All Episodes
Previous Next
March 26, 2005 - Art Bell
02:54:45
Coast to Coast AM with Art Bell - Kevin Mitnick - Real Hacking Stories
Participants
Main voices
a
art bell
01:02:51
k
kevin mitnick
01:12:48
| Copy link to current segment

Speaker Time Text
unidentified
We'll see who we can make angry this weekend.
art bell
Not at the beginning, though.
Let's first go through a couple of the sort of show things.
Somebody asked me last week how the program gets from here to there, how it gets to your radio, you know, that kind of thing.
Well, the first big, giant step that it takes in that direction is from the Uplink facility located here at my house in a closet.
So for those of you who over the years have wondered what sends the signal from here to there, there is an associated parabolic dish outside that receives the signal sent from this stuff that's in my closet.
And it's been there for, I don't know, about a decade or so.
And I would imagine if that were to be replaced now, it would be the size of a suitcase or something.
But that is a complete satellite KU-band uplink setup thing you're seeing in my closet there, which is where it has resided since the very beginning.
That photograph is on the website, coastcoastam.com.
Simply click on ArtsWebcam, and there it will be, sitting in its closet, where if you don't want to look at it or hear it, you can just shut the door, and it's like it's not even there.
Now, I want to promo tomorrow night a little bit.
I'm going to do, it's going to be open lines.
So a lot of times a talk show host would like to launch a discussion in a certain direction for a program, and a lot of times it doesn't work at all.
In other words, the audience will take it in the direction they want to take it, and that may occur tomorrow night.
But I want to talk to you about oil and gas and the price of gas, which is now going up to the point where a lot of people who commute aren't going to be, or it's not going to be worth their while soon enough to continue that commute.
They're not going to be able to afford it.
We have a crisis ahead of us, directly ahead of us, in energy.
No question about it.
Last week I had Willie Nelson on.
Willie talked about his biodiesel.
And I just noticed tonight before I came on the air, CNN headline news ran about, I think, a two or three or four minute piece at least on Willie Nelson's biodiesel.
Showed his vehicles, all the rest of it.
So that's one thing we'll talk about tomorrow night.
I hope that CNN got the idea from the show here last Saturday.
I rather imagine they did.
Good for them.
Now, so tomorrow night, I'm going to want to talk to all of you and have you talk to me about oil and about the crisis.
And I've got some facts that I've dug up for the occasion.
And they're pretty bleak facts indeed.
So I'll sort of choose how much reality to give you.
Now, I'll give it all.
I was just talking about that with a group of friends on a hymn radio before I came on here tonight.
Reality.
How much reality do the American people really want?
Boy, is that a good question.
How much reality do the American people want?
And how much can they take?
In other words, with regard to the energy situation, the honest facts are so bleak that I'm not sure everybody wants to hear them.
So we'll talk about that tomorrow night.
This is a place where you do that kind of thing, where they won't talk about it elsewhere.
We will.
It's an emergency situation.
There was one article I read, which I've got, which I may read part of it, which was something, it was called The Long Emergency.
Well, yeah, it's going to be a long emergency, but the effects of it are being felt already.
Been to the gas station lately?
In a moment, we'll look at world news, and I guess maybe I'll hold that up for a moment.
Because even though I want to talk about oil tomorrow night and energy, I have a feeling, if it is still appropriate, the audience is going to want to talk about the Chivot case.
Maybe I'm wrong.
But this has been a national traumatic event.
It is currently a nationally traumatic event.
Everybody's traumatized by this case.
I mean, really traumatized, honestly traumatized.
The latest would appear to be after another round of losses in the courts, Terry Chavell's parents kept watch over their dying daughter Saturday.
Described, depending on whose lawyer you want to listen to, as being in peace or looking like a concentration camp person.
Anyway, trying in vain to give her Easter Communion as their attorneys acknowledged the fight to reconnect the brain-damaged woman's feeding tube was nearing an end.
They're about ready to give up, I guess.
Attorneys for Bob and Mary Schindler decided not to file another motion with the Federal Appeals Court, essentially ending their effort to persuade the federal judges to intervene, something allowed only by an extraordinary law passed by Congress.
Meantime, they're telling the people that are protesting and Standing outside, go home and be with your loved ones.
Pat Buchanan said, in part, our nation, ours is a nation, where a judge may not sentence beltway sniper Lee Malvo to death because he's too young to die, too young to die, but can sentence Terry Shivo to death because she is too severely handicapped to live.
Shivo continues a process of dying by starvation and dehydration, a method, capital punishment, a method of capital punishment, honestly, that most people would consider criminal if perpetrated on a pet, done to a pet.
We'll let a dog or a cat starve to death.
And, you know, if a dog or a cat was starving to death, the protests would be incredible.
You know, the animal organizations would all be out like crazy.
And it's not that the pro-lifers are not out on this.
They certainly are.
But they have not prevailed.
Here's somebody who sent me, you know, I've had a million emails on this subject, on the Chivaux.
I think every talk show host in America has been inundated with this sort of stuff.
This person says, Hey, Art, I wonder why the United Nations hasn't said anything, anything at all, concerning the way our justice system is treating Ms. Chivaux.
I thought they were concerned about human rights.
That's Tim.
This was an interesting one, I thought.
On the morning of 3-305, I told my husband Art that something will affect changes in consciousness worldwide.
You told us, meaning me, I believe it was the 5th of March I did, that the Princeton Consciousness Research Lab eggs had indicated unrest.
Yes.
She says, obviously, it was a prelude to the Terry Shivo situation.
And I haven't checked, but I would be willing to bet you that that might be true.
And that the eggs have registered a very great deal in the Shivo case.
unidentified
People have been so emotional, so incredibly emotional about this.
art bell
Either on one side or the other side, and damn near evenly divided.
It is as divisive an issue as abortion.
Actually, it is the same issue as abortion.
It's a whole life thing, right?
I think that we should have erred on the side of life in this case.
There was no written document.
This is what I told you last week.
No written document did you leave.
And so that's my personal take.
I understand others feel.
And then again, I'm a libertarian, too.
And I believe in less government, but yet I support the government's intervention, unsuccessful, albeit I support that effort.
And I shouldn't normally do so.
I'm not a perfect libertarian.
I'm not really a perfect anything.
I guess I don't fit into any exact description of what I ought to be.
Libertarianism should be, you know, behind the government staying the hell out of this.
So politically, I ought to be coming at it from that direction.
But this is a question of life and death.
And I think there should be a written document from the person involved.
And I've got, you know, I've seen what all of you have seen, the assault on the Internet.
I'm sure most of you did not get it to the degree that I have, but I have had all of these supposed testimonies, documents from nurses and things that bring tears to your eyes and make you think.
And I can't know they're all real or even whether half of them are real, you know.
And neither can you.
unidentified
Not unless we were there.
art bell
But, you know, people are saying she has spoken.
Her attorneys are suggesting she has said she wanted to live.
And others have said, no, it's just a reflexive sound, reflective sound, a reflex of a dying brain or something or another.
This has been a trauma for America, a big trauma for America.
So the Princeton eggs around here ought to be jumping up and down.
And I don't have the chart to prove it, but I would be willing to bet you that during this Shybo situation, and prior to it, in fact, or just prior to it, they have been jumping around.
unidentified
more in a moment The Shiva case absolutely has been a gigantic trauma for America.
art bell
I've not seen anything like this in some time.
So my guess is people want to talk about it.
That's usually the case.
Dutch scientists are urgently checking whether perhaps the bird flu virus sweeping the country has now mutated into a dangerous human pathogen after it claimed its first human victim.
A 57-year-old Dutch veterinarian died of pneumonia in the southern city of Ben Bosch on Thursday, and the most likely cause, that's in quotes, say investigators, was the bird flu virus.
Concern about the virus has been mounting ever since it became clear that the highly pathogenic avian flu had been ravaging Dutch poultry farms since 28 February, and it also now, they're suggesting, can infect go from human to human.
That would be horrible if true.
Thus far, 82 people with clinical symptoms have tested positive for the bird flu virus.
Doesn't sound like a lot, right?
Nearly all have conjunctivitis, a mild eye infection.
Six people had typical flu-like symptoms.
Worryingly, there has been strong evidence, that's in quotes, that three of these cases did not catch the virus from sick poultry, but from a family member working on infected poultry farms.
So there's still the possibility that it came directly from poultry and not from one human to the next.
When that occurs, believe me, we'll all know about it.
It's going to go around the world as quickly as any flu, and for some reason, the scientists seem convinced because we get story after story after story about how it's going to jump and become suddenly infective from human to human.
I don't know how they know that, but they sort of seem to know it.
Speaking of knowing things, the federal government kept it secret for three months, but it does seem that genetically modified corn seed was sold accidentally to some U.S. farms for, let's see here, four years and may have gotten into the American food supply.
The accidental use of unapproved seed became public when the scientific journal Nature published a story and blew the whistle on Tuesday.
The corn seed was probably safe, however.
America's food supply and plant and animal stocks were not harmed and remain safe to eat, according to officials of the seed company and the federal government.
However, they decided to keep all of this secret from us.
I wonder if they would have told us, you know, if suddenly everything had gone wrong, what do you all think?
Would they have told us, well, we know why everything's going wrong?
It's because, unfortunately, this seed stuff got out.
It's not enough for everybody.
Sheldon Krimsky, a Tufts University environmental policy professor, said it's not acceptable.
He's a longtime foe of genetically modified crops.
He says, quote, they have both a moral and legal obligation to reveal violations, Krimsky said.
This is a government that's operating in a stealth manner that wants to keep bad news from the public, end quote.
I don't mean to laugh, but, you know, this might have been bad news, right?
Now, they've told us now that we know it isn't bad news.
We know, apparently, that it's all right.
But you've got to wonder, if it didn't go right, if it had all gone terribly wrong and people began getting sick, would they have revealed this now?
Well, I sort of doubt it.
So this professor at Tufts is probably right.
But think how that whole principle applies to the oil and gasoline crisis, for example.
You've got to keep bad news from the American public.
Let me tell you, folks, it's really bad news.
What's about to happen with energy in America and the world, actually the world, not just America, is really bad news.
So I guess that principle carries over, huh?
What do you think?
A 70 million-old, year-old Tryanosaurus rex fossil that they have dug out of a hunk of sandstone has yielded a real bonanza.
Oak, soft tissue.
Soft tissue from a Tryanosaurus rex.
How incredible is that?
Not hardened, petrified something or another, but real, honest to God, soft tissue.
Blood vessels, whole cells, pliable, malleable inside guts of a T-Rex.
Do you know what that means?
Well, potentially a lot of things.
Let me keep reading here.
When they got it into a lab and chemically removed the hard minerals, they found what looked like blood vessels, bone cells, and perhaps even blood cells.
They are transparent.
They're flexible, said Mary Higley Schweitzer of North Carolina State University and Montana State University.
She conducted the study, I guess she said.
The vessels were flexible, and in some cases their contents could be squeezed out.
Squeezed out.
How could it possibly have been kept in that kind of shape for that long?
A preservation of this extent, she said, where you still have this flexibility and transparency has never before seen in a dinosaur.
So could it mean Jurassic Park?
Well, the $64 billion question, of course, is whether they can get some sort of genetics from it.
If they get a genetic, a perfect genetic fingerprint of a Tryanosaurus, you've got to wonder, would they attempt to recreate the Tryanosaurus?
How would you vote?
If it turns out, because of this wonderfully appliable, soft, fresh, gutsy material of a T-Rex, I wonder how all of you would vote.
If we could create a T-Rex, should we create a T-Rex?
And we may be on the horns of that dilemma.
We may have the goods.
Down in Florida, something not so good is happening.
Seven children have contracted a life-threatening kidney infection.
Health officials there are very concerned, and apparently because they have gone to a petting zoo.
Five of the seven were hospitalized in critical condition, including one on dialysis, according to the Orlando Central.
And again, these children only went and petted some animals.
unidentified
Yikes.
art bell
So I guess you better be careful.
Of course, it could turn out to be something else, but they were just petting the animals, and they've come down with this.
This is a fascinating story.
I don't think I'm going to have time for it.
Marianne Fife and her family never thought they'd see their three-year-old cat Kane again.
But when the movers were at the Fife's Iroquois Point home December 15th, Kane was nowhere to be found.
The Fife thought that Kane might have run out of the house.
He's an indoor cat, but the movers had left all the doors of the Albatross Avenue home open.
Well, you know cats, right?
They like to hide in stuff, and they particularly like a dresser drawer.
Well, Kane figured out how to open drawers, I guess.
But, unfortunately, the movers in this case, remember this family was moving, caked all the drawers shut.
So, of course, they missed their cat before they moved, and they called and they called in the night, and they went out, and they called this poor little cat, Cain, and Cain did not come back.
unidentified
Cain appeared lost forever.
art bell
But I think you know where Cain is.
Tell you all about it in a moment.
The rest of the story, as Paul would say.
From the high desert, where once again there is rain forecast for Monday.
About 20 miles here from Death Valley, home of the new Redwood Forest, soon, if this keeps up.
This is Coast to Coast AM.
I'm Art Bell.
unidentified
I'm Art Bell.
Riders of the Storm Riders of the Storm Into this dance we're born into this world we're thrown.
I'm going to go.
One of these things you're going to get in right.
Don't bring me down.
Don't rise on my mind.
I'll tell you what's wrong before I get off the phone.
Don't bring me down.
You're looking good just like a snake in the grass.
One of these days you're going to break your glass.
art bell
All right, everybody, listen very carefully.
The phone numbers, the magic numbers, to join us on the air are a little different during the weekend.
And here they are.
unidentified
To talk with Art Bell.
Call the wildcard line at area code 775-727-1295.
The first-time caller line is area code 775-727-1222.
To talk with Art Bell from east of the Rockies, call toll-free at 800-825-5033.
From west of the Rockies, call 800-618-8255.
International callers may reach ART by calling your in-country sprint access number, pressing option 5, and dialing toll-free, 800-893-0903.
From coast to coast and worldwide on the internet, this is Coast to Coast AM with Art Bell.
art bell
All right, in a moment, we'll do the rest of the Cain the Cat story and then dive into the phone lines.
unidentified
Stay right there.
Seek all right, let's continue with Kane the Cat.
art bell
Now, again, Kane's family lived in the islands.
You know why.
Kane liked drawers.
Remember all of this?
Well, Kane went missing.
The Fifes, alone Kane, stayed, or were, you know, part of the family, stayed in the Iroquois Point home five more days.
Five more days, waiting out on a Ludaw every night for Kane to possibly return.
The day before they moved into a hotel, Marianne and her 18-year-old daughter drove around the neighborhood looking for Kane.
She was crying, calling out his name, Marianne said.
Marianne gave the neighbors and maintenance workers her number and said, you know, call if you see Kane, call.
And the family left Hawaii on December 26th without Cain.
Very sad.
The Fife settled in Crofton, Kentucky.
That's a long ways away.
And their household items arrived January 27th.
Just in case Cain had been packed with the furniture, Larry Fife sent his wife and daughter away from the house before the movers arrived, you know, expecting to find the worst, of course.
When the movers unloaded the dresser, there was indeed a foul odor.
Larry thought the worst was about to be realized.
But when he opened the dresser, Kane was in one of the drawers staring back at him, meowing.
He called Mary Ann with the news.
He said, you're not going to believe this.
Cat's alive.
Mary Ann was driving around with her daughter.
I told her she was jumping up and down.
She was crying.
I was crying.
We were all hyperventilating.
Kane had weighed 13 and a half pounds in Hawaii.
When he arrived in Crofton, after 44 days inside the dresser, he weighed less than three pounds.
unidentified
But Kane's alive.
art bell
I, of course, got him water right away.
