to do what's called prompt engineering,
like leveraging AI to augment your workflow. I don't know how much it's going to replace workers
yet, but being able to, those that can use it as a force multiplier and whatever they're doing
are going to have a lot higher advantage than those who aren't. So it's just, you know, the hammer to the jackhammer type thing, like where it's the evolution
of just another tool that we're using.
But when, again, when it comes down to it, I don't know.
I would love to see computers, you know, reach a state of terminator and sky in it.
Like, it would be just awesome.
Because hopefully I've treated them nicely enough that they'll see me as a friend.
Maybe they'll elevate me to Emperor, the universe or something.
But the realistic, like, there's a lot of jobs that are going to completely disappear
just because you're going to wind up having, I think there's a lot of jobs that are going to completely disappear just because you're going to
wind up having, I think there's a lawyer site called, I think it's do not pay.com.
Not affiliated with them at all or anything, but they've, they're just, it's an LLM-driven
lawyer service and it'll write like, and it'll fight traffic tickets for you.
It has this huge laundry list of things that it will do.
It's kind of a lawyer in a box, but if you're trying to get something removed from your
credit, you don't have to send letters and snail mail to the company and data. Well, taking like a LLM, GPT, chat GPT or something and then front-ending it and then
giving it access to be able to print letters and mail them, you know, now you've got this
entire workstream where you can have an AI fighting your credit card credit report for you, completely automated.
So what's going to happen is on the other end of that,
they're going to have an AI that's reading what's incoming.
So you're basically going to have these AI's that are fighting with each other,
that just AI is talking to each other, sending each other legal documents,
resumes, like whatever
you can think of.
And so the gatekeepers of both of these sides are going to be artificial intelligence and
human beings aren't going to be reading this stuff anymore because it's just considered
mundane.
So I can see that kind of in the near future where you just have A.I.s that are talking
to each other that are resolving disputes in a sense
because human beings become too lazy
to fill out a form to do something.
What'd be fun?
What are some professions that you think
are just going away?
Like guaranteed, it's over.
I guarantee it's over. I think that the driving, self-driving is going to be a huge, then the transportation industry
is gigantic.
If you think about just logistics from truck drivers and regular delivery drivers, taxi
cab, I mean, you name it.
The transportation industry just has a ton of people
that are working there.
And probably a little by little,
you're gonna see a lot of that stuff automated.
So pilots, pilots, yeah, pilots maybe, yeah, yeah, for sure.
Definitely instead of road operated,
probably a chew chew to the old trains,
like you're gonna see a similar thing.
I don't know what the timeline is for that.
I'm not that much of a featureist,
but that's where I see the most economic impact
just because of how many people are employed
and kind of propped up in this industry.
We've been scared about robots for,
I mean, as long as I've
been alive, robots taking over automated factory processes and stuff, but the other thing is to
content writers reporting, I think it's going to get to a point where you can just type in
a few bullet points about an article and then it'll just crap out something that's totally
readable.
So you might need a lot less writers on staff.
That's part of what I think the Hollywood strike is about is, you know, but in my estimation,
if an AI is writing better content than a human being, then maybe you're not that good
to begin with.
So I don't know.
I'm always, you can't ever fight technology.
You always have to embrace it.
And you'd see this just happen throughout human history.
There's professions I think that we had considered
sort of bullet proof.
Like, you could, at any other time in history,
if you were a blacksmith, you were probably the man,
but, you know, I don't know too many blacksmiths in 2023.
It's just the rapid nature.
I mean, we discovered out of flying
into the moon within 70 years, type thing,
and never, I mean, dinosaurs ruled the earth
for millions of years,
and they didn't have any internet.
So, I mean, it it's just this is crazy
like jumps forward that we're making that it's very hard to tell like where things are going to be
science fiction authors, science fiction authors refer to it as the singularity that there's
just going to be a point that we reach where everything you wouldn't be able to explain
what was happening to anybody before you.
Like even with a phone, you know,
now I can show it to you,
but it's kind of like smoke signals.
If you were a caveman, I'd be like,
yeah, this is sort of like that,
you know, smoke signal thing that you guys do.
