Art Bell welcomes Lloyd Carpenter, who argues Earth’s axis has shifted before—evidence includes King Tut’s tomb alignment and the stopped Chandler wobble—while citing extreme weather (Antarctica’s ice shelf collapse) and methane risks from drilling as potential harbingers of a catastrophic pole shift, possibly wiping out two-thirds of humanity. Kevin Mitnick then details botnets turning computers into "zombies," zero-day exploits sold to governments for $X, and Sony’s rootkit scandal, warning of wireless vulnerabilities like WEP cracks and VoIP fraud. He endorses OpenBSD as secure but acknowledges criminals using stolen credit cards to buy untraceable phones, with cybercrime profits rivaling or exceeding the drug trade per an FTC/FBI report. Ultimately, the episode blends apocalyptic prophecy with cybersecurity threats, urging listeners to question both scientific dismissals and systemic digital risks. [Automatically generated summary]
As you all are aware by now, I think, most of you, I'm going through a a grieving process.
The loss of my beloved Ramona.
I just realized something before the show.
Music is important, and I haven't I've been going through this wild these wild waves of grieving, and music actually helps.
I kind of shied away from it because all the words seem to mean something, you know, connected with Mona.
But I was wrong.
It's good.
I've decided it's good.
And that leads me to one other comment before we begin what we're going to do tonight, and that's pole shift.
We're going to talk pole shift here in a minute.
And we're going to lay it really on the line for you.
But listen, if we do get to call-ins tonight, I understand that the inclination for you is to be to call me and express regret and condolences and everything.
But I would ask you not to do that.
This program is something that I can immerse myself in.
It's something that will take me away for four hours on two nights, completely away.
And that's exactly what I wanted to do.
So I'm going to throw myself into the topic, throw myself into the show, which is not hard for me to do.
It never has been.
And so I would ask that you refrain from that, if you would, please.
I understand that you wish to give them to me.
I just would ask that you do not.
At least 32 killed in Poland.
I've got to get that out.
A roof has collapsed in Poland.
About 500 people in a convention hall, and 32 of them are dead.
There was a priest outside the building praying over the bodies of an adult and child covered by a blanket and tarp as rescue crews and search dogs worked frantically through the night.
You can imagine what that's like in sub-freezing temperatures to save those, try to save those people inside.
Witnesses are saying people beneath the wreckage were calling family or emergency services on their cell phones for help.
Can you imagine, oh my God, getting a call from a relative saying that I'm underneath all this help?
So, in a moment, we're probably going to scare the hell out of you a little bit.
It's happened before on Earth.
There may be signs that it's coming soon.
I'm talking about a pole shift.
There are some who think that the only consequence of a pole shift is North will become South, South become North, and that's it.
And that's one possibility.
Another is, though, that the planet becomes completely wiped clean of all life.
Lloyd Stewart Carpenter is an expert in biblical end times prophecy, and he is able to call upon his knowledge to explain what the Bible says about earthquakes and how they're going to play a central role in the grand prophetic stage known as the end of the world.
He is an author and has appeared on several radio and television talk shows discussing his research and discoveries.
Working as an author, inventor, researcher, pastor, teacher for more than 20 years, Lloyd is appreciated equally among members of the religious and scientific community.
So we're going to get it from both perspectives, that of religion and that of science.
That'll be in the first hour coming up in a moment.
The second hour, bad boy Kevin Mitnick is here, and we're going to talk.
As a matter of fact, there was a big story on CNN earlier about the bots and the bot warriors and the bot masters and all that sort of thing.
Pole shift is, to me, really scary because I think I know what would happen, or at least I have my vision of what would happen.
I'd like to know what yours is, or actually what that of science is.
What do the scientists say about the possibility?
unidentified
There are differing ideas concerning it.
One of the things that's interesting to note is that there are no scientists that I know of of respect that do not believe that the Earth will tip over on its axis.