I took him to an animal clinic, stayed overnight there, was released the following day.
No liver or kidney damage.
It's a miracle up to 11.5 pounds right now.
And definitely charged one of his cat lives.
So there you have it.
That story of Cain.
44 days without food or water.
44 days without food or water.
Boy, we wouldn't do that to an animal, would we?
unidentified
Mm-mm.
art bell
We wouldn't do that to a dog or a cat.
We wouldn't starve them to death, would we?
First time caller line, you're on the air.
Hello.
unidentified
Hey, SART.
art bell
Yes.
unidentified
Hey, this is Mike from Circus.
art bell
Hello, Mike.
unidentified
Big fan, man.
Yeah, I had a story about Hellbout there.
art bell
Hellbout, the Comet.
unidentified
Yeah.
What do you remember about the Hellbout Comet?
art bell
Everything.
unidentified
Everything.
art bell
Yeah, everything.
unidentified
I got a crazy story.
I used to, it was a while ago.
I worked in a high-security area.
And, you know, he was a janitor there.
I didn't do anything important.
But I used to smoke my cigarette.
art bell
Excuse me, a high-security area of what?
unidentified
I don't know if I should really say that.
art bell
Well, don't give me the name of a business or something like that.
Is that what it is?
unidentified
The government.
art bell
Oh, well, that's a business.
unidentified
Well, there was a bunch of people on there.
It wasn't just one thing.
It was Army, Air Force, and a whole lot.
art bell
I think I get the picture.
And so out on coffee breaks, you overheard things.
unidentified
Well, you start talking, you're smoking cigarettes, and one thing leads to another.
You're talking.
They would never say nothing.
Oh, we got this back here or this.
Just little things pop out here and there.
art bell
Well, so what did you learn?
unidentified
What's that?
art bell
What did you learn?
unidentified
Well, this one thing in particular, I was reading a newspaper, and it was about those Heavensky people.
And I was laughing and making jokes, you know.
And this one guy, he was like, do you know what the whole deal was, why they thought the aliens were coming back?
art bell
They thought something trailed the comet.
unidentified
Yeah, and I had no idea.
And he's like, come in my office.
I want to show you something.
And he showed me this picture, and it had this comet, and there was five spheres behind it.
And I was like, wow, we may take, you know, that's pretty cool.
He's like, we took this in 1959.
In 1959, he's like, yeah.
He goes, but, you know, here's the kicker.
I want you to look at this.
And he had it in the NAS website.
And there was a picture of the front of it.
And he said that as the comet comes through, he goes, check this out.
The Hubble Telescope is taking pictures.
But just as the comet is, we're about to find out what's really behind that, you know, the million-dollar question.
art bell
Oh, the Hubble failed.
Yes.
I recall very well.
Yes.
unidentified
Yeah, I was like...
art bell
And there was, in fact, a very mysterious failure of the Hubble at exactly that time, and so they couldn't do it.
One of the greatest by magnitude events of that sort, and probably in our lifetimes, right?
And they had the Hubble all set to go, and it failed.
I remember that.
Wildcard line, you're on the air.
Hi.
unidentified
Hello.
Hello.
I didn't realize it was my turn.
Good morning, Jerry.
This is Jerry.
I drive a truck for a living.
I'm just a little bit south of Flagstaff.
art bell
Yes, sir.
unidentified
I thought I'd present an interesting scenario just on this travo case down there in Florida.
art bell
The Shrivo case, of course.
unidentified
Following the money, it appears to me that there's three groups that are just really accountability for keeping this gal alive.
Who's going to pay the cost?
The government don't, you know, keep in mind the mad cow disease is hanging on the horizon out there.
art bell
I'm not sure what that has to do with this.
unidentified
Well, if their brains are eat up, you know, got holes in them and they're non-repairable.
art bell
Oh, I see.
You're pressing.
unidentified
There's a huge influx hanging on the horizon.
I think that's what really the fuss is about.
art bell
I got it.
unidentified
And the government don't want to take the hospitals, you know, it bankrupt them, the insurance companies.
I think there's a massive scramble.
art bell
All right, you're at listening.
Sir, hold on.
You're breaking up on your cell phone.
I definitely have the idea.
He's suggesting that we're establishing a precedent here.
And that if something like Macau disease should come along, then perhaps the Chival case, established law, would apply to millions and millions of people affected by CJD.
There is an angle I have not considered, I must confess.
Well, would it apply to people with Alzheimer's?
Where would we draw the line?
How much memory and consciousness do you have to display before you might not be lumped in with some sort of thing that comes out of this newly established?
It is sort of newly established law, isn't it?
In a lot of different ways.
In terms of the intervention of the federal government, in terms of what they've not been willing to listen to.
You know, some of this stuff, I must admit, I have no way of knowing.
In fact, we're going to talk about the internet tonight.
We're having, just for a lighter break here, Kevin Mitnick will be on.
Kevin is one of the famous hackers, most famous hackers in all the world.
On the website, it says the most celebrated hacker in the world, Kevin Mitnick, I added the world.
I wonder if that's the right word to use for a hacker.
Celebrated hacker.
Celebrated?
Infamous, perhaps?
I don't know if any...
We'll find out tonight.
We'll ask him all about it.
He's a fascinating guy.
He got in so much trouble.
Kevin got in so much trouble hacking.
At any rate, I'll tell you what.
Let's continue.
Easter of the Rockies, you're on the air.
Hi.
unidentified
Hi, Art.
art bell
Hello.
unidentified
Yes, this is Emily from Milwaukee calling.
art bell
Good morning, Evil.
unidentified
Yes.
Happy Easter to you in Ramona.
art bell
Thank you.
unidentified
And may the Easter Bunny bring you many unidentified flying Easter eggs.
You know, Art, I was thinking about this Terry Shivo thing.
I saw some Fox update before your show came on.
I guess that they're even talking about now that Terry Shivo may not even be able to be buried by her family, that Michael Shivo is going to take full control over even her burial.
art bell
Well, I understood that there was to be he had wanted a cremation, isn't that correct?
unidentified
Absolutely, absolutely.
And that the dignity would not even be for the family, that she would not even be able to go to where Carrie Shivo's parents would be buried.
And the man is not married, has the two kids.
And also, you know, you look at it, the judicial tyranny that's happening.
art bell
You know, through all this, you've got to wonder why didn't he just divorce her?
unidentified
Absolutely.
So, you know, could money have anything to do with this?
It could have very well have had something because, of course, the $1.5 million that he did receive initially for this suit, as she did have that accident, that fatal accident that.
art bell
Is that what the settlement was?
$1.5 million?
unidentified
$1.5 million.
And there was very little rehab.
Very little rehab that would possibly, possibly have gotten her.
art bell
I know, although I must admit, and maybe you should too.
Look, I've read all the Internet stuff.
Who the hell knows what you can believe and what you can't believe?
It's one of the complaints I have about the Internet.
If I were to believe, I don't know, a third of what I've read on the Chaivo case, I'd probably be over there out in front of the street myself protesting.
I just don't know what to believe.
On the Internet anymore, how can you know what to believe?
Even off the Internet, even if you go and you read the headlines, you know, according to one lawyer, it's one thing.
According to another lawyer, it's a peaceful, quiet death.
And people are, my God, this is emotional.
Saying why I say, if it's so peaceful and quiet, then let in a camera and we'll see how peaceful and quiet a death it really is.
We don't starve.
Dogs are cats to death.
unidentified
God.
art bell
Really traumatic.
This is really traumatic for all of America, not just Terry Shaiva.
This has really put a dent in the American psyche.
And I hope we come out of it okay.
Welcome to the Rockies.
You're on the air.
Hello.
unidentified
Hi, Art.
art bell
Yes.
unidentified
This is Dina.
I'm calling you from Tucson.
Yes, ma'am.
It is a pleasure to finally talk to you, sir.
art bell
Glad to have you.
unidentified
I'm also calling about Terry Shivo.
I'm really brokenhearted by this whole thing.
And one of the things that I was thinking, and maybe this is just a stupid question, but I wondered why, apparently she is able to swallow.
Is that right?
art bell
I guess.
unidentified
Why don't they put a glass of water in front of her and see if she swallows the water?
I mean, wouldn't that show with the judges sitting there, wouldn't that show that she wanted to live, that she did not want to starve?
art bell
I don't know.
It's gone further than that.
One of the lawyers claims to have heard her saying something like, I want to live.
unidentified
Yeah, yeah, yeah, yeah.
But, I mean, why don't they do a test?
You know, where it's, you know, something she is able to do and, you know, is able to answer basically by swallowing water or not, you know, whether she wants to take water into her body or not.
That was one thing I was just wondering.
And then, you know, another thing is the whole thing that just really sits wrong with me is that this vow that Terry took or said to Michael supposedly is so, so, so important to him.
And yet his marital vows are obviously of little or no.
art bell
In that he's living with another woman and all that.
You know, God, I know, I don't know what to say about all this, except that it's been just incredibly traumatic.
I don't think since the fiery days of Roe versus Wade that we've had it this rough.
And this is precedent setting.
It is precedent setting.
I mean, in a way, that caller was right, right?
If some disease came along, essentially mentally disabled people to some certain degree, would this case then have precedent?
And would we start starving people to death?
And then there's one last thing.
Again, with all of these internet things that are floating around, and I certainly don't know what to give credence to, but there is a lot.
Shouldn't the courts be reviewing some of these statements and stuff, if they really are true from the nurses and all that?
What's the rush?
Yeah, I know all these years, but now all of this, because of the national brouhaha, all of this stuff ought to be examined by somebody, shouldn't it?
Shouldn't some judge actually look at it?
I mean, they're to the stage where they're rejecting even looking at the evidence.
You know, don't show us.
We've made our rulings.
unidentified
That's it.
art bell
But if she's really brain dead, like they say, then waiting a little while longer to investigate this stuff, who's it going to hurt?
Who's it going to hurt?
To examine some of the allegations that have been made might take, I don't know how much of a court's time, but in terms of the significance to America and the precedent setting that's going on here, why would it hurt to wait a little bit?
If she's really brain dead, it's not going to hurt her at all, right?
But I mean, what if there is something to some of this stuff?
Wouldn't it hurt to wait?
First time caller line, you're on the air with a lot of noise there.
Hello.
unidentified
Hello, Art.
How are you tonight?
art bell
I'm all right.
unidentified
This is Terry from Montana, Georgia.
art bell
Yes, sir.
unidentified
I want to ask you.
art bell
How's the weather there?
I heard there was like tornado warnings and everything.
unidentified
Yes, sir.
It's pretty bad down there right now.
So I'm headed that way.
I drive a truck.
I'm over here on 47 South in Illinois.
art bell
Oh, okay.
You're not near home then, are you?
unidentified
No, but my family tells me that it's pretty bad down there right now.
art bell
Yeah, I can hear the Georgia in you.
Anyway, what's up?
unidentified
Do you remember that movie, Soylet Green?
Yes.
I feel like if they let Terry die, that's going to happen to us.
That's going to open the door for so much, you know, so many different things to happen now.
art bell
It might.
I mean, the caller who called earlier, I couldn't figure out where he was going at first, and then it dawned on me like a brick hitting my head.
Of course, if a lot of people became mentally disabled, oh, well, we'd have a precedent, wouldn't we?
unidentified
Uh-huh.
I know, and I thought about that movie with all this.
This has really upsetting me.
I can't believe we're letting this happen.
art bell
I guess I can't either.
You have a good night.
unidentified
I really appreciate you talking to me.
I enjoy your show.
art bell
Take care.
Yeah, that's it.
I can't believe it's happening either.
unidentified
I really can't.
art bell
Take what I said to heart.
Why does it matter?
Why would it matter if she's really brain dead to stop and examine some of these incredible allegations?
You know, some of them are supposedly signed affidavits, that kind of stuff.
If it's really there, that stuff is real, then that really does bear examination.
Because once she's gone, then that's that, isn't it?
Wild Cardeline, you're on air.
unidentified
Hello.
Hi there.
This is Robert from Washington, D.C., and I guess you would call me a former contemporary of Mr. Mittnicks.
We knew a lot of the same people.
art bell
Oh, really?
Well, he's about to be on, and this hour is drawing to a close.
So very quickly, what's up?
unidentified
I know some people who were present when he was arrested in North Carolina, and at the time of when they closed the door on him, he said No matter what happens, I'm a patriot.
art bell
Yes, turn your radio off, please.
All the way off.
Yes, he's a patriot, I'm sure he is.
unidentified
No, no, he made the statement, no matter what happens, remember I'm a patriot.
And no one ever explained what that meant.
And my question is, I'd be interested if you would either explain what that meant and also explain whether he had ever been contacted by foreign intelligence agencies, for example the Israelis, in the context of hacking activities.
art bell
I will absolutely ask him that.
unidentified
Thank you very much, sir.
art bell
So when he was arrested, he allegedly said, no matter what happens, remember, I'm a patriot?
unidentified
That was told me by one of the FBI agents who was participating in the arrest.
art bell
I appreciate your call, sir.
Thank you.
Thank you.
A comrade in arms.
In arms.
Coming up in a moment, folks, the person in question, himself, Kevin Mitnick, he is described as the most celebrated hacker, I'll add, in the world.
From the high desert in the middle of the night, indeed, it's a lie.
unidentified
I don't want your lonely men with a tear in every room.
All I want's to love you promise beneath the haloed moon.
But you think I should be happy with your money and your name.
And hide myself in sorrow while you play your cheating game.
Silver threads and golden needles cannot mend this heart of mine.
And I dare not drown my sorrow in the warm water wide eyes.
But you think I should be happy with your money and your name.
And hide myself in sorrow while you play your cheating game.
To talk with Art Bell, call the wildcard line at area code 775-727-1295.
The first-time caller line is area code 775-727-1222.
To talk with Art Bell from East of the Rockies, call toll-free at 800-825-5033.
From west of the Rockies, call ARC at 800-618-8255.
International callers may reach Art Bell by calling your in-country spread access number, pressing option 5, and dialing toll-free 800-893-0903.
From coast to coast and worldwide on the internet, this is Coast to Coast AM with Art Bell.
art bell
It is, and in a moment, the world's most celebrated hacker, Kevin Mitnick, Mitnik, that's what it is.
He's quite a guy, and in a moment, we'll try and find out why he's so celebrated.
Kevin Midnick, directly ahead.
unidentified
Kevin Midnick, directly ahead.
art bell
Kevin Mitnick is a security consultant to corporations worldwide.
He's co-founder of Defensive Thinking, a Los Angeles-based consulting firm, DefensiveThinking.com.
He has testified before the Senate Committee on Governmental Affairs on the need for legislation to ensure the security of the government's information systems.
His articles have appeared in major news magazines and trade journals.
He's appeared on court TV.
I bet.
Good morning, America.
60 Minutes, CNN's Burden of Proof, and Headline News.
Kevin has been a keynote speaker as well at numerous industry events, and in fact, has hosted his own weekly radio program on KFI 640 in Los Angeles.
The 50,000-watt torch in L.A. Here is Kevin Mitnick.
Kevin, welcome to the program.
kevin mitnick
Hey, good evening, Art.
Great to see you on your show again.
art bell
You're down in L.A. somewhere, right?
kevin mitnick
In Santa Monica.
art bell
Santa Monica, all right.
Not everybody thinks you're celebrated.
They used on our website, we have the world's most celebrated hacker.
kevin mitnick
I didn't write that copy.
art bell
Oh, I know.
I'm sure someone else did.
Anyway, Roy from North Little Rock, Arkansas, he read that.
He said, hey, what gives this thief the right to be on your show?
Hackers are the lowest form of criminal, along with capital offenders.
If I had my way, he'd still be in prison, doing hard labor, and he'd never get out.
kevin mitnick
Okay.