And like, oh, okay, I get that,
but supposedly the singularity becomes this point
where it's just completely unrecognizable.
There's no language I could use to explain, you know, where we're at or
what's going on. Interesting. Not heard of that singularity. The singularity, yeah. I'm
gonna look into that. That sounds interesting. Let's move into cryptocurrency.
to cryptocurrency.
Okay.
As far as crypto goes, like I'm not, I was just an early adopter of the technology
and I just like how it operates.
I wrote a song about Bitcoin in 2012
that became somewhat popular.
And it's probably my most played song.
But when I had gotten into Bitcoin, it was very,
2009 is kind of when it started.
And 2011, 12, 13 is sort of when I was,
it was on my radar.
And at that time, it was just coffee shop meetings,
type stuff, it wasn't very,
it was like 20 people would come to these meetups,
it wasn't this huge phenomenon that it is now.
And I just really appreciated the technology aspect of it.
It solved this intractable problem
in computer science called the Byzantine General's Problem.
But it's basically just, you know,
how do you solve the ability to double spend currency?
And, you know, how do you trust,
like how can you assign authority
to somebody sort of verifying these transactions?
And I spoke about earlier that the hashing thing
where you try to find the most zeros
in this arbitrary hash that you pumping values into.
And so that's pretty much how it's done.
But it's just the cool thing about cryptocurrency
or where it came from.
I don't really, I'm not a big fan of banks.
You know, there's been times I've gone to the bank
and I've asked them for the money that's mine.
And they're like, I've got to wait.
We got to get it for you.
Or you know, I tried to send a wire the other day
and they were like, why are you sending this wire? And I said, I don't know why I have to tell you that.
Like, it's not, you know, it's my money. I can't be the two in a one with it.
So Bitcoin eliminates all that stuff. Like, but it also, you're in charge of your destiny there.
So if you lose your keys or you give somebody your passphrase or whatever and you get wiped out, there's no phone number that you can call to beg for it back.
So you have this responsibility that also kind of comes with that.
But the problems that people try to for a while, there's a lot of pitch decks floating around so looking value that we're trying to solve every problem with blockchain and that's just not the case. There are certain things that it does really well.
So the fact that it's distributed, decentralized, the purest crypto world that becomes a great
alternative currency, alternative value store, if I want to send money to a foreign country
without going to Western Union, without dealing with a bank, like it's nice, because it's practically immediate,
you know, within five minutes,
and you can do it very cheaply, relatively.
I mean, I can send a billion dollars, you know,
for less than a dollar, you know,
and less than five minutes type thing.
So it's a great concept.
But I don't buy into a lot of the hype around cryptocurrency now, the way that it is.
It's become kind of taken over by a lot of finance pros and you know, quants and Wall
Street types that are just kind of in it to make a buck.
But I was always just a pureist.
I'm just in it for the technology and in it for the...
Do you think this is the future? I do. And even America, like art, I think our treasury,
National Reserve has been discussing making
and cryptocurrency for to represent our dollars.
Like there is, there's a couple, like, tether and USDC,
there's a few coins, they're called stable coins
that are basically pegged to, they have a dollar amount,
associated with them, just one coin is one dollar type thing.
But even the US government now is getting to a point
where they've been kicking around
the starting their own stable coin, you know,
just government backed.
What do you think of that?
Central bank digital currency. It's a big topic right now. It is huge and
So one of the advantages to cash obviously
Usually the only time I have ever gone to the ATM was to buy drugs or gamble. Like even regular money these days isn't used for, you know, maybe you're tipping a valet or something, but for the most part it's not,
it's not something that were every other cash purchase that you're doing is usually with a card
or like the debit or credit. So there's a transaction there.
If people were always talking about,
you know, the government been able to see
what you're spending your money on and everything.
And that's one of those,
like in China, they have a social credit system.
I don't know if you're aware of it.
I'm a lawyer.
But I can see them instituting something like that
over here
uh in the US, you know, where if you spend money on these vices then you know you're
to merit or you know minus three points and that's where I see the more kind of digitized that we
make currency in general like the easier it is to track in that sense.