Of course, they're just saying to each other when, and they disagree when it will happen.
It could be a thousand years, or it could have happened already, and there are certain things that make people believe that it could happen sooner than later.
How much do we know scientifically, Lloyd, about how many there may have been in the past?
unidentified
There is evidence that the Earth has tipped over on its axis several times.
There's two schools of thought.
Some people believe that the original, the first time that the poles shifted was like 600,000 years ago.
There are other people, like Peter Worlow, who wrote his book in the 1980s, The Reversing Earth, and he points out that it has happened every few thousand years.
He points out that in the Bible, where it talks about the sun standing still in the sky, that what was really occurring was that the Earth was flipping over on its axis in a very slow method, 24-hour periods.
People on the Earth would observe the sun virtually standing still.
unidentified
Exactly.
And some other people believe that, you know, around 2850 B.C., when King Tut was on the earth, that the Earth tipped over on its axis right near that period because his is the first tomb that shows it reversed from the other tombs.
And then after that, the other tombs are back to normal.
So they think that it was a briefer shift because it was the Egyptian belief that you bury the Pharaoh with his head pointing to the west so he could see his God.
And for some reason, they don't know the reason, but Peter Warlow speculates that the reason is, is because the sun was setting in the east at the time that King Tut was alive.
All right, well, there's some reason for optimism in some of what you've said there, because obviously mankind did not become extinct at that point.
So tell me, what is your belief regarding what the physical effects of a pole shift would be if it happened tomorrow?
unidentified
Well, the biggest concern is that there will probably be a reversal of the magnetic fields at the same time.
I'm more concerned about there being a reversal of the magnetic field than I am about a polar shift, because if the magnetic field reverses with it, it will affect everything electrical on Earth.
Peter Worlow said that electrical things won't work anymore.
Basically, it will have 15% of the energy and it will slowly get back to its normal self, but everything, all the poles will be opposite.
So everything we have electrical on this Earth won't necessarily work.
Now, more modern naysayers of Peter Worlow say that it's far more serious than that, that actually car engines will catch on fire, flashlights will cease to work, plasma TVs will explode,
airplanes will fall out of the sky, because if the electrical systems of everything on earth is shortened, it will become dark, just as it says in the Quran and in the Bible that when the earth rolls up as a scroll, that it will be so dark people will be afraid to hover out, and there'll be no light in the sky for a long time.
Now, for our society, America, I mean, to some degree, the hell with everybody else, America is more dependent than any other nation on the face of the earth in electronic communication.
I mean, we are virtually at this point basing our entire economy on it, Lloyd.
So we'd be wiped.
Now, from that point of view, I mean, the people living out in the jungle somewhere in a village, they'd probably go, oh.
But here in America, everything's electrical, you know, everything.
unidentified
You're right.
But, you know, it's like the preacher says about the Bible.
I didn't write the book.
I'm just telling you what's going to happen.
And what's happening here is that there are certain anomalies in our solar system and on our Earth that have got scientists startled, have got researchers busily writing down what's happening, and a lot of people wondering how quick it might happen.
And either somebody got sick of writing new calendars, or, you know, maybe they just said 2012.
I mean, what the hell?
None of us are going to be alive.
Let's stop making calendars.
This is stupid.
unidentified
The Earth is 23 and a half degrees, 23.5 degrees off of its axis.
In effect, the other planets are in line with the elliptic of the Sun, pole to pole to pole, right in line.
But the Earth is 23.5 degrees tilted, unlike the other planets.
And so it wobbles.
There's something called the Chanver wobble.
That's discovered.
And startling news released just within the last two weeks, the Chandra wobble, for some reason, and that's got everybody really freaked out, stopped wobbling.
You realize there are people who would say nonsense.
The earth is incredibly strong, and we're like little ants just making little tapping noises.
So how would you answer that?
unidentified
I would answer that by saying that the earth is an ecosystem that is sensitive.