Got the ultra-conservative listener, huh?
art bell
Yes, well.
So, celebrated.
You would probably not have used that term.
I mean, you don't get off an airplane with adoring crowds going, Kevin, Kevin, Kevin, right?
kevin mitnick
No, but I do get recognized a lot, and it's by people that look to me in a favorable way.
I was just in New York.
I just actually flew in from New York yesterday, and I was actually walking in Manhattan, and this guy walked by me.
He goes, oh, hey, Mitnick.
And I took a double take.
I go, huh?
And he goes, yeah, I know all about you, blah, blah, blah, blah, blah.
And it was kind of strange being recognized right on the street, especially in Manhattan.
art bell
Well, there's a book now, right?
The Art of Intrusion, Kevin Mitnick.
Oh, it's a good-looking cover, too, all black and red and very shocky.
kevin mitnick
Yeah, the publisher did a good job at the design of the cover.
I really like it.
art bell
Yeah, it's really nice.
So that's your The Art of Deception.
So this is your news.
kevin mitnick
That's The second book.
The first one was The Art of Deception.
art bell
Yeah, I was reading the back here where it talks about the art.
Actually, you talk a lot about the art of deception.
We're going to talk about that tonight, right?
The art of deception.
kevin mitnick
Sure, sure, absolutely.
The reason that I chose the titles The Art of is really paying tribute to the book The Art of War, one of my favorites, my friend Zoo.
art bell
Okay.
All right.
Listen, I promised a caller that I would ask you something.
The caller said that when you were arrested, you made some statement kind of like, no matter what happens, have it be remembered that I'm a patriot.
Did you say that when you were arrested?
kevin mitnick
I don't recall saying that.
Maybe I did.
This was over a decade ago.
I remember at the time that the government had bandied about that I had hacked into computers at the CIA and very sensitive secret computers, which never did happen.
So I was always afraid that they would try to argue this in the court of public opinion.
Of course, they didn't do it, and I was never charged, nor arrested, nor convicted of it, but I was always afraid that they would have.
art bell
So you might have said something like that.
kevin mitnick
I might have.
I remember it was kind of interesting because when I was in North Carolina, I was initially arrested around Valentine's Day of 1995.
art bell
Yeah, we should be clear.
The audience should be clear on what you did and how you got arrested.
So, yeah, you've told it a million times, but a lot of people tonight will not have heard.
So let's tell it.
kevin mitnick
Sure.
Well, since I was a young kid, I was fascinated with CB radios and then went into amateur radio.
Then I got into a hobby called phone freaking, which was kind of like hacking the phone system.
It was like exploring the telephone network.
You hear of things called blue boxes.
I didn't actually directly work with blue boxes.
My interest was learning about switching and stuff like this.
And then when the phone company went computerized, because at the time I started this, it was electromechanical switching.
When they went to ESS, that's when I became interested in computers.
And I took a class in high school.
And one of the first programs that you learned to write, or one of the first assignments is finding the first 100 Fibonacci numbers.
But I was really a prankster as a kid.
I loved magic and I loved fooling my friends.
art bell
Stop.
Stop.
The first what numbers?
kevin mitnick
Fibonacci.
One of those?
God, I don't even recall.
It's been so long.
Basically, it's just a mathematical calculation.
I could look into Google, but I don't even recall what the Fibonacci numbers are.
But anyway, so anyway, what I did is instead of writing that program, I wrote a program that would actually grab the teacher's password.
It was kind of like to pull a prank on him.
When he'd go to sign onto the computer, it would appear as he was signing onto the computer, but it was actually running a program.
So he was signing onto my program, and the program would take his username and password, or it would store it in a file, and then it would log him onto the computer.
At first, he couldn't believe how is Kevin getting all this?
How is he getting this?
And it became like this cat mouse pranksterism game between my teacher and myself.
And eventually, after I told him, he gave me an A for the program, actually gave me a lot of adaptoids.
He was actually in PrEP.
So actually when I was in high school, the ethics of computer hacking at the time is you were patted on the back and you were encouraged to do this type of stuff, unlike today, where you can get into a lot of trouble.
art bell
So there really was once that atmosphere where you were celebrated.
You got into my computer.
You did me in.
By God, you get an A. Oh, yeah.
kevin mitnick
Like, if you came up with clever, innovative stuff like back in the 70s, you were actually rewarded for this stuff.
And you're given a lot of atta boys.
Unlike you do this today, you probably end up expelled from school.
So in any event, in fact, most of the security professionals today, 95% of them were hackers in the past.
But in any event, what had happened is to make a long story short, is I was really interested in becoming the best at circumventing security vulnerabilities.
And I made some regrettable and stupid decisions.
And I targeted the source code of, and source code is like the original programming instructions of certain operating systems, like certain, like Solaris and SunOS that was developed by Sun Microsystems, VMS that was developed by DEC.
And I moved a copy of the source code to some computers over at UFC in Los Angeles so I could scour through the code to look for holes or vulnerabilities that have been patched and some that might have not been identified by the developers.
art bell
What do you think would happen to you in China if you did something like that?
kevin mitnick
You probably got the death penalty in China for anything these days.
art bell
Absolutely.
Yeah, for anything.
Straight into your head.
Stole the source code?
That'd be it.
kevin mitnick
Yeah, so that's what I did.
So what I did is I stole the copy of the source code for different operating systems and cell phones for the purpose of identifying vulnerabilities.
And then that's what led me into a lot of hot water.
And then because of I had a case in 1988 where a federal prosecutor had told a judge that I could start a nuclear war by simply whistling into the telephone.
I think the guy was watching too many reruns of war games.
art bell
Perhaps so.
kevin mitnick
And what ended up happening is then I was afraid that the government was going to really exaggerate my case, and I was going to be held in solitary confinement for years.
So then I ran and I became a fugitive.
art bell
Oh, how long were you a fugitive?
kevin mitnick
For about three years.
art bell
Three years.
kevin mitnick
And the time I was a fugitive, I adopted new identities, and I worked in a law firm as a system administrator.
art bell
Really?
kevin mitnick
Yeah.
And in fact, the name that I worked under at the law firm was Eric Weiss.
Do you know who Eric Weiss is in real life?
art bell
I do not.
kevin mitnick
That's the real name of famous magician Harry Houdini.
So I had a sense of humor, right?
But I quickly learned that the FBI had no sense of humor.
No sense of humor.
So what ended up happening, then I was moving around the country, and then I worked at a hospital in the IT department in Seattle, and I moved to Raleigh, North Carolina.
art bell
What's it like being, I mean, knowing the FBI is after you, knowing that you blow your cover and you're going to prison.
And for three years like that, what's that like?
kevin mitnick
Well, I treated it as I was running from the law.
I had a, in my mindset, in my mind's eye, I treated it as if I was living an adventure or as if I was just like an undercover covert type agent, you know, living under a cover identity.
art bell
And how old were you at the time?
kevin mitnick
Mid-20s.
art bell
Mid-20s.
Man, what a life.
kevin mitnick
Fortunately, that portion of my life's over.
art bell
Okay, let's be clear, though.
You never actually compromised the security of the United States government.
You never went into CIA or the FBI or anything.
kevin mitnick
And you stole credit cards from their agency.
You never wrote worms and viruses, never hacked into government computers.
My crimes were stealing source code.
Even though my purpose was to look for vulnerabilities, it still was theft nonetheless.
art bell
Did you have any goal?
kevin mitnick
Yes, my goal was to become the best at circumventing security.
Am I best at knowing all the holes that other people did not know of?
art bell
Gotcha.
And by having the source code, you would know all the holes.
kevin mitnick
Well, all the ones that I could possibly identify.
Don't forget, you could have the blueprint right there, and some could be so obscure or difficult to identify that I might not see it.
But it's kind of like the blueprint.
It's like the secret recipe to the Orange Julius.
And what's strange these days is a lot of the source code, except for Microsoft Windows, which I wasn't interested in at the time, it's pretty much one open source.
So now anybody can get the source for free.
art bell
Well, there's so many holes in a lot of what Microsoft, of course, they've been, my God, I think I have actually more patches for my operating system than I do megabytes of operating system.
Well, I'm serious.
You ought to see the patch.
You know, when you do a defrag, you can see it.
You can see all the patches down there.
My God, it's bigger than the operating system.
So there must be a lot of holes in Microsoft's stuff.
Has that code ever, ever been stolen?
Otherwise, how do they know about all these codes?
Back doors and secret ways to get in?
kevin mitnick
Oh, yeah, Microsoft.
In fact, several months ago, some of their source code was released onto the Internet.
And in fact, yeah, parts of Windows 2000 and Windows XP.
art bell
Really?
kevin mitnick
Yeah, stolen from Microsoft.
And what apparently had happened is Microsoft licenses portions of its source code to vendors that develop products that work for Windows.
And the perpetrator broke into one of those companies and released the source code on the Internet.
In fact, somebody was, I guess, crazy enough to actually take that source code that was distributed over the Internet and sell it on his website.
And then the guy was obviously arrested.
I don't know whatever happened to him.
but the uh...
art bell
the source of the microsoft but not that the reason that is Portions, yeah.
kevin mitnick
Like Internet Explorer.
art bell
Oh.
kevin mitnick
And Internet Explorer is riddled with security vulnerabilities.
That's why a lot of people, I think even Gartner advised people to switch to Firefox, a different browser, because what happens if your Internet Explorer browser is vulnerable, if you are persuaded or influenced to go to a particular website or somebody sends you an email with a hyperlink and you click on it and you go to a website that has certain code to exploit that vulnerability,
the bad guy could take complete control over your computer by simply installing software like a common piece of software would be like a keystroke logger or a piece of spyware that monitors everything you do on your computer.
art bell
No, let's stop.
A keystroke logger means that every key you hit, whether you're typing an email or doing anything else on your computer, is preserved and then transmitted to somebody else, yes?
kevin mitnick
Yeah, absolutely.
It's like a wiretap.
So every keystroke you do, if you're an AOL instant messenger, if you're sending an email, signing on to your online bank, every keystroke you type is simply captured and it's emailed to a drop email address, a dead drop, as they call it.
And it can be a free Yahoo or Hotmail account or a Gmail account.
art bell
All right, would you differentiate for me, please?
Somebody, Harold, sends an email that says, hey, Art, I've noticed just about everything on the web nowadays installs what's called a data miner to slow down our computers by running in the background, even logging offline.
Some are even breaking my outerware remover that is hardened against such attacks.
I wonder, is there ever going to be a cure?
Now, is a data miner like a key login?
kevin mitnick
Well, what I think he's speaking to is software that is considered a type of spyware, but it basically monitors what websites you're going to, so they could send you marketing materials.
I assume that's what he's talking about.
art bell
Is that what most of these data miners are, Kevin?
kevin mitnick
Well, what I look at as a data miner is basically going out and getting particular data and sticking it into a database.
And what software are you going to be talking about that's stealthily installed on your machine to send some intelligence back to some central point?
The ones that I know about that exist are for advertising and marketing, and those do exist.
art bell
I've had zillions of them, Kevin.
I use the removal programs, and every time you use the removal programs, it finds tons of them.
kevin mitnick
Yeah, the Attaware.
art bell
Yeah, Attaware or something like that, the bot stuff, whatever, different removal programs.
But man, there's a ton of it in there.
So it's usually just what?
For advertising to figure out what you're interested in?
Is it that, you know?
kevin mitnick
Yeah, where you're going on the internet, basically, you know, looking at your cookies.
Basically, you've heard of DoubleClick, which is a lot of these e-commerce sites are affiliates, so basically through cookies, they can kind of keep track to what sites that you visit on the Internet and report that data back so they could target you for marketing.
And it's just like if you go to Amazon and you start clicking on computer books and Amazon remembers by storing a cookie of what your interests were.
So when you go back on to their site and do some shopping, it's going to be a lot of fun.
art bell
Oh, no kidding.
It puts up ads that are relevant to you.
kevin mitnick
Exactly.
art bell
How cool is that?
kevin mitnick
Exactly.
And they're trying to make this cross-platform.
So you imagine you're at Amazon.com and you eventually end up one day on Barnesennoble.com or whatever.
Maybe they can now do direct marketing towards you.
unidentified
Wow.
art bell
All right, well, that's fairly mundane.
I mean, that's not too bad, but you also have the feeling that these data miners or keystroke things or whatever could be a lot more malignant in their intent.
kevin mitnick
Oh, certainly.
I mean, the Attaware, while people don't appreciate being tracked for privacy purposes, the most insidious type of software is the real spyware, which monitors what you're doing.
In fact, there was this guy in New York who went to all the different Kinko copier establishments out in New York and installed keystroke loggers on all those computers.
So anyone that would use their online banking or sign on to sensitive email from Kinkos, all their communications were essentially, and all their keystrokes were monitored by the bad guy.
And eventually he got caught because what he was doing this was for identity theft.
art bell
Oh, boy.
kevin mitnick
Yeah, unfortunately, he got caught, but you have to think about what about all the other guys that are doing the same thing?
Anytime you go up to an internet kiosk, anytime you go to a Kinko's, or anywhere where you're not using a computer that you can trust, you could be easily monitored and people don't even think about that.
art bell
Well, I want to ask a lot about that.
I mean, I see advertisements on TV for shredders.
So you can take your personal documents and shred them.
Nobody can go through your garbage and steal your identity.
The question is, how easy is it to steal your identity by hacking, by hacking into somebody's computer?
Is it easy or is it hard?
kevin mitnick
Well, usually that's not how it's done.
Usually the bad guys are able to get certain non-public personal identifying information like your mother's maiden name or your social security number.
And people think these pieces of information are private, but anybody with an internet connection and a credit card could easily obtain these details and then become you.
art bell
Those are very important details.
Kevin, hold on.
We're at the bottom of the hour.
when you call social security talk about social security they want to know your mother's made me and couple of things and then they know it's you Abomba Abomba Abomba If you ask about my mother
unidentified
Abomba
When you hear my heartbeat in this corner, you know that behind all this gold sound, the smell of a touch to the something inside that we need so much.
The sight of the touch or the scent of the sand, or the strength of an oak leaves deep in the ground.
The wonder of flowers to be covered and then to burst up through tarmac to the sun again.
Or to fly to the sun without burning a wing, to lie in the meadow and hear the grass sing, and all these things in our memories hall.
I'm the user to help us survive Yeah Fight Fight, let's dissolve Take this place On this trip Just go here
Fight Take a break I can't Refin my wish Of a seed It's for free Wanna take a ride?
To talk with Art Bell, call the wildcard line at area code 775-727-1295.
The first-time caller line is area code 775-727-1222.
To talk with Art Bell from east of the Rockies, call toll-free 800-825-5033.
From west of the Rockies, call 800-618-8255.
International callers may reach ARC by calling your in-country sprint access number, pressing option 5, and dialing toll-free 800-893-0903.
From coast to coast and worldwide on the internet, this is Coast to Coast AM with Art Bell.
art bell
It is my guest, Kevin Mitnick.
Now, when you steal a company's source code and then you pass it around on the internet, you are toying with the force.
I mean, you really are toying with the force.
You're messing with the force.
In other words, these are very large companies with millions of dollars invested in this software.
And when you get it and look for vulnerabilities and go after it, you're definitely tampering with the force.
And that force has a lot of money, and that force knows the FBI real Well, and they go after you, and in Kevin's case, they caught him.
unidentified
the story is on what happened afterwards the ever yeah Once again, Kevin Midnick.
art bell
Kevin, do you think most corporations have an attitude that those hackers that don't kill you make you stronger?
kevin mitnick
The hackers that you don't kill will make you stronger?
art bell
Well, the hackers that don't kill you will make you stronger.