And so it becomes just another way for authoritarian minds to, you know, data mine or do whatever
with the one thing is those even in the existence of that, there's a lot of things that are illegal
these days.
Like you shouldn't be able to download movies and music illegally,
but people do it anyway.
You shouldn't be able to, you shouldn't be able to,
like Pirates had light signals, people do it anyway.
It should be able to J-walk, people do it anyway.
There's no way you can outlaw Bitcoin at this point.
It doesn't, it's just the network is too robust.
And so, you can always use that as an alternative.
Or there's currencies like Monero that are privacy focused.
They're designed because with Bitcoin, it's pseudononymous.
That you can be as public or as private as you want to be with that.
But the entire purpose of the blockchain
is it's a ledger from end to end of every transaction
that's ever happened over the history of the blockchain.
And so it provides that, I think for nonprofits,
for instance, it's a really brilliant thing to use
because I would have total accountability
and anyone could audit me because they could all see what transactions
are coming to my address.
When withdraws are made,
I would have to have some sort of tie in
to like what did I spend this money on?
Because everybody you'll see it go out,
everybody sees the money come in.
So I think for nonprofits and stuff,
it's a super, super useful tool for accountability.
I don't know if people want to adopt it
because to really, really want accountability in that sense.
For those things, it's good, but privacy coins like Manero
obfuscate the transaction as a blockchain.
So you can't really, they can't really see if you and me
are sending money to each other
and that's how it's designed.
That's the kind of the point of the privacy coins,
but depending on what you're looking to get out of it,
this is the thing, it's good that we have alternatives.
But even if the US government was trying to outlaw Bitcoin,
you couldn't really, I don't think you really could.
So you can try.
The biggest thing that you'd be able to do
is cut off central exchanges,
but that's why they just decentralized exchanges
that exist now where the liquidity pool is
decided by members of the decentralized community. So if I have some Bitcoin, I want to sell, and you
have some Ethereum, you want to sell, then we'll meet in the middle somewhere in this decentralized
exchange and then swap it. But it's all, it's just currency is only as good as people that adopt it.
Like you can walk into the corner store right now with five euros.
And the guy's going to laugh you out of the store, but that's real money.
You know, it's just the fact that they don't accept it there.
And so once cryptocurrency gets to a point where it's in a place that everybody kind of accepts
that it's real or not, then we'll see a turning
point, I think.
Let's get into, we talked about it quite a bit, but we talked about it with the phone,
but secure communications.
Signal, WhatsApp, regular text, I mean, what is the most secure method of communication? Everybody's
worried about government overreach and big tech track and everything we do. And what
do you use? I use Signal primarily. I have Telegram and WhatsApp, which both have
the end-end encryption features. I message on iPhone actually is also end-to-end encryption features, report to iMessage on iPhone,
actually, is also end-to-end encrypted.
What that means is that no one,
like you and I have the keys to unlock
the contents of that conversation.
So it's end-to-end, like there's no intermediaries,
or any intermediary server.
They can take that traffic and decrypt it
because the key exchange is like between the two of us.
Usually what compromises devices, security,
the text messaging and stuff
is that the actual phone itself is compromised.
So it's not necessarily
the apps themselves. Signalists have by default is an encrypted, perfect forward secrecy,
and it's designed to be really lightweight. Like, it doesn't have a lot of the features
that telegram and what's app and stuff have. I think you can do emojis as link previews.
It's bloated up a little bit over the years. It's not as Spartan as it used to be, but that for my money, it's all open source.
So the code is auditable. And I just said, I've been a fan of Signal ever since it came out.
Largely, unless mathematics is broken or quantum computer takes a huge step forward, we don't
really have to worry about, you don't have to worry about signal like as far as that.
But where you're going to have a lot of problems is more in the fact that the device that
does software is sitting on is actually compromised.
So somebody's hacked your phone and then they can read anything anyway.
But signal will be the most secure.
This is what I use. I mean, it's like, I said, I'm not sponsored by them or anything like that,
but yeah, it just endorsed just how it works. And it undergoes pretty regular audits and it said,
the code is anybody can look at it, anybody can see just how it works and it said signals just has been kind of my secure messenger
of choice for a long time. But it said, I message offers the same protection. The clear text
SMS is really bad because that's what I'm saying. Anybody in in between can view the contents of those messages. So the phone company, that's why you know in when
the court subpoenas records or whatever, if they don't have access to the phone,
they don't have access to the text records. But if they're SMS, you know, green on
on the iPhone, then they can just get that stuff from the phone company.
Oh, good. I didn't know that.
So they have to have the actual device with an iPhone message or with iMessage.
With iMessage, yeah. There hasn't been, yeah, as far as I know, I don't think the encryption has been broken.
But yeah, it's that they would have to, you would have to have the, the, I'd have to have the device to peel anything off of it
or control the device.
What are your views on Snowden?
I,
the,
I,
that's a tough one.
I respect what he did for sure. Like I love whistleblowers, I think that that's a tough one. I respect what he did for sure.
Like I love whistleblowers, I think that that's a good thing,
but the nature in which it was done, I think, is something I find somewhat problematic.
I don't, I don't know, again, being a former member of the intelligence community and stuff like that.
There's a lot of information that you know why it should be secret, you know, in a sense, or especially
if there's lives at stake or, you know, anything, not too long ago, I forgot.
I was a, I remember if it was Trump or, what was that, when all those assets got leaked,
the foreign assets, it was like the knock list
in mission impossible, but a ton of deep cover operatives
were exposed.
I don't remember who that was.
Yeah, just that there is things, I don't live in a,
of course I have this hacker eat those of all
information, it should be free and we should be, you know,
we should have access and transparency is important and stuff.
But there are, there is a certain, who decides this?
Again, it's imperfect, like, but should Snowden be the
arbiter of that type of, type of information?
I mean, yes or no.
Like, this is a very personal subjective thing.
You know, he did it through the channels
that said releasing it to the Guardian.
I don't think that he should be prosecuted,
but at the same time, I think if everybody behaved
in that way, it would be somewhat reckless.
You would, you can't just have everybody doing that type of stuff.
So personally, do I think he belongs in jail?
No, do I think he should get a pardon?
Yeah, but are there questions around,
what he did and how he did it?
I think so.
But again, that's for him.
And this is just my judgment, you know, as far as,
I said, I'm looking, I mean, I'll tell you looking in.
I don't know.
Let's get into, let's get into some fun stuff.
Okay.
Nerdcore music.
What is it?
I've not heard of this until you came along. So nerdcore hip-hop is a
term that applies to a wide range of music, but all of it is considered nerd culture, geeky stuff. So Dungeons and Dragons, Star Wars, Marvel, before there was all these movies about it,
like just comic book nerd or anything.
And it was music just about these nerdy pursuits.
And right around the AOL days is when I started making music.
It wasn't called nerd core then, but the same way that you listen to regular hip-hop music
or mainstream hip-hop music and the subject matter that it's wrapping about.
Then I was just trying to, one of the core tenets of hip-hop being to keep it real.
I just thought it was fun to wrap about the types of things that we were
doing on the computer, you know, because there's a lot of correlation between making money
on the streets and making money on the internet, you know, I think it's very, there's a lot
of the similar qualities that both of those things have, you know, I was pimping on the internet.
And they're pimping on the streets.
I'm robbing banks and they're robbing banks,
but I'm doing it in my underwear
and they're doing it with a ski mask on.
So it just seemed like the natural progression.
But most of my contemporaries are doing it
progression, but most of my contemporaries are doing it in like one of my friends' MC Lars, like he has a degree from Stanford in 19th century literature, and so a lot of the
contents of his rap is about poets and the poetry and prose of that era.
And he does, I mean, he does songs about a lot of stuff,
but that's kind of his focus.
And then MC Frontalot is like,
he's considered the godfather of Nerdcore.
He's the one who named it,
but he was a graphics designer,
he's an artist, web guy,
and he just makes geeky songs about geeky things, but he's not much
of a hacker, so I have no real insight into computer security.