In other words, if you don't completely slaughter them by stealing their source code and finding all their vulnerabilities, then in the end, I mean, even though you go to prison and they want you tortured and killed, maybe, since you're not and you do get out of prison, then they want to employ you to help protect, right?
kevin mitnick
Yeah, that happens in some cases.
art bell
Making them stronger.
kevin mitnick
Right.
But not in all cases.
Usually, well, they won't hire you directly.
Usually they'll set up a Chinese wall so they'll bring you up as a contractor, but usually they won't do it as an employee.
But it usually comes to the same result.
unidentified
Yeah.
art bell
Yeah.
In other words, you are making them stronger, in effect.
You're voluntarily or in their employee attacking their software, trying to find where others might get them.
kevin mitnick
Yeah, and today that's a big market.
I mean, today there's a lot of companies that are paying for vulnerability researchers.
art bell
Yeah, otherwise known as hackers that have come into the main world.
Listen, ID theft, that is a big concern to me.
And I know a fair amount about my computers.
I've got, I don't know, too many of them, about 13 or 14, for my business and so forth.
So I know a fair amount.
But I know enough to know how much I don't know.
And so only somebody like you can tell me how much danger I'm really in.
kevin mitnick
Well, usually, with respect to identity theft, if your computer is vulnerable and a bad guy breaks in, of course you might have certain data on there that might help them.
But usually the people you have to be concerned about are looking for many pieces of information on many different people.
So they're going to target databases.
Like, for example, in the recent news, I don't know if you heard about this, Art ChoicePoint, which is a company that sells non-public personal identifying information, was essentially hacked.
LexisNexis apparently had some problems too.
And this is where the bad guys get hundreds, thousands, tens of thousands of social security numbers matched with names, with addresses, dates of birth, and so on.
And this is where the serious problem exists.
And because in America our system is broken to essentially become somebody else, all you need to know is certain key pieces of information.
To get a birth certificate, to get a certified copy of a birth certificate, all the requester has to know is the person's full name, date of birth, place of birth, mother's name, father's name.
Then the bad guy gets a copy of the birth certificate and they can essentially become you.
I mean, it's a real simple process and that's because of how the system with identity works here in America.
art bell
No, you're absolutely right.
And I've seen all the ads on TV.
How widespread is it?
How likely is anybody out there to get their ID stolen and then their money spanner or whatever else?
kevin mitnick
Well, it's highly likely, but these people are, since they're targeting so many people, not just one, two, three, 10, what they're doing is they're basically doing it based on information.
And if they have certain pieces of information about you, they can simply go online and apply for credit.
Get an extension of credit in your name.
There's even been cases where people open up a mortgage in your name.
And all they need to know is certain key pieces of information about you.
Like, for example, I can give you a website now.
art bell
No, don't.
Listen.
You're already scared the hell out of me.
Every day I get no less than about 20 messages that say, you've been approved for a $60,000 mortgage.
Or something just like that.
kevin mitnick
Yeah, I get those all the time, too.
art bell
But that's not what you're talking about, is it?
kevin mitnick
No, not the spam.
We're talking about information.
And I mean, and why I give this information out, like what I was going to give you, I won't give the site unless you want me to.
But there are certain sites out there that have birth records, like for Kentucky, Texas, and California.
And on every birth record is obviously the mother's maiden name.
So anyone on the Internet for free can go look up anybody's mother's maiden name like in California.
unidentified
All right.
art bell
If you say you get that, and obviously you can get that.
With that, what can you do?
kevin mitnick
Well, I wonder how many of your listeners use their mother's maiden name to protect their bank account.
Every time I call my credit card company or my financial institution, the first thing they ask me for is what's your mother's maiden name?
art bell
Absolutely correct.
kevin mitnick
And why this needs to be out there in the public, why people need to know about these websites, is so they'll be encouraged to contact their financial institution immediately and change the mother's maiden name or set a password because people are relying on protecting very sensitive information like access to their bank account based on information that's readily available on the internet.
art bell
God, that's frightening.
Oh, that's frightening.
kevin mitnick
But of course we all know about the caller ID spoofing, right?
art bell
Well, we all know about that.
kevin mitnick
Right.
art bell
Oh, geez.
So, but to actually get to somebody's money, it seems like it just wouldn't be that easy.
It couldn't be that easy, just your mother's maiden name.
kevin mitnick
There'd have to be a social security number, which also there's sites out there primarily for private investigators and underwriters that pretty much anybody can get an account at by filling out the appropriate paperwork.
And then you can basically pull the person's social security number and date of birth, and you have the mother's maiden name.
And it's quite simple for identity thieves to get extensions of credit in your name.
Somebody stole my identity and opened up a cellular phone account in Denver and ran up hundreds of dollars Worth of long-distance calls, and then I got the bill for it.
It took me a little, you know, I had to prove it wasn't me, which was very time-consuming.
But at the end of the day, I didn't have to pay the bill because it simply wasn't me.
art bell
God.
But it costs you a lot of money to prove it wasn't you.
kevin mitnick
Well, time, and as we know, time equates to money.
And what the biggest headache is, and I'm sure there's people in your audience that have also been victimized by this, is having your credit profile changed negatively.
And then going back to these bureaus, I'm talking about TransUnion, Equifax, and Experian, and getting them to correct it.
It's really time-consuming process.
And the burden of proof shifts on you.
And I really believe that when your identity is stolen, that to make it easier for the victim, that the burden of proof shouldn't shift to the victim, but should shift to the Bureau.
art bell
Normally, however, in most cases I've heard of, the bank or the institution does realize that it's a rip-off and restitution is made.
And I always wondered, who actually pays for that?
kevin mitnick
Who banks do?
The issuers, the card issuers.
But at the end of the day, we're all paying for it because that's why they're charging us higher interest rates, right?
So everybody is paying for the thievery that's going on, but actually the first line of the attack is going to be the issuer in the instance of credit cards.
art bell
How severe is it?
I wonder how much money they're having to pony up every year to pay off the frauds and things like that.
kevin mitnick
Well, you know what's interesting?
I was just at an event in New York.
I spoke at an event, and the heads of a lot of the major, major credit card companies were there.
And what they do is they measure their losses.
They call them basis points.
And I don't know the exact calculation for it at this point because it really wasn't explained to me.
But the bottom line is they basically measure their loss.
And then they measure, well, how much money would it take us to offset the loss?
Or how much money is it going to take us to prevent this from happening?
And so far, the attitude is one remedy is to use a stronger form of authentication.
Authentication is when you have to prove that you are who you say you are.
Usually online you do that through a password.
But the problem is with all these phishing scams going on in the Internet, how do you, you know, and people are giving up their password through phishing scams, by people that are victims of social engineering attacks.
So these static passwords are really dangerous because you never know when somebody else has your password.
So stronger forms of authentication are like smart cards, maybe a device you carry on your keychain that the code changes every 60 seconds, maybe a biometric like your thumbprint or an eye retina scan.
Well, the problem is for banks, credit card companies and banks to deploy these technologies, it will actually cost them more money to deploy that technology than the losses they were suffering.
So what they do is they just choose to accept the loss.
art bell
But again, do you know what percentage they consider to be tolerable and what, in fact, they are paying?
That's probably very secret.
kevin mitnick
Not really.
art bell
No.
kevin mitnick
I mean, I think one financial, very large financial institution claimed that the fraud losses, I think, so far for the year were around $3 million.
art bell
Actually, that's not that much.
kevin mitnick
No.
No, it isn't.
And if it costs $10 million to deploy a stronger form of authentication that their customers could use, then it's not going to be worth it, so they just simply accept it, and that's it.
art bell
So as long as the identity thefts don't become thieves, don't become too greedy, they're going to get away with it.
kevin mitnick
Well, they spread it out over several different victims.
It's not like they're hitting MasterCard.
They get hitting, you know.
art bell
But if it gets too pervasive and equals too expensive, then people will be lined up and shocked.
kevin mitnick
Well, what's going to happen, then these companies will say, oh, to manage our risk, we'll deploy a stronger form of authentication to make it more difficult for the thieves to do their business.
art bell
Perhaps a chip in the palm of your hand.
kevin mitnick
They're chipping credit cards these days.
And in fact, in European countries, in some Eastern European countries, when you're defrauded, the risk is actually on the customer.
art bell
Really?
kevin mitnick
So, yeah, think about it in America.
Why would you want to bother yourself having to use all these fancy devices to prove who you are when at the end of the day, it doesn't cost you a dime if you're defrauded.
It costs the bank.
So people really don't care.
But in Eastern European countries, it's the opposite.
It's where the consumer takes the risk.
So now they're interested in these better forms of authentication and they're really pushing for it because they don't want to take the loss.
art bell
Fascinating.
All right.
We should be on some sort of track here.
And I want to talk a little about social engineering.
I know you do anyway.
What do you mean by explain your definition of social engineering?
kevin mitnick
Well, with social engineering, the best definitions or the best information could be found in the old art of deception book.
But real quickly, it's basically where the bad guy uses manipulation, deception, and influence tactics.
I'm talking about the same influence tactics that sales and marketing people use to persuade or to influence rather a trusted person inside a company to either reveal information or to do some sort of action item that lets the bad guy in or gives the bad guy the information.
It's simply the art of getting a person to say yes, to comply with a request, and this request is what benefits the bad guy.
art bell
Give me an example.
kevin mitnick
Example.
A guy walks into a building of a company during the day when the receptionist is quite busy, walks up to the receptionist maybe 10 minutes after sitting down.
The person's dressed in a suit, so the person has that authority, looks like a typical businessman or woman.
art bell
Probably a briefcase.
kevin mitnick
Briefcase, joculant hairstyle, typical trappings of a business person.
Hands the receptionist a $5 bill and says, excuse me, miss.
I found this money on the floor over there and I just wanted to turn it in.
And the receptionist is very surprised and says, okay, well, thank you so much.
And then about the person sits down 15 or 20 minutes later, the person goes back up to the same receptionist and says, listen, I just got an important SMS message or phone call.
I need to get something off my computer.
I need to be able to sit down somewhere.
Is it possible I could just use the conference room behind you just for 10 or 15 minutes?
If anybody comes in, I won't bother you.
I'd really, really appreciate it because I need to get this taken care of.
Receptionist knows that only employees are supposed to be in that conference room, but she thinks, well, she's attributed, she's given a positive attribution of trust to this person based on the person turning in the $5 pill that they found on the floor.
So she's thinking about it and she goes, well, sure, I can trust this person.
So he lets the guy into the conference room.
The guy plugs in the laptop into an Ethernet jack in the conference room because most companies have their network connectivity for conferences, of course.
Finds it's a live jack behind the company's firewall.
Person plants a wireless access point about this wireless access point being a device that fits about the size in the palm of your hand.
Plugs in the wireless access point into this Ethernet jack, puts a note on the wireless access point, please do not remove information security department.
And then from the parking lot with a directional antenna, of course, the bad guy has complete access to the company from the parking lot over radio.
art bell
This is a modern grift.
This is grifting, Kevin.
kevin mitnick
Exactly.
Well, social engineering is basically using Karn artistry and using technical...
art bell
It's drifting.
kevin mitnick
Well, drifting is more...
You're basically conning people out of money.
art bell
Well, hey, baby, what you just described ends up in the same place.
It's a modern grift.
kevin mitnick
Well, I think the definitions are different.
Social engineering is where the bad guy or the hacker is getting access to company information or company resources by influencing people and exploiting technical vulnerability.
art bell
A rose by any other name.
It's still a grift.
All right, so anyway, I get the picture.
I get how it's done, and that's pretty awful.
kevin mitnick
I mean, a quick other story.
Imagine you're at Premier Radio Networks in Sherman Oaks, and that's quite a building, if you've ever been there.
And imagine that you're on the elevator.
art bell
I have never been there.
kevin mitnick
Oh, okay.
art bell
Is that amazing or what?
kevin mitnick
Yeah.
Not really.
You're outside the state.
I was there a few times.
So anyway.
art bell
I'm sure they're happy to hear that.
kevin mitnick
But I did do what I'm going to tell you.
art bell
I bet they're all checking their Ethernet ports right now.
Little notes.
kevin mitnick
Little notes.
unidentified
Property of Premier Security, right?
kevin mitnick
So listen to this, though.
Imagine you're in the elevator into the restroom and you find a CD, like a red jewel case, and it has the logo of Premier Radio Networks on there.
And you look at it, you found it on the elevator.
Someone must have dropped it, and it says, extremely proprietary and confidential payroll salary history, second quarter 2005.
unidentified
Right?
kevin mitnick
What are the chances that somebody that was in the elevator or whomever is going to take that back to their computer and just do a quick check?
What do your bosses make?
What do their colleagues make?
They put in the CD.
It comes up with an Excel document.
They click on it and nothing happens.
It says it's corrupted or whatever.
They either toss the CD or they give it to human resources.
art bell
They say, what a bunch of bulls, somebody's stupid joke.
kevin mitnick
But what happened is what do they do?
After clicking that document, it installed a piece of malicious software on their computer that can essentially do anything the bad guy wants.
That's because under Windows usually everyone runs with administrator rights.
art bell
God, this is diabolic.
kevin mitnick
Right.
So then you have a keystroke logger that's sitting there, you know, basically installed a wiretap on the victim's computer that clicked on that spreadsheet.
Or worse yet, it's a program that attempts to connect out from that person's computer to the Internet to another machine, another computer that the bad guy had compromised, so now they could use that as a tunnel into Premier Radio Networks Network.
art bell
What idiot let you into our building?
kevin mitnick
I would call him a, no, he's not an idiot, but David Hall let me into your building.
art bell
David Hall!
I stand by my statement.
No, but he's a good guy.
David's all right.
unidentified
Yeah, he's cool.
art bell
God, I know they're doing some thinking down there right now.
kevin mitnick
So there's an example of the social engineering attack, which is a little bit different.
It's actually influencing the target by getting access to something that they'd really like to look at, and by doing so, getting them to install malicious software on their computer that gives the bad guy an advantage.
art bell
Yeah, David Hall, by the way, is just the kind of guy that probably would have hired you back in your heyday.
Hold on, Kevin.
We'll be right back to you.
Kevin Mitnick is my guest.
Check those Ethernet ports, folks, down at our building.
I have this awful, shivery feeling running right up my spine.
He is our guest, nevertheless, I'm Art Bell.
unidentified
This is coast to coast AM in the nighttime.
This is coast AM in the nighttime.
To talk with Art Bell, call the wildcard line at area code 775-727-1295.
The first-time caller line is area code 775-727-1222.
To talk with Art Bell from east of the Rockies, call toll-free at 800-825-5033.
From west of the Rockies, call 800-618-8255.
International callers may reach Art by calling your in-country sprint access number, pressing option 5, and dialing toll-free 800-893-0903.
From coast to coast and worldwide on the internet, this is Coast to Coast AM with Art Bell.
art bell
And my guest, Kevin Mittney.
Not somebody you'd want to meet in a dark cyber alley somewhere.
Kevin was arrested by the FBI, did his time and all that stuff, and he was a hacker.
And he's been writing about it and talking about it ever since.
And he's got a lot of worthwhile things to say.
unidentified
if you don't mind having to have a hand back your neck stand up a little bit I don't know.
art bell
To me, what Kevin just described really does seem like cyber grifting.
Maybe, I don't know.
Grifting, I suppose, is the art of the short con.
Maybe it's a long con.
I don't know.
But pretty close anyway.
Kevin, welcome back.
kevin mitnick
Oh, thank you, Ark.
art bell
I'm getting a lot of requests via Fast Blast.
You know, I have the computer thing.
You probably hack into it by now and know what they are.
kevin mitnick
I don't do that anymore.
But hey, I actually get paid to hack these days.