Megarann is another one who he'd started out kind of doing video game wraps the same way
that I did.
We took like old video game beats and then made
music to them, but about nerdy subjects. Megarans probably, he's been doing a lot of stuff
with the WWE and you know, he's a huge fan of wrestling and so he's got songs about
wrestling. He's got songs that are in video games and like in the credits and theme songs
and stuff, but everybody sort of has these little,
even sub-genre pockets, a nerd core that they occupy.
And mine has always just been computer security
that I wrap about hacking and spamming
and all those things that, you know,
we've talked about today,
but just put into the song form.
What, I mean,
so you're a forefather of this. I mean, did you start this genre?
Chronologically, I was probably before everybody.
Like, considering this in 1998, 1999,
that the genre really started to become, like, embody something, I say, in
the mid-2000s, is like, where the wave started to catch.
But I'm sure that it was being done, like, I don't really know how, I'm considered yeah one of the four fathers of the genre but I think you would be
I don't know if I could have said I created it again I think it was more of a team effort and
you know built by a bunch of us kind of around the same time independent discovery like like calculus
Newton and livens but
calculus with Newton and Lyman's, but Lyman's, yes, I don't know. Well, I mean, it sounds like you've had a hell of a career.
You've performed alongside Buster Rhymes, Nelly, 36 Mafia, George Clinton, two short
Snoop Dogg ice cube, and you released a collaborative single with Deadmouse.
Yes, you're, yeah, that was earlier this year.
Yeah, a lot of...
Are you on tour with all these guys?
Not really.
Like, I do a lot of one-off shows and stuff with most of the people on that list.
Yeah, we just see each other when we see each other and do shows with each other. I DJ too.
So I just, I love music.
I'm playing guitar for a really long time and I love, it's a lot of fun, but more or
less, my mission, like with the music is I've had a lot of people that have listened to
it and then they've decided to take up a profession in coding or in computer security or whatever.
And that's something I think is very unique to the music that I make is there is how
to music out there of how to make crack cocaine and what not.
Of course that exists, but the subject matter that I try to attack and things
that I say, you know, it's all fairly real world application.
It's either something that's happened to me or something that's happened to somebody.
I know, you know, very so that keep your real thread is really, really important in the
music that I make.
But my fan base is very, very intelligent and highly technical,
like, because there's a little bit of a barrier to entry
to kind of getting in and understanding the music,
because it uses a lot of technical jargon and the analogies
and stuff, or just a little more heady,
and they have to do with hacking and spamming and stuff.
So people that kind of do the deep dive and get in there and figure out
what the lyrics are really saying then they tend to walk away with little nuggets of knowledge and
it's cool to get that feedback from people that have done sort of deep dives on the song
lyrics or they get the content. How's it working with deadmouse?
Deadmouse is amazing. It's a great person.
The way it all came to be was as right around when COVID was kicking off.
There's a guy, his name's Steve Duda, and he's a good musician in his own right, but he's a plug-in developer now, just a software
developer, that he worked in the music industry for a really long time.
And it was a one-time co-worker with Deadmouse, but they had a group project called BSOD
together.
Blue Screen of Death is what that name comes from.
And so they were a lot of the kind of seminal electronic work
that the two of them were collaborating and working together.
And so they were in Toronto working on new music,
and Deadmouse just had this instrumental that needed lyrics on it.
And so Steve had DM'd me on Twitter and he was just like, hey, I'm up here in Toronto working with Joel and we downloaded one of the
Acapella's off your website and slapped it on the song because we needed
vocals for it and Joel really likes it so you know what we can do about it.
And that song is about this group Lullsack that did a ton of, there were
anonymous adjacent, did a ton of hacks,
like kind of at the turn of the decade, it was really, really highly publicized.
And that song was the theme song for that group.
And then here, you know, whatever it is 12 years later, you know, to have it like this
re-emergence and re-release is funny because Joel's in the internet culture and stuff, he
was there for a lot of this, but he never in a million years would I think that song would
resurface as a single on his album.