So now what I used to do illegally for the intellectual challenge and pursuit of knowledge in Thrill, now I actually, it's a business because companies hire me to test for their security failures, banks and even some U.S. government agencies.
So it's quite interesting that you can take a scale for which you can get into trouble and now actually do something that benefits the community and also is as challenging and making a living from it.
art bell
Okay.
We'll get back to social engineering in a second.
I do want to ask you, sort of as we go along, I mean, this is a very relevant question.
Hydro 0503 from Portland, Oregon, wants to know, ask Kevin Art, would you please about Wi-Fi hacking and war driving and accessing unsecured networks?
Very popular these days.
I must tell you, Kevin, I have friends who war drive.
kevin mitnick
All those amateur radio operators.
art bell
I shall not name any names, but war driving.
Let's explain a little bit what he means by that, which please, what is your war driving?
kevin mitnick
Well, I mean with the ubiquitous wireless connectivity these days, especially with 802.11, which is 802.11b, that's like a protocol that's used like at Starbucks if you're using T-Mobile.
Well, most consumers these days are going to their local electronic shop and they're installing wireless access points at their homes.
Businesses are doing the same.
And what ward driving does, it's simply driving around the neighborhood.
And in some cases, it's called ward walking, where you walk with your laptop, like if you're in Manhattan, and you identify businesses and people that have open wireless networks.
art bell
There are literally millions what?
kevin mitnick
I would say hundreds of thousands.
I mean, and we're not talking just in the United States, Art.
I've been traveling all around the world doing speeches on security.
And in most of these, even in Asia, there's, again, businesses are running open wireless networks.
And once you're on the wireless network, once you associate with a wireless network, in most cases, you're behind the company's firewall.
So it's as if you could walk into the company premises and plug in your laptop into their network.
And it's pretty scary.
And even if you're using encryption, they have a thing called WEP, which is like a privacy equivalency.
It's supposed to encrypt your communications to safeguard your data.
art bell
Is 128-bit encryption safe or?
kevin mitnick
No, not using WEP.
No, because of the implementation of the protocol, because of a flaw in the implementation, it basically takes an attacker to capture a number of packets.
And once a certain number of packets are captured, let's say over a usual time period of six hours, with a program called Ether, or Ethereal, is another way of saying it.
Then you could take the output from this program and run it through another program called WebCrack and basically derive the web key.
And so for any companies that are running with WEP enabled, those are also easily hacked.
So what you have to do is you have to treat your wireless access point as basically a completely untrusted entity and run VPN over it.
art bell
I'll tell you this.
In my own personal situation, I have, for example, a wireless network in my home.
I think a lot of people do now.
Mine is not that protocol.
It's not 802.11B.
It's something else, which I won't say.
But it's something else less likely to perhaps be attacked, but certainly not impossible.
kevin mitnick
If you're running A, B, and G, those are the most common protocols attacked.
art bell
Yes, I'm sure.
So these things are all over the place.
I have a friend, I won't name him, in Las Vegas, who put up a beam, Anthony, a Yagi at his house.
And he can turn this Yagi 360 degrees, and he found he doesn't even have to pay for internet anymore.
kevin mitnick
He could just hop on somebody else's.
art bell
Yeah.
And if for some reason he can't, then he just turns the beam and finds another one.
So it's an incredible, incredible world we live in today.
kevin mitnick
Yeah, in Las Vegas, every year they have a big hacker conference called DEF CON.
You should go.
art bell
Yeah, really.
kevin mitnick
Yeah, it might be an eye-opener for you.
Not only do hackers go, but law enforcement agencies go as well.
And they had a contest, I believe it was last year, and the contest was how far the distance to you know, you basically build your own antenna and how far can you communicate with a wireless access point.
And it was 51 miles.
art bell
Oh, my God.
kevin mitnick
51 miles.
And they were doing this all, I guess they, I don't know if they drove up to like Mount Podicy or something, but I mean they actually got that distance.
So these guys that basically hitchhiked all the way to Vegas to go to this hacker convention won the contest.
unidentified
Oh God.
art bell
Oh, that's so frightening.
And yet, it's all our convenience versus security, isn't it?
In other words, absolutely.
kevin mitnick
There's the bounce.
There's the magic bounce.
And imagine a social engineering attack with wireless, right?
Imagine an industrial spy wants to get access to a company's secrets.
So what they do is they'll do a little bit of research on the person, the family.
And what if the executive received a gift around Christmas time, purportedly from a company they'd normally do business with, with a wireless access point and with instructions to install it?
What are the chances that that executive will just happily install that at their house and then they send their operatives around three to four weeks later and then they have complete access to the network and will likely be able to break into the executive's machine or computer, if you will, and then once that executive is VPN'd, in other words, connected to the corporation securely from home, the attackers could hijack that person's connection.
good lord and be into the corporate network so you can you think it probably goes steps through is there how dangerous it is there any way to be safe now there well i take that back there's a way things, there's countermeasures you can do to raise the bar to mitigate the risk to an acceptable level, but there's no such thing as 100% security.
art bell
Was that mitigate the risk or nick the risk?
kevin mitnick
Mitigate.
art bell
Mitigate, all right.
unidentified
Yeah.
art bell
Well, how many companies have you helped mitigate risk for?
kevin mitnick
I would say about 100.
art bell
That's a lot.
kevin mitnick
Yeah, and I've been doing this a short time because remember I had these restrictions regarding technology when I was on supervised release.
art bell
Right.
They wouldn't let you anywhere near a computer, right?
kevin mitnick
They wouldn't let me anything near a transistor.
They had solid state.
I had to get permission to use it.
It was quite interesting because, again, the government played me up as such a threat that I could start a world war by whistling into a telephone that it scared the money.
art bell
I can almost hear what the prosecutor was saying.
Judge, this man is so dangerous, he cannot be let near a seven-transistor radio, or the entire national defense could be.
kevin mitnick
Well, I couldn't even use a fax machine.
It's like I had to call and get permission to use a fax machine.
Eventually, that lasted about six months, and then they got tired of it because they realized how ludicrous it was.
And then in the end, I even had permission to use a computer a lot sooner than the public had known about under the condition that I not tell the media about it.
Because it was all about most of the concern was their public image, the government's public image in this case.
So a lot of things I had to keep secret in exchange for them lightening up on a lot of the restrictions that they had.
art bell
What was pushing them to lighten up to the point where they'd break the rules of your whatever parole?
kevin mitnick
Well, it wasn't really them breaking the rules.
It was pretty much in their discretion.
basically they had given me permission to do things as long as I kept my mouth shut.
Not working for them, actually being able to use technology and computers.
They weren't concerned about the quote-unquote threat I posed as they were concerned about their image in the court of public opinion.
Because my case was played up so much in the media that they didn't want to look like they were being soft.
So I think that was really about it.
It was more of a CYA type of position.
art bell
All right.
Now, fast forward to today's terribly dangerous atmosphere of terrorism and national security and, oh, God, what a mess out there.
kevin mitnick
Yeah, you wouldn't believe it.
In fact, in our new book, The Art of Intrusion, I have a story in there because there's always the threat of cyberterrorism being bandied about.
And it's about these two kids, one in Canada and one in Florida, very young kids that are interested in hacking.
And they spent a lot of time on IRC, which is Internet Relay Chat, kind of like a chat room.
And this guy from India, his name was Khaleed Abraham, or I mean is Khalib Abraham.
And what he was doing is he's actively recruiting hackers to break into government, military, and DOD contractor sites.
And these kids, because they were kind of lulled into the thrill of it all, one was doing it for money, one was doing it for the thrill, they were breaking into like Chinese universities, the Atomic Research Center in India, Lockheed Martin, and Boeing.
And they actually successfully penetrated Boeing and were able to get into their mail server from the outside.
And this was through exploiting actually a known vulnerability.
They put in what they call a sniffer.
It's basically a program that captures all the network traffic.
And they were able from the network traffic to obtain enough information to get further into Boeing's network.
And they were able to get the schematics to the nose of the 747 aircraft for this guy in India, which turned out to be part of a terrorist group that may have been associated with Osama bin Laden.
So what's scary about this is, you know, are these foreign adversaries, are potential terrorists trying to recruit kids or very young people that are impressionable on the Internet into doing their dirty work for them and essentially being their cutout?
art bell
There is a lot of that going on?
I mean, you cited just that example.
Do you think there's a lot of it?
kevin mitnick
I don't know.
I would think that they would.
I mean, this is just common sense.
This is common sense.
But in this particular case, what was interesting, then these guys, and this is part of another hacking group called Global Hell, is they broke into the White House server, the mail server, no, the web server, and then from that they were able to get to the mail server.
And then this guy was on IRC with Khalid again, and Khalid sent one of these kids, you know, hey, you know, I'm writing a paper on hacking, and I was curious if you had any hacking incidents you can tell me about.
And then the kid emailed back, yeah, we just broke into the White House.
We just broke into the White House.
And about 15 minutes later, the system administrator from the White House logged onto the site and was running his own sniffer, basically a network monitor, to look at what was going on, which is really strange that right after they told this guy in India that they were on the White House site, that all of a sudden the White House administrator is looking around.
Within a couple weeks, these guys were all busted by the FBI and were rounded up.
And in the court documents, it said the FBI had Learned that these guys had compromised the White House from an informant in India.
art bell
Was the whole thing a sting?
kevin mitnick
So, yeah, that's the question.
Was this guy an FBI operative, an informant, or was he a double agent that he was recruiting kids to break into systems and at the same time was cooperating with the FBI?
I don't know.
Unfortunately, we don't know the whole story, but it's very interesting.
And what's interesting is that these kids were willing to do it.
art bell
Yeah.
Well, I don't know if that's as much of a wow as the possibility of the whole thing being a sting.
Now, you know, in this modern day and age, I would say that our CIA and FBI have to be as good as or better than the hackers that are out there.
This is a full-blown war, isn't it?
kevin mitnick
You're talking about cyber warfare?
art bell
I'm talking about the whole schmear, national security.
I'm talking about everything.
Our government has to have agents that are as smart or smarter than the hackers because this is a war, isn't it?
kevin mitnick
Right.
I mean, we obviously have that the United States government has, you know, they have red teams that are used to essentially protect our government systems, but that they also have offensive teams that are used to break into our foreign enemy systems.
And I don't know where they recruit the people on these teams from.
I presumably people that have a lot of motivation and desire and skills in this area, which means they were probably hackers in the past.
But it's definitely known that they do this, that we're both offensive and defensive, because other countries like Korea and China, I don't know if you recall, remember when the Chinese aircraft was downed by U.S.?
art bell
I absolutely do.
unidentified
Yeah.
kevin mitnick
Well, now, and in retaliation for that, there was a group of Chinese hackers that retaliated against the United States through attacking American systems and actually released a worm that caused a lot of problems here worldwide as a retaliation for that incident.
art bell
How good are we?
How good is the United States?
Do you know?
kevin mitnick
No.
I don't know.
I don't have that information because I don't know who's on these teams.
I don't know what incidents have been investigated.
And that's probably extremely confidential.
I do know that, and we spoke to it in the book, is they had certain public operations.
I think it was Operation God, I'll get it for you in a moment, but it was a particular operation.
I'm trying to think of the code name.
And this operation is where certain government red teams were under instructions that if they used, that they could only use off-the-shelf software, public Internet sites that had exploit code.
The exploit code is programs that exploit vulnerabilities.
Just stuff that's available in the public domain.
And they were able to compromise numerous governmental computer systems just with this publicly available information.
So that was quite eye-opening.
So you have to think about, well, what about people that are much more sophisticated that aren't using off-the-shelf exploits?
How dangerous are they?
What are they into?
art bell
Is this supposed giant, what the hell is it called, that monitors everything?
kevin mitnick
Oh, you're talking about echelon.
By the way, we have to operate an eligible receiver.
art bell
An eligible receiver.
Oh, a football fan somewhere.
So is this echelon for real?
Is it capable of...
kevin mitnick
I think so.
I haven't seen it.
I'm really careful because unless I see it with my own eyes, I'm really, really skeptical.
But from what I hear from some trusted sources, our government does have monitoring stations all around the globe, and they're able to intercept communications.
art bell
Well, if there isn't an echelon, there ought to be, right?
kevin mitnick
You would think so.
I think it's highly likely.
Do I know for sure?
unidentified
No.
art bell
Do you even want to know?
kevin mitnick
Yeah, I would like to know.
It's kind of interesting.
unidentified
The old Kevin is still there.
art bell
Kevin, if you had a chance to, well, I don't know, maybe get into some secret back door to Echelon and somebody gave you some password that would achieve that and some routing that would achieve that, would you do it?
kevin mitnick
Hell no.
art bell
That was a hell no, folks.
All right, hold it right there.
Kevin Mitnick is my guest.
unidentified
Kevin Mitnick is my guest.
Nothing but the color of the lights that shine Electricity so fine, look and dry your eyes I live by my...
Before the morning comes to stories old You take me down, you take my super close I'm not the best, I'm not a big dog.
I never saw myself do one of them You found me too, forget you play my role You take self, you make myself ungrown I, I live up among the creatures of the night I haven't got the wheels to try and fight Against a new tomorrow So I guess I'll just believe it Tomorrow will never
come I said it's night I'm living in the forest of my dreams I know the night is not as it would seem I must believe in something So I'll make myself believe it This night will never go Oh, oh, oh, oh Oh, oh, oh, oh Oh, oh
To talk with Art Bell, call the wildcard line at area code 775-727-1295.
The first-time caller line is area code 775-727-1222.
To talk with Art Bell from East to the Rockies, call toll-free at 800-825-5033.
From West to the Rockies, call ARC at 800-618-8255.
International callers may reach Art Bell by calling your in-country spread access number, pressing option 5, and dialing toll-free 800-893-0903.
From coast to coast and worldwide on the internet, this is Coast to Coast AM with Art Bell.
art bell
If there is such a thing as Echelon, Kevin responded, would he get into it?
Given the code, the back door, everything, would he go into a look at Echelon?
unidentified
As you say, not only no, but hell no.
Oh.
so So, nothing like the inside of a jail cell to form an opinion, huh?
art bell
I mean, that really is where that came from, right?
You remember incarceration and disappointment and aggravation and, well, wasn't looking back on it now, was it all worth it or no?
kevin mitnick
No, certainly not.
art bell
No, no.
kevin mitnick
But there's a, you know, I look towards the future.
I don't really try to stay into the past.
And fortunately, I've been very successful at basically taking my background, my experience, and knowledge in helping businesses, government agencies, and universities protect themselves against the threats out there.
So I believe I'm extremely fortunate that I've been able to make lemonade out of lemons.
art bell
But you wouldn't be here if you hadn't been there.
kevin mitnick
Right?
art bell
Right.
I mean, you really wouldn't.
You wouldn't be here if you hadn't been there.
That was the genesis that led now to your infamy as a hacker is what caused people to employ you.
kevin mitnick
Well, not necessarily, but they know my name, but they basically employ me based on my skills, not on basically because I hacked into systems before.
And I didn't go out and go on a marketing campaign to market the information regarding my past transgressions.
That was more of the government.
art bell
You didn't need to.
kevin mitnick
Right.
Exactly.
art bell
The government did your PR campaign.
kevin mitnick
The government did the PR campaign, which I absolutely had no control of.
And a lot of people know my name today because of it.
But I'd rather be known today based on my knowledge and my skills rather than based on that I was a hacker of a decade ago.
art bell
Yeah, but you know it and I know it, Kevin.
On your tombstone, if they were telling the truth, they'd say, Kevin, the hacker mitnick.
People get tight cast, and you definitely are tight cast.
kevin mitnick
Yeah, I'm stereotyped.
art bell
I'm the UFO guy.
You're the hacker guy.
kevin mitnick
There you go.
art bell
That happens.
And there's nothing you can do about it.
kevin mitnick
No, nothing I can do about it.
But in today's world, I'm working diligently at rehabilitating my reputation and doing good services for my clients.
And co-authoring these books.
I do have a co-author that he's a best-selling author, and we've collaborated on these developments.
And we worked very well together.
And we're doing really good work.
art bell
You cannot be good at what you do without studying the dark side.
kevin mitnick
Exactly.
Well, I look at it this way.
You can go to university and you can take acting school and you could be a darn good actor and actress.
Or you could have the talent.
You could be naturally gifted in that area.
I think for myself, I was naturally gifted in technology and in this area because since I was a very young boy, when I got involved in amateur radio when I was 12 and graduated into telephones and then into computers, I just had this knack for technology.
It was just a real strong passion.
And then as a kid, in that young age, I was a real prankster.
So I mixed the two.
And at first I would use my knowledge of computers and telephones to pull pranks on friends that shared similar interests.
For example, I remember this guy, Steve, that lives in Pasadena, and he was a phone freaker as well.
And I remember getting into the time, or Pacific Telephone, actually.
And I remember getting into the Switch electronically and changing his home phone number to the line class code or the service of a payphone.
So whenever he tried to make a call, it would say, please deposit a dime.
art bell
Oh, that's so cruel.
kevin mitnick
Yeah, yeah, yeah.
Like electronically, he had the age agent calling.
art bell
Please deposit a dime.
kevin mitnick
Yeah, please deposit a dime, right?
art bell
Yeah, that was an old phone.
kevin mitnick
Like I said, this is 15 years ago.
art bell
Fucked it, though.
kevin mitnick
Yeah, that was 50 cents.
Prices went up.
Oh, geez.
So I love doing that.
And when I was in high school, outwitting the teacher was, outsmarting the teacher was the name of the game and using technology to do it.
And like I mentioned early in your show, I was rewarded for it.
art bell
It could have gone the other way, though.
kevin mitnick
Definitely.
I remember the teacher, this is hilarious art.
At the time we had dial phones in class, right, and we have this old Olivetti 110-baud acoustic coupler terminal that we'd used to dial into this PDP-1170, which is a piece of deck hardware that was running this operating system called RISTI-E.
And this is what we learned on.
And I remember my friends and I, we were dialing into a USC into their computer so we could play these really cool games like Star Wars and Grok and Adventure.
And how I used to do it was just simply call the zero operator, pretend I was the teacher, and have the operator connect me to the USC dial-up number.
Right?
So he brings into class one day this lock.
You know, these old phone locks that you put in the number one dial-up.
art bell
I remember, and you couldn't dial.
kevin mitnick
Couldn't dial, right?
And he was announcing it to the class, like he's come up with the solution so we can't call into SC and play games.
art bell
And I know exactly what you clicked your way in.
kevin mitnick
I clicked my way in, right?
I remember the teacher's face went as white as a ghost because it totally embarrassed him when I was able just to pulse out the number on the switch hook and make the same phone call anyway.
art bell
Actually, you can still pulse, can't you?
kevin mitnick
Yeah, you can still do it.
art bell
You can go.
kevin mitnick
Yeah, basically, you can basically, if you have the timing right, you can basically, through the switch hook, dial telephone numbers, through dial pulse.
art bell
So they actually have not disabled pulse.
How much longer is pulse going to be part of the system?
They'll eradicate it at some point, won't they?
kevin mitnick
You'd think so.
I mean, I know pulse exists because I've been traveling a lot in some of these hotels.
unidentified
Oh, I know.
kevin mitnick
They have a touch-tone phone, but it's not DTMF.
You don't hear the tone.
Then you hear the click, click, click, click, click, click.
art bell
I know.
kevin mitnick
Click, click, click, click, click, click.
I mean, oh, my God.
art bell
Oh, gee.
Look, in behalf of the audience, everybody's asking.
So what can people do at home reasonably to protect themselves?
For those who are not computer experts, there must be some steps we can take that will make us a little safer.
kevin mitnick
Yeah, there's the consumer.
I can think of about five or six things that could really raise the bar enough so you'd be it would eliminate probably 90% of the threat.
art bell
Let's hear it.
kevin mitnick
The first thing, and these are some no-brainer things, but I'm going to tell you anyway.
art bell
Please.
kevin mitnick
The first thing is to run a personal firewall.
Absolutely.
And I wouldn't rely on, like with the release of Service Pack 2 for Windows XP Pro, they turn on the firewall by default.
They actually had it in earlier versions, but Microsoft's firewall isn't resilient like others out there.
The one that I personally like that I use is Zone Alarm.
art bell
Zone Alarm.
kevin mitnick
And you can get it for free at ZoneLabs.com.
And what I like, and this is the difference.
With Microsoft, let's say you get infected with spyware, like one of those evil keystroke loggers.
And every time it emails the booty out to the bad guy, you'll never know it.
Because by default, it doesn't monitor your outgoing, only your incoming.
It only blocks incoming connections.
The Microsoft firewall doesn't really care about outgoing connections.
art bell
How does the zone thing?
And the zone alarm, how does it know that you're not sitting there typing that the packets going out are bad guy packets?
How does it know?
kevin mitnick
Well, basically, you authorize applications or programs.
You give it permission to connect to the Internet, to use the Internet.
So basically, let's say you've installed a new mail program, like a different mail package other than Outlook.
You have a Zone Alarm installed, what's going to happen is before you can even use the program, a little dialog box is going to pop up and ask for permission for that mail program to be allowed to use the Internet.
art bell
So if it's a piece of malicious software, it's not going to get permission.
kevin mitnick
Well, the problem is it's up to the user.
Let's say you have old grandma that doesn't know it says, you know, this application needs to connect out.
She might say yes, you know, because she doesn't realize the threat.
So you have to be a little bit knowledgeable, too, and not just say yes to everything.
Right?
art bell
Okay, so Zone Alarm is good.
kevin mitnick
Zone Alarm is the best.
art bell
Although I hear people complaining that Zone Alarm is a burden on them because it keeps coming up with stuff.
kevin mitnick
Well, that's a good thing, but what they can do is go into the configuration and minimize those messages.
But then if you minimize those messages too much, you're taking away the whole benefit.
art bell
Got it.
Zone Alarm good.
What else?
kevin mitnick
Okay.
Antivirus software, everyone usually has it, but are they updating the virus definitions on a daily basis?
A lot of people are doing it on a weekly basis.
I think they need to change that configuration to update it daily, especially with broadband.
It really doesn't take that much time.
art bell
I really fell in love with AVG.
It was really a good program, I thought, and they're making changes in it right now.
I'm not really sure what's up, but they're making changes.
Really, I thought that was a good program.
kevin mitnick
Yeah, I mean, yeah, definitely.
As long as those definitions are up to date, go with AVG.
If you're under Windows, don't use Internet Explorer.
I mean, I heard Bill Gates recently was at some conference, I think, the CES show in Vegas, and he mentioned that they're working on a new release of Internet Explorer 7.
But I would use Firefox.
I would absolutely never use Internet Explorer.
I went to Aerosmith.com like six months ago, and I got a piece of spyware dropped on my computer that exploited a security hole with Internet Explorer.
So I'd stay away from that.
Next thing is keeping your operating system to the latest release level.
So if you're running Windows, XP Pro Service Pack 2 with the latest updates, I wouldn't be running Windows 98.
Same thing if you're running on the Mac, Mac OS, I wouldn't be running Mac OS 9.
I would be running the latest release of Panther, 10.3.5, I think it's at, or 10.4.
Installing the security patches, if you're in the consumer environment, it shouldn't be a problem to immediately upgrade any security patches as soon as possible.
With Windows, you can turn this on automatically to do it in the middle of the night if you keep your computer on to automatically update your system.
And then running utilities under at least the Windows environment to try to identify spyware that's already been installed on your computer.
And there's a lot of different programs out there.
Microsoft has released one, a free one, that people can use.
But I've tested a lot of these.
And what I did is I took, there's a company called Spectresoft.
And Spectresoft is the biggest commercial spyware vendor.
What they do is they market products like eBlaster.
It's basically a program you install on somebody's computer and it will monitor everything they do and it will email it to you.
And how they market it to get away with it is if you're an employer and want to watch your employees or if you're a parent and you want to watch your kids.
But you know who's buying those programs, right?
The people that are buying those programs are like people that want to watch their significant other.
And get this, Art.
This is what's really scary.
You go out and you buy a copy of Spectrosoft, right?
Which is malicious code.
It's basically used to spy on people and you install it on your computer, your ABG, or if you're running Norton Antivirus 2005 and all these programs that claim to identify spyware, it doesn't detect it because they won't put a signature in for that because they can get sued by Spectrosoft because it's a legitimate commercial company.
So a lot of these antivirus vendors will not detect commercially available keystroke loggers.
So what do the bad guys do?
They go out and they go to like RiteAid, they get a prepaid credit card and they just order the product.
So now they have it.
Or they use a stolen credit card and they get the product and they install it on the target's computer.
So how do you find this stuff?
One of the best programs that I found, and I think you could use it for 30 days for free, is SpyCop.
art bell
SpyCop.
kevin mitnick
S-P-Y-C-O-P.
Now that's like after the fact checking.
What it does is it scans through your hard drive and it looks for spyware, but that's after the fact, after it's been installed.
art bell
Better later than never.
kevin mitnick
Right.
But then there's another utility that I kind of liked.
I've done limited testing with it, but I thought it was quite informative, was one called Test Patrol.
And that does real-time checking.
So if some known hacker program or utility is running in memory on your computer, it will flag it for you and say, hey, something's going on here.
art bell
And one obvious giant sign to any user would be that their computer starts sort of getting sluggish and slower and slower and slower.
And you might not even notice it as these data miners dig in and they're using more and more packets.
And even if it's all fairly benign and is being used for ad marketing or whatever, it's still packing up computers, right?
kevin mitnick
Exactly.
And then that brings us to the last thing, which is the Attaware.
A spy cop just looks for the really malicious keystroke loggers, but then you've got all the advertising garbage that's out there.
And that's where programs like Attaware are pretty good at going through your registry and looking for any telltale signs of this type of stuff.
art bell
This is very important, folks, because many of us, I shouldn't say most of us, I'm going to include myself in this group, though.
I don't see how I could legitimately live and do the work I do without computers.
I know the answer is, I don't use the damn things.
Well, that's not so easy in modern America, is it, Kevin?
kevin mitnick
In fact, when I was doing my radio show at KFI, at that time I wasn't allowed to use computers, and my show was about the Internet.
So this was hilarious.
So my screener and my producer, I would have to go to the station in downtown L.A. and I'd have to work with them for a few hours before the show to prepare.
And they would go onto the Internet and I'd say, oh, go here, go there, go here, type this.
I was basically surfing the Internet through proxy through my screeners and producers to be able to prepare for my show.
Because how can you do a show on the Internet without being able to look at it?
art bell
So what?
you were just not allowed to put your fingers on the keyboard.
You could talk to somebody else and have them do it.
kevin mitnick
Exactly.
art bell
Wow.
Did your screeners and your producers know what they were doing for you?
kevin mitnick
Maybe.
No, you don't.
unidentified
They didn't.
art bell
Did they ever stop and ask, Kevin, I'm not violating anything by doing this, am I?
kevin mitnick
No, they never did because it was very, you know, a lot of times they would do a lot of the research and they'd come to me and say, hey, this is kind of the current event.
And my producer would also give me ideas of what I should cover in the show.
It wasn't like I was giving them here, go to www.ca.gov, and oh, no, and enter this long story of characters.
art bell
Still, it sounds like a don't ask, don't tell policy, sort of.
kevin mitnick
Yeah, so no, that never came up.
art bell
All right.
When we come back after this break, I really would like to allow the audience to ask you questions.
And you can understand, after hearing the stuff that you've laid on us tonight, some of this has been downright just scary, frightening.
kevin mitnick
And the last thing, Art, about the personal security is if you're running a wireless access point at home, I would definitely, at the minimum, enable WEP.
At the minimum.
What I usually do at home is I actually run an open wireless network because I can really, because if someone neighbor wants to use it, I don't care.
But what I do is I also run a stiffer.
So any time anybody's using the network, if it's not any of the MAC addresses, what I do is the MAC addresses of the computers that are authorized, I don't monitor those.
I just ignore those packets.
But any other packets that are kind of foreign to the network, I log everything so I can see.
So I'm sure that someone's not breaking into bankofamerica.com through my wireless access point or something.
art bell
You wouldn't want that to happen.
kevin mitnick
No, not at all.
art bell
And, you know, with your reputation, you could certainly be set up like that, couldn't you?
kevin mitnick
Absolutely.
art bell
So you've got to watch your back ten times more than anybody else, because if something like that happened, you go directly to jail without passing the Microsoft building.
kevin mitnick
There you go.
art bell
So anyway, as I was saying, a lot of my audience is going to want to ask you personal and probably seeming to you to be very simple questions, but I can understand why after hearing all of this, and I hope you can too.
All right?
Coming up in the next hour.
So relax, get a cup of coffee or whatever keeps you going in the nighttime.
By the way, I wanted to ask Kevin, most hackers, they're night people, aren't they?
kevin mitnick
Yeah, they're kind of nocturnal.
And Art, if you have a time, I should tell you one great story out of the Art of Intrusion book.
I think you'll love it if you have time.
art bell
No, I don't.
Right after the break.
kevin mitnick
Okay.
art bell
All right.
Hold it right there.
Yeah, sure they are.
You know these are night people, these hackers.
In the small hours of the morning, 3, 4 a.m.
there and uh...
unidentified
well who knows what yeah My whole life spins into a fancy.
My whole life spins into a fancy.
Picking up, you know, don't be home.
To be queer, yeah, to be queer.
She musters a smile for his nostalgia tear Never coming near what he wanted to say Only to realize it never really was She had a place in his life
Ooh, all the breaks I think close Everybody has a good job.
Everybody else would surely know You're watching my girl But who believe Can you see The wise and wise of my world To talk with Art Bell, call the wildcard line at area code 775-727-1295.
The first-time caller line is area code 775-727-1222.
To talk with Art Bell from east of the Rockies, call toll-free at 800-825-5033.
From west of the Rockies, call 800-618-8255.
International callers may reach ART by calling your in-country sprint access number, pressing option 5, and dialing toll-free 800-893-0903.
From coast to coast and worldwide on the internet, this is Coast to Coast AM with Art Bell.
art bell
With my guest, Kevin, the reformed, in fact, as you listen to him, almost angelic-sounding Nitnik.
He was a big-time hacker until the FBI took the wind out of his sails, and now he works for the side of light and goodness, and he'll be right back.
unidentified
so Kevin, let's try you on one more little scenario here.
art bell
Suppose you were to hook up with somebody who said that they already had access to a computer up at the infamous Area 51, and they had information about what our government knows about alien presence.
kevin mitnick
In other words, would my need to know interfere with my ability to think rationally?
art bell
Would your lust to know overtake your fear of a repeated visit to a facility that you know all too well?
kevin mitnick
No, no, I don't I know for a fact I definitely would be interested in the answer, but not to the point of violating the law to find out.
I would just figure somebody else would do it, and then they would release the information anyway.
art bell
I see.
kevin mitnick
I wouldn't even have to do it.
art bell
But I went anyway if I was the only one in the world that you wouldn't lust to be the first or the person known for.
kevin mitnick
I would absolutely be curious about Area 51 and be interested, but not to the point where I would break the law to find out.
About many years ago, that was different.
That was a different Kevin.
I certainly would have just because I would be so curious.
And it would outweigh the fear.
art bell
How old are you now?
kevin mitnick
41.
art bell
41.