But yeah, the last couple of years, I just, you know, we'd find ourselves in the same places or I would
just go out and, you know, perform it with them. So it's been a blast.
I've said, I've been in the music scene pretty much my whole life.
And so I've made a lot of friends and kind of rub shoulders with everybody for a while.
But I don't really take music as seriously as I think I should probably.
But I think if I took it more seriously, I probably wouldn't find it as fun.
Yeah, Joel is just a trip, bro.
I love him. He's a great guy.
Yeah, my wife and I are huge fans of deadbouts.
You're good.
So, yeah, that's, I think that's cool.
It's super cool.
Yeah, he's a great guy.
So you, right, we'll see.
I'll see if I can get him on here.
I'll just twist his arm. I'll say he can. On here? Yeah, yeah. On your podcast. I I'll see if I can get him on here. Just twist his arm.
I'll say you can.
On here?
Yeah, on your podcast, so we talked to him.
Yeah.
That would be the shit.
Let's do it.
All right, let's do it.
That would be awesome.
But, man, we covered a lot of ground.
We did.
Of all the things that you've been involved in,
music, hacking, black hat hacking,
the stuff you're doing with big tech companies,
I mean, what's your favorite thing to work on?
What gives you the most?
This is gonna be cheesy, but being a good dad.
I don't think that's cheesy at all.
Yeah, it's probably the stupidest answer,
like just easy platitude, but that,
I mean, my daughter, she's grown now,
but we talk constantly,
like just being that close,
and just watching her kind of grow up,
and now she's in college, and gonna make her own mark on the world type thing.
It's just the most proud of her and just the fact that she's out there like still alive.
She didn't starve to death so I did okay but yeah just being a dad is my favorite thing, I think.
Well, man, in my humble opinion,
that's the best answer you could have given.
Good, that's awesome. Congratulations.
Thank you.
On a successful father ship.
Yeah, but all right, Bryce, we're wrapping up the interview.
Last question.
Three people that you wanna see on this show.
We mentioned one, let's see if we can get
dead mouse on here.
I think Connor Daly would be amazing.
He's a race car driver.
You two would just love each other.
And probably Sam Curry, he's a,
he's one of the younger generation hackers
who's really, really big in the bug bounty scene.
But he's one of those guys I was talking about
that's a young gun that's just done so much impressive stuff.
And he's been with me a lot on more of the recent journeys
like the UAE and just highly, highly skilled,
insane, amazing, just brilliant.
So I think you would really, really like him too.
I'll look him up.
Okay.
I appreciate it.
Well, Bryce, man, it was, what a fascinating conversation.
I think we've got to be close to seven hours. But yeah, geez. And I'm not gonna lie, I think we're, we gotta be close to seven hours.
But, yeah, geez.
And I'm not gonna lie, I could go longer,
but I think you're getting tired.
Oh, I'm just, so, I'm just amazed
when he wants to talk to me this long.
It's just crazy, so yeah, I'm having a great time too.
You are a wealth of knowledge.
And, you know, we covered it all.
Childhood, at least I think, is there anything
we need to cover
that we haven't yet?
Do we do the mathematician thing?
Yes, did I even want to find that?
Oh, because it's funny, you say that I'd say
because it's not real, but yeah,
I have two published sequences with my friend Tony
in the online psychopedopedia of integer sequences.
Yeah, I remember you mentioned that up top
and I was like, I don't know.
That is real though.
That is real.
Yeah, yeah, it's real.
It's not like rigorous scientific.
Like I proved for Moz last year or anything like that
or the Riemann hypothesis, but at the same time.
Yeah, it's funny how much nerd cred that
actually gets you, like when you figure out a new sequence of numbers that they really
seem to enjoy that.
But yeah, other than that, you could write my biography now, I think you got it, you got
it everything.
Fascinating stuff.
Wilbur Rice, I just want to say thank you for coming.
The pleasure is mine completely, I really want to say thank you for coming. The pleasure is mine completely.
I really, really enjoyed myself. Thank you.
Me too. Cheers.
Cheers.
Thank you.
you