So you're becoming progressively conservative.
kevin mitnick
Yeah, I mean, when you get old.
You know, I grew out of it.
You know, when you get older, you have higher priorities in life.
And, you know, playing games is not one of them these days.
art bell
All righty, then.
Here comes the general public.
First time caller align.
You're on the air with Kevin Mitnick.
Good morning.
unidentified
Heart, Mr. Mitnick.
It's an honor to speak with both of you.
This is TJ in Kansas City.
art bell
Hey.
kevin mitnick
Hi, TJ.
unidentified
I had a question about Internet Explorer.
I've been using Firefox for about six months now, and it's such a great browser.
It just blows Explorer out of the water.
I have a two-part question.
My first part was, is it possible that Microsoft might have made Explorer vulnerable deliberately?
And secondly...
Answer.
kevin mitnick
Okay, I don't think so.
I don't think they would have deliberately made Explorer riddled with vulnerability.
art bell
Plus, Exploder is a very derogatory term, sir.
Your second question?
unidentified
And my second question was, I use System Suite 5.0, and they have a pretty good firewall.
Do you know anything about that side?
kevin mitnick
You're talking about Norton?
unidentified
No, it's called System Suite.
kevin mitnick
SystemSuite, okay.
Because I know Norton has something like Norton Security Suite.
I'm not familiar with that.
No, I'm not.
I'm only familiar with maybe five or six personal firewalls.
That's not one of them.
unidentified
All right.
Thanks, gentlemen.
art bell
You're very welcome.
Have a good morning.
Wildcard line, you're on the air with Kevin Midnick.
Good morning.
unidentified
Hey, how's it going?
art bell
It's going to spicy.
unidentified
All right.
I got two questions.
One for Mr. Midnick and one for you.
art bell
Okay.
unidentified
Like I was saying, my wife and I drive trucks, and obviously, you know, we use a computer for balancing checkbooks and whatever.
And so we're running the broadband guard, wireless guard.
How vulnerable is that, like, when we're out in the middle of nowhere checking our bank account?
kevin mitnick
I'll tell you a quick little story.
I was at a Starbucks in Los Angeles about two months ago, and I ran in there just to grab my email really quick.
I mean, I must have been in there five minutes, and I grabbed a latte because I was on the road.
And then a month later, I get this call from this guy going, are you the famous Kevin Mitnick?
I go, you mean the guy that used to be a hacker?
And he goes, yeah.
And I go, yeah, that's me.
He goes, were you in a Starbucks in Los Angeles about a month, a month and a half ago?
And I go, I don't know.
Why?
He goes, because I was in a Starbucks and I was capturing everybody's emails that were going over the wireless network, and I think I got your email password.
art bell
Oh, man.
kevin mitnick
And fortunately, I don't check any sensitive or business accounts over any wireless network.
art bell
This is like a tell the public, Kevin, Starbucks provides something like a T-Mobile.
kevin mitnick
Yeah, they provide T-Mobile, which is wireless Internet for a fee to pay a daily fee or a monthly fee.
art bell
Right.
kevin mitnick
So I use that to check an email account that I use just for personal, not business.
art bell
And he got your password.
kevin mitnick
And well, he got my email.
And presumably, I know he could have got the password because when you use a wireless network in the clear where you pay for it, meaning there's no encryption key, anybody could monitor any of the traffic and get your passwords or any of your communications unless you're using something like SSL, which is called Secure Sockets Layer.
It's like when you see the little padlock on Internet Explorer and you're signing on to your bank, that information cannot be captured that easily.
There's another attack called a man-in-the-middle attack, but I'm not going to go into that now unless you're interested, but that might take a little while of explaining.
unidentified
Okay.
Call it.
I probably wouldn't understand it anyway.
kevin mitnick
So if you're doing anything sensitive over wireless, I'd make sure that you're using something like SSL.
Or if you're using like, if you're to do anything, like a lot of those Yahoo and Hotmail accounts, I think they use SSL to log in, but once you're logged in, all your email is sent over the wireless network in the Clare.
unidentified
All right.
And then the second question was for you, Art, about the weather.
Because I live on the other side of the pass from you.
And I remember, I think it was last summer, the lake was down like 75 feet or something.
Yes.
And I was wondering if all this rain has helped that out at all out.
art bell
You know, we're all wondering that, sir.
I appreciate the call.
And the answer to that is, I wonder, too.
I saw a website recently that showed the reservoirs in Arizona a couple of years ago, versus right now, and they're in the high 90s.
So I think all the water that we've received has, I guess, done good.
And that was his question.
That's as much as I know.
So the Southwest has had amazing rain this year.
East of the Rockies, you're on the air with Kevin Midnick.
unidentified
Hi.
art bell
Hello.
unidentified
Okay, hello.
art bell
Yes.
unidentified
First off, I wanted to say hi to you, Art, and shout out to the Fantastic Forum.
kevin mitnick
And I'm listening on Streamlink on my computer.
unidentified
I'm not listening on the radio, and I got it muted.
And I am paying for it.
And Kevin, I'd like for you to explain the difference between white hat hackers and black hat hackers, and I'll wait off the air.
But Art, check out thebroken.org.
That'll explain a lot of what Kevin was talking about today.
art bell
All right.
All right.
White and black hat.
kevin mitnick
Well, the definitions mean different things to different people.
There's no clear definition.
But a white hat hacker is an ethical hacker that hasn't done anything illegal in the past, but has pretty much, through self-study and maybe through some university courses, now does vulnerability assessments or pen testing.
Pen testing is simply trying to penetrate into a client's network and find their vulnerability so you could submit a report.
A black hat hacker, on the other hand, is somebody who is currently illegally accessing systems or is malicious.
art bell
It is a pretty thin line, isn't it?
kevin mitnick
Yeah, like I said, most of the white hat hackers, I mean, even they have this certification called a CISSP, and one of their code of ethics is you can't even associate with hackers.
But I know several people that have this certification, which isn't really that tough to get.
It really is a test where it tests your definitions of stuff.
It's pretty simple.
And a good percentage of those people have illegally accessed systems in the past, at least the people that I've talked to.
I haven't talked to each and every one of them.
art bell
You mean they have not upheld their promise?
kevin mitnick
Well, well, I even know about five or six of them that have convicted fella you know, they were convicted of computer-related crimes, but they simply do not disclose that to get the certification.
But the truth of the matter is a lot of people that are from the old school, and I don't mean hackers in the sense of writing worms and viruses and stealing credit card numbers and doing really malicious stuff, but I'm purely talking in the sense of unauthorized access.
I mean, even at the university level.
I mean, if you're in college and you're breaking into your teacher's account, you know, it's still hacking.
art bell
That's right.
It's a mighty thin line, and on the part of somebody who might be monitoring such actions, I don't know that they'd see a difference at all.
kevin mitnick
No, the federal government doesn't distinguish.
They just look at did you have authorization?
If you didn't, they don't call it hacking.
They call it fraud.
So if you access a system, what they call a federal interest computer, which usually has some sort of interstate nexus.
art bell
That is in itself the violation.
kevin mitnick
Exactly.
Exactly.
Just like if you make an interstate phone call in the furtherance of a fraudulent scheme, it's the phone call.
Placing the phone call is the actual element that got the offense.
art bell
Yes, got it.
West of the Rockies, you're on the air with Kevin Mittnig.
unidentified
Hi.
kevin mitnick
Hello.
art bell
Hello.
unidentified
Good morning, Arville.
How you doing?
art bell
All right, sir.
unidentified
That's good.
I'm calling from KTL 600?
art bell
Yes, sir.
unidentified
Okay.
Good morning, Kevin.
kevin mitnick
Hey, good afternoon or good evening, I guess.
Or morning, yeah, that's right.
It's 120.
unidentified
Yeah, it's morning time.
My question to you is, what, I mean, I have hobbies.
And one of my hobbies when I was a kid, about your age, was listening to scanners and learning about different frequencies on the scanners and stuff like that.
kevin mitnick
Yeah, I used to do the same thing.
unidentified
Okay.
So my question to you is, what got you, I mean, what kind of got you curious into the hacking?
I mean, what inspired you?
What gave you the motivation?
art bell
The same thing that had you listening to a scanner, brother, and you know it.
kevin mitnick
It was my interest in technology, especially with telephones.
Especially with what they called phone freaking and manipulating telephone systems.
And then from there, that's where I got involved in hacking.
unidentified
Right.
So, I mean, I don't know if you're allowed to do this over at the AirWorks or not, but how do you hack?
kevin mitnick
That would be a longer conversation.
unidentified
say cloud public.
kevin mitnick
No, no, no, no, no.
It's basically analyzing the target system, analyzing the company, analyzing the people, analyzing the technology they use.
art bell
Well, that's why they call it fraud, because it is, it's grifting, it's fraud.
I mean, speaking plain, that's what it is.
unidentified
Okay.
And I don't know how long, but so for me, how do, I mean, because I have like a credit, I've got a credit card out there, so would I be vulnerable for this?
kevin mitnick
If you use your credit card, like over the Internet?
unidentified
No, no, no.
I have an account with a credit card company.
kevin mitnick
Right.
unidentified
And people are always scared of me to don't get a credit card because then you're vulnerable into somebody's system.
It's called a paper trail.
kevin mitnick
Oh, yeah.
Well, yeah.
Every time you use your credit card, there's an audit trail created, of course.
But I mean, unless you have something to be concerned about creating an audit trail, using a credit card is pretty safe because if somebody obtains the number and defrauds you, actually the bank takes the loss and it takes some time.
you probably fill out a form, an affidavit claiming that you didn't make the transaction.
art bell
That gets me down to I live out here in the country.
I said it earlier.
I don't think I could reasonably live without the Internet.
I do all my searches, find my products, do my purchases on the Internet.
And frankly, we're getting very close now to considering Internet banking.
It seems reasonable on the one hand.
I mean, sure, somebody could steal your credit card or something, but you know, they can do that anyway.
I mean, it's going through all kinds of databases.
If you walk into a store and the guy swipes your credit card, then I suppose something dials something and that information is transferred.
So why not do it over your own computer in the right conditions?
I don't think the risk is any greater than if you go into a store and let the guy swipe it.
Am I wrong?
kevin mitnick
No, you're absolutely correct.
Because you could have someone that skims it at a restaurant.
Now, of course, the vulnerability is that a lot of these e-commerce sites store, especially if they're doing any type of reoccurring billing, they'll store your credit card in their database.
And if their system is compromised by a group of Russian hackers and they steal the database, they have your number.
art bell
Yeah, yeah, yeah.
But what I'm trying to point out is that would happen anyway.
kevin mitnick
Yeah, you walk into the gap and you buy some genes, You're going into a database.
When they swipe your card, it goes into their corporate database, and that might be accessible via the Internet, too.
art bell
All right.
So to be honest with you, my wife and I are thinking about Internet banking.
You know, that's the biggest.
kevin mitnick
I do Internet banking.
art bell
Do you?
unidentified
Yeah.
art bell
And so is it as safe as going to a teller?
kevin mitnick
Well, there's always the chance that if you're using Internet banking, you're using static passwords and it's possible for an attacker to get your static passwords.
They can cause you some difficulties.
But I'd have to be - you know, I'm curious about the legalities involved.
If someone were to retain your password and commit fraud, who takes the risk?
You or the bank?
If it was me, the consumer, I'd rather go to a teller.
If it's the bank, all I have to do is fill out an affidavit and they credit my account back, the money that was illegally transferred or used, then I would say using the Internet, because there's no risk to you as the consumer.
art bell
Okay, let me ask this.
When you sign up for Internet banking, Kevin, are you afforded the same level of protection in case of fraud as you would be if you use a teller?
Or do you sign releases?
kevin mitnick
That's what I don't.
You know, actually, I did sign up for Internet Banking, and they give you this, it looks like an EULA, and user licensing agreement with all this legal stuff.
And I just clicked on I agree.
art bell
You did, huh?
kevin mitnick
Yeah, I did read the whole thing.
unidentified
So that's one thing I have to go back and do when I have time.
art bell
But yeah, I would really like to know.
kevin mitnick
If I get my lawyer to do it instead, because it's just like pages and pages full of legal jargon that I really didn't want to read.
art bell
I hear you.
All right.
International line, you're on the air with Kevin Mintnick.
unidentified
Hi.
Hi there, gentlemen.
Happy Easter to you both.
art bell
Thank you.
unidentified
I have a couple of computer questions, but I just wanted to tell you, first of all, that I'm possessed by demons, and if they start talking, I'm sorry.
art bell
All right, no, we can't hang on for demons, dear.
Sorry, that's a different show, different time.
First time, caller line, you're on the air.
unidentified
Hello?
art bell
Hello.
unidentified
Yes, sir.
I'm calling from Charleston, South Carolina.
art bell
Yes.
Yes.
unidentified
I work for a sheriff's office, and sometimes I take my work home and work on it on my laptop, and I have a wireless network, and I was listening to you earlier saying that at the minimum, have a WEP system set up.
art bell
That's what he said, yes.
kevin mitnick
You enable WEP.
On 802.11 wireless access points, you can enable WEP.
It uses a security key.
And then you basically, on your laptop, if you're using Windows, for example, and you connect, you basically type in the same security key you set on the access point, and that's how you set it up.
unidentified
Okay, is there anything more secure than WEP that I could do?
kevin mitnick
If you're accessing sheriff information, I'd be using something like a VPN, which is called a virtual private network, over the wireless network.
So that way, the only threat is for denial of service attacks, and that's where somebody takes a stronger transmitter and tries jamming the radio signal, which you really have no defense for.
But at least the information that's being transmitted is fully encrypted using a stronger protocol than the wired equivalency privacy.
unidentified
Okay, well, thank you very much, sir.
kevin mitnick
Okay.
art bell
All right.
Take care.
I use a virtual private network myself for certain things, Kevin.
So it's fairly secure?
kevin mitnick
Yeah, yeah, yeah, I think it would do the job.
There have been vulnerabilities identified with different types of implementations.
I don't know what yours is, but it certainly raises the bar.
art bell
On top of that, of course, it's virtually always connected.
kevin mitnick
Let's imagine, Art, that you are running an 802.11 network at home.
You mentioned that earlier in the show.
art bell
I did, yes.
kevin mitnick
Let's say your VPN'd into Premiere.
art bell
What I actually said was I was using a different protocol than B, not B. Right, but I mean, okay.
kevin mitnick
We could guess.
It's the same, probably.
So anyway, not the same as B, but the same idea.
I don't think it's Bluetooth.
Right.
art bell
I'm not saying.
kevin mitnick
You know what?
It's quite funny.
I was also at a conference in New York a couple days ago, and I turned on my Nokia, and I just scanned to see who has Bluetooth enabled in the room.
There were like three or four people, and you completely, when people don't realize the vulnerability of having Bluetooth on because you could basically snag somebody's address book through Bluetooth.
But what was your question on the wireless network again?
art bell
I don't even want to re-ask it because we're rolling in music here to the bottom of the arrow.
So hold tight.
We'll be right back with Kevin Nicknick, his guy who worries me.
The whole thing worries me.
How much reality can the American people take?
We're finding out tonight, and believe me, we'll find out tomorrow night.
unidentified
We're finding out tomorrow night.
I thought that we had made it to the top.
I gave you all I had to give.
Why didn't have to stop?
You're blowing all sky high by telling me a lie without a reason why.
You're blowing all sky high.
You're blowing all sky high.
Our love happens to fly.
You could not touch the sky.
You're blowing all sky high.
You're blowing all sky high.
To talk with Art Bell, call the wildcard line at area code 775-727-1295.
The first-time caller line is area code 775-727-1222.
To talk with Art Bell from East of the Rockies, call toll-free at 800-825-5033.
From West to the Rockies, call ART at 800-618-8255.
International callers may reach Art Bell by calling your in-country sprint access number, pressing option 5, and dialing toll-free 800-893-0903.
From coast to coast and worldwide on the internet, this is Coast to Coast AM with Art Bell.
Worldwide on the Internet, indeed.
art bell
The Internet.
A subject all by itself, really, in a lot of ways.
Kevin Nitnick is my guest.
Kevin is a reformed, as I mentioned earlier, very nearly angelic figure who now helps out corporations and poor people protect themselves against the evil black-hatted doers of wrong.
unidentified
we'll be right back.
art bell
We will be back to Kevin Midnick in just one moment.
Tomorrow night, I'm going to do something a little bit different, even though it's going to be an open-line session, which means you can really talk about anything you want to.
I am going to begin the show by sort of laying out the situation with regard to energy, America and energy, and the world and energy and where we are right now and what I think is about to happen.
And so give it a little bit of thought yourself tonight.
In fact, if you have anything specific to offer in this area, I'm available by email, two email addresses to get to me, artbell at aol.com or artbell at mindspring.com.
Either one of those two will reach me.
So if you have something specific with regard to this energy emergency time that I think we're about to enter, you're welcome to email me twits now and then.
And if you want to include a phone number, perhaps I'll get you on the air.
It will be an open line night, but believe me, that's going to be one subject I'm going to open up right at the beginning.
Kevin, you're back on the air again with our first-time caller line.
Hi.
unidentified
Hello.
art bell
Hello.
unidentified
Yeah, I was calling actually about a topic that is sort of unique to the internet called massive multiplayer games.
I don't know if he's heard of this or not, but what they are is there's multiple millions of people that actually play these games all around the world.
They actually subscribe to them.
It's almost like a virtual reality type of thing where people actually become addicted.
And as a matter of fact, I've got a friend that's been playing for six years and he's lost his job over the game.
art bell
Wow.
kevin mitnick
Yeah, I know a guy whose brother in Amsterdam was addicted to the online Sims game and actually went bankrupt.
He's been stopped playing the game.
unidentified
What's fascinating is there are people that actually pay their real money online to buy in-game virtual reality items that are rare in the game.
art bell
Wow.
unidentified
Yep.
So I don't know if you'd ever heard of the topic yourself, Bark.
art bell
That's kind of like an addiction to the internet, right?
Or some part of the internet, the games.
unidentified
It's worse because, I mean, I've played myself various different games online for years.
Right now, I'm playing one called World of Warcraft.
And you'd have to look it up sometime, and you'd be surprised that almost, you know, you actually pay $15 a month to play the thing, but they update and add items and content daily.
art bell
No, I would not be surprised.
Believe me, my wife is addicted to certain games as well.
And even I have become...
A lot of people do get addicted to these online games, right?
kevin mitnick
Oh, absolutely.
And even games that you can play on the Xbox or Sony PlayStation, like the Grand Theft Auto, Vice City, San Andreas, those three games that are made by Rockstar, I've talked to people that just can't stop playing.
I mean, literally, they'll be late to work because they're playing these games.
It's, I guess, very addictive.
art bell
Well, the new world, huh?
Wildcard Line, you're on the air with Kevin Midnick.
Good morning.
unidentified
Hi, morning.
art bell
Morning, sir.
Where are you?
unidentified
I'm in southwest and New Mexico area.
And just to echo the sentiments of the first caller, I know that a lot of those games, it's amazing how people will play that.
I actually had played one of the games like that kind of a fantasy game and was able to sell something that I had gotten on eBay for $500.
No postage just to download was crazy.
But my question was, living in the southwest, specifically the New Mexico area, there's just an enormous amount of DOD and DOE stuff.
kevin mitnick
Los Alamos.
unidentified
Yeah, and Sandia and White Sands.
And I have had friends that are in the computer industry.
I am too, but I'm not working there now.
That I've been sort of shocked that, you know, the earliest level of clearance is just credit check.
And a lot of those guys get in there and I'm surprised of what's going on with some of the servers.
I was curious if you had followed that whole scandal that had happened, I guess, at one point with scientists walking out with a hard drive from the hacker.
art bell
Yeah, there was a lot of news about that, Kevin.
And, you know, a lot of stories about leaks and that sort of thing down in that part of the country.
kevin mitnick
Yeah, the Lin Ho Wee case.
I remember all that.
Yeah, I remember a couple news stories where they actually lost the drives and the FBI was searching for them.
I don't know what ever happened in those cases, but it was quite interesting.
art bell
East of the Rockies, you're on the air with Kevin Mitneck.
unidentified
High.
art bell
Hello.
kevin mitnick
Hello.
art bell
Do you have a question?
unidentified
How are you doing?
All right.
art bell
I'm fine.
unidentified
And hello, Kevin.
kevin mitnick
Hey, good morning.
unidentified
Yeah, I recently had a problem with my computer because the AOL security firewall disables my Windows firewall.
And when I tried to install Security Pack 2, it crashed my operating system.
Now I've got to do a remote clean install.
art bell
All right.
That in itself, sir, is a wonderful question.
Service Pack 2.
There are rumors out there, Kevin, that Service Pack 2 caused problems for people.
But then most of the people I talked to didn't have a problem at all.
It went in just fine.
kevin mitnick
The issues were compatibility issues with other software that the consumer used and the compatibility issues.
But a lot of those issues have been largely worked out.
art bell
So was it wise to wait a while before putting in Service Pack 2?
kevin mitnick
Yeah, I did.
I actually personally waited on one of my Windows machines to wait till the bugs got worked out.
And I was sufficiently protected through other means, running a firewall and stuff like that.
And I didn't have any issues.
But I don't know the issue in this gentleman's case.
It sounds like a compatibility issue.
art bell
You know, for all the nasty stuff said about Microsoft and Windows and all the rest of it, I love Windows.
And I use Windows, and I use Microsoft product, and it's really good stuff.
Only I know from a hacker's point of view, many things are said.
I mean, it's sort of looked down on as a...
kevin mitnick
Well, it's not really a Windows OS.
It's not really for the technically astute security person.
And, you know, Windows runs sluggish a lot, and it takes forever to reboot in some cases, so people prefer, like, macOS.
But, you know, it really...
depends what you're using the computer for.
And I'm not bashing Microsoft either.
A lot of the reason that there's so many security vulnerabilities found in their product is because everybody is looking to find vulnerabilities with Microsoft products because they have the largest market share.
So imagine you get the one vulnerability, then you could attack a lot of people.
art bell
Because it is so successful.
Anything that would obtain that level of success is going to be attacked fiendishly, isn't it?
kevin mitnick
Yeah, but for the reason is, imagine you find a vulnerability in Windows, then imagine that you have a bigger, you know, a large surface of businesses and consumers that you could attack.
You find a vulnerability in Mac OS, it's going to be much smaller.
art bell
Exactly.
All right.
unidentified
Let's go.
art bell
West of the Rockies.
You're on the air with Kevin Nitnick.
Good morning.
unidentified
Morning, Art.
Richard Stein from LA.
art bell
He is, sir.
unidentified
Hi, Kevin.
How are you?
kevin mitnick
Hi, how are you?
unidentified
Fine, thank you.
I got a question.
I'm a Mac user, and my question is, you know, I have my security updated.
I have Free A and everything.
kevin mitnick
I can't hear you too well.
art bell
Yeah, I can't hear you too well either.
You're a Mac user and you've got your security updated.
Yep.
unidentified
And my operating system is updated and everything.
And everything coming in is fine, but when I use my credit card, is it secure or is there a way that I could make sure that when I hit the return key, that my information is still secure from my credit card?
kevin mitnick
I mean, are you talking about using your credit card over a browser?
unidentified
That's right.
Yes.
kevin mitnick
Well, as long as you're using a site that's using SSL, it raises the security somewhat.
I mean, there are attacks, like what I mentioned earlier in the show called Man in the Middle Attacks.
And then there's the issue of who, well, imagine the company that you're conducting the transaction.
Is it a reptile company or is this a fly-by-night company of a hacker that simply set up a website that purports to sell products and services for a discounted price and you conduct a transaction with it and yet they get your credit card information and it's at any legitimate site?
art bell
You never explained man in the middle, really.
kevin mitnick
Man in the middle of attack is where it's a type of attack where the consumer is communicating through the hacker's computer to the legitimate site.
So imagine that you are connecting to, you know, say you're with Washington Mutual and you're online banking, but unbeknownst to you, when you're connecting to your bank, you're really going through my computer.
And I'm acting as the man in the middle taking your information and relaying it to the bank.
And the bank is sending me the information.
I'm relaying it to you.
unidentified
Got it.
kevin mitnick
And that's a way to do...
art bell
Okay.
Again, so that people aren't unnecessarily frightened, is it generally true that if you take precautions, just general precaution, making sure you're on a secured server when you're ordering something, as long as you go that far, you're basically as safe doing this on your home computer as you are taking a card to a store somewhere and having them swipe it to buy something?
kevin mitnick
Yeah, I think it's the same.
There's different risks for those transactions, but I think it equals out.
I mean, I always look at it at the end of the day, am I going to have to pay money in either transaction?
And at the end of the day, the answer is no, because the bank takes the risk of any type of fraud, not you.
art bell
How do you see the future of the Internet, period, Kevin?
kevin mitnick
Well, with respect to security, I think it's right.
art bell
No, no, no, no.
No.
No, a broader question.
Oh, broader question.
How do you see the Internet developing from here?
Already, it's amazing.
kevin mitnick
I believe it's going to continue to grow.
I believe that we're going to see our wireless mobility devices going, because right now we're converging telephony and Internet, so we have voice over IP, and I think we're going to even have more integration with our wireless devices, our PDAs, and our cell phones.
So that's what I think we're going to see in the future is a lot more wireless.
art bell
What will voice over Internet do to the phone companies?
kevin mitnick
Well, I don't know.
I haven't looked at their balance sheet lately.
But for example, I have a Vonnage account with values.
I was in Europe about two months ago, and I ended up running up a $6,000 cell phone bill.
And then when I got back home and was sick to my stomach over that, I go, I've got to think of a solution.
So then I realized that I could use Vonnage soft phones.
So whenever I go to a hotel with broadband, I essentially bring my number with me no matter where I am in the world and could actually make calls to and from the United States.
And it doesn't cost anything over the Internet.
And the quality was really good.
art bell
I know.
I see these ads on TV, I think we all have lately for yak VoIP or whatever it is, where you can sit and yak with your sister-in-law in Seoul, Korea, or something all day long without additional charge.
I mean, eventually, from layman's point of view, from my point of view, that's going to affect the phone company.
kevin mitnick
Oh, yeah.
Imagine if you can do self-you know, do cell phone calls using VoIP.
It connects to a local switch and it VoIPs it over the Internet and reducing the charges substantially so they could pass on the savings to the consumer.
But there's a downside to products like Vonnage.
For example, I believe this one family had only Vonage in the house, and then one person had to make a 911 call, and Vonage didn't have, there was no 911 implementation.
They hadn't set it up yet.
art bell
I've got it, right?
kevin mitnick
So they couldn't make an emergency call, and it caused a big issue.
So now I think they offer where on Vonage you could actually sign up, and you put in the address that you're at for your 911 call.
art bell
Still, the bigger picture, how isn't the Internet going to crush the phone company eventually if this keeps up?
kevin mitnick
Well, the phone companies might get in on the action.
And I think don't forget a lot of the networks, T1s and a lot of the network connectivity is still going through the bell system, right?
art bell
Is broadband going to get more expensive?
In other words, I think we're going to get more bandwidth for less money.
You really think so?
Isn't bandwidth going to become more and more valuable?
kevin mitnick
Yeah, it is valuable, but I'm looking at comparing, and why I'm doing this, I'm comparing the prices between Europe and the U.S., and in Europe it's much more expensive.
And in the U.S., it's substantially, like, you're going to pay 20% of the price here in America.
So I'm looking at this trend in America of how the prices are dropping substantially.
And these companies, because of their being competitive, are offering better packages for less money.
art bell
But as we finally get, I don't know, fiber into every home or into a lot of homes, eventually movies, television, telephone calls, all these things can come over fiber.
kevin mitnick
Right over the net.
art bell
All of these broadcast networks, all of these telephone companies, all of these cable companies, television stations, they're all threatened, aren't they, ultimately by the net?
kevin mitnick
I think so.
Unless they can jump on the bag wagon, yeah, it's two in the morning.
I understand.
But anyway, they jump on the bandwagon and maybe change their business model, and maybe they could exploit the situation and create a service that works in conjunction with the Internet.
art bell
Maybe.
First time call online, you're on the air with Kevin Mitnick.
Hi.
unidentified
Hi, Kevin.
This is USO in San Diego.
kevin mitnick
Hey, how are you?
unidentified
Hey, good.
Hey, Kevin, I work in computers.
I go to people's homes.
And the biggest problem I find is that people have Morpheus and Kaza and LimeWire.
kevin mitnick
Oh, yeah, so peer-to-peer networks.
unidentified
Oh, it's awful.
They just get infected incredibly with.
I cleaned 212 Trojans off a computer the other day with ABG.
A few months ago, actually, Adelphia Cable shut down a guy's computer because he had a spam bot on there.
So just wanted to comment on that.
I just wanted to implore people.
I know the lure of free music is wonderful, but when you pay me $100, $150 to come clean it up, it just doesn't potencil.
And a lot of times I can't even salvage them.
There's times I just format the thing because it's that far gone.
It's terrible what happens.
kevin mitnick
I know exactly what you're talking about, and you're absolutely right.
I have a colleague, I had an office here in Los Angeles, and it's an office space for tech companies, and they share the same network.
And when one of those companies gets hit, it drags down the network for everyone.
And usually it's because of the same thing of the peer-to-peer networks.
In businesses, you basically just restrict it by blocking out the firewall.
But at the consumer level, it's running products, I guess, like Pest Patrol, hopefully, and running AV software.
But the problem is if a user of a peer-to-peer network runs executable code, a lot of these peer-to-peer networks are not only sharing movies and music, but they're sharing software.
And once you download software, it could have malicious code embedded, what we call a Trojan.
And unless that Trojan has been identified and the consumer is using a tool to detect it and eradicate it, they might not know it exists and it sits on their machine.
art bell
Well, if you go playing with the bad guys, then you're...
kevin mitnick
Kaza and these peer-to-peer networks are not bad guys.
I mean, you're in a community, and you could have good guys and bad guys in between.
art bell
I know, but when you're sharing product that is supposed to be copyrighted and means something to somebody, you're taking money out of somebody's pocket, a performer or somebody, right?
unidentified
Exactly.
art bell
So I don't know.
kevin mitnick
Well, they also share music that is allowed to be distributed.
They share freeware.
It's not just illegal stuff.
art bell
It's just not music either.
Now, I know and you know there are sites where you can go and get motion pictures that hell haven't even been released yet.
kevin mitnick
Oh, absolutely.
art bell
It's such an incredible danger to the motion picture industry.
kevin mitnick
Oh, absolutely.
I mean, it's a huge problem, and of course, that's why they've been so successful at passing laws like the DMCA.
art bell
It's so huge that it would take another whole show to do it.
And we will do that, Kevin.
We're out of time, man.
Show's over.
kevin mitnick
Wow, so quick.
Hey, Art, it's been wonderful being on your show again.
I always love being on your program.
art bell
Take care.
Talk to you next time, and there will be a next time.
Good night, Kevin.
kevin mitnick
Stay safe on your computer.
art bell
You too, my friend.
From the high deserts, I'm Art Bell.
See you tomorrow night.
unidentified
Midnight in the desert, shooting stars across the sky.
Thank you.
This magical journey will take us on a ride.
Filled with the longing, searching for the truth.
Export Selection