And if you're pounding sound waves at it, you know, you have a volcano that gives off.
People 50 miles away feel an earthquake from it.
We are all sensitive to what happens on this Earth with those kind of anomalies.
And when the country of Australia makes an outcry because of this and pretty much blames the oil companies, and this is going on all over, methane gas, the last time it escaped wildly, caused the ice age.
90% of everybody in the world died.
All the dinosaurs died.
And the oil explorers that are out there right now are so afraid that they will not shoot the sound wave straight down.
They figured out a way to come in sideways with the hope that they won't be up there if there's a flashback of methane gas because it's frozen on the ocean floor.
If you were alive, you would probably be in a situation.
See, a lot of people believe that what's going to make this happen is some kind of catalyst, like the volcano at Yellowstone, which has raised 74 feet in the last 30 years and one end of there and about 17 feet in the last 10 years at another end.
So much gas is escaping from Yellowstone that the Science Channel ran a special last month, the title being When Yellowstone Erupts.
And the last time Yellowstone erupted, it erupts like clockwork every 600,000 years.
And the thing that is interesting about it is that the scientists there now are alarmed because for the first time since they can remember, animals are dying from the gases coming out of the ground.
The bison fell over and are dying in certain parts of the park.
If Yellowstone would give off, according to the Science Channel and so many other people, up to three-fourths of our nation would be covered in a black cloud of soot that has a glacious cutting nature that would cut up people's lungs.
Very dangerous stuff.
And that would cause weather climate change that would lower the temperatures by 16 degrees minimum.
That would again cause the Earth to have just enough so that that would be possible for the Earth to tip over on its axis from that event alone.
I want to stop you right there and note that there have been two headlines given to us this half hour, both of which you're welcome to check out.
You can think of them as crazy or you can go find out for yourself.
One, the sun's magnetic field has doubled.
Two, the Chandler wobble, and I'm sure many of you have heard of that, has stopped.
If at the bottom of the day here, at the end of the day, that Lloyd believes more strongly that this is about to occur from a scientific point of view, and he's laid a couple of big ones on us, the sun's magnetic field has doubled, and the Chandler wobble has stopped.
Now, some say that it does stop every now and then.
I was not aware of that.
We'll ask about that in a moment.
I know he also has some religious conviction, or at least I believe he does, that this is going to occur.
Well, by the time you get to Phoenix, buddy, it's going to be well into a record without rain unless they have it twixt now and then, and I doubt it.
unidentified
Right.
And I try to cover the weather problem, too, as best I can at 777news.com because people just don't go there just to see my itinerary.
They want to know about my other stuff.
But the religious part of it, the Prophecy Club, this is my sixth tour with them.
And we have been very successful because what I try to do is put the science first, but I'd be fibbing if I didn't tell you that it just is amazing to me.
The Bible in the book of Isaiah says that the earth will roll and rock like a drunkard.
In the book of Revelation, it says that it will roll up as a scroll and that the north will become the south in effect.
There are about a half a dozen places in the Quran that talk about the Bible about the same.
If the Bible and the Quran both speak of it, then, you know, I think it's reasonable to assume that.
unidentified
So does the Upanishads, the Bhagavad Vad Gita, Chinese religion discusses it.
There is no major respective religion that does not have something about a polar shift in its history and a definite end times type prophecy of the earth rolling up as a scroll.
Somebody wrote that the Chandler wobble is supposed to stop every now and then.
Is that true?
unidentified
Well, it does stop every now and then, but every now and then can mean like every several years, and it's been stopped for days now, and they keep saying it still hasn't moved, and why hasn't it moved?
And in Texas, by the way, today, a place there that had an entire lake is completely dry.
There is the biggest drought that's ever hit Texas and Oklahoma right now.
There are weather anomalies happening on this planet that are just amazing.
You know, I care so much about the science, but I'm one of those people that believe that our lifespan, like Billy Graham said, that the Lifespan of people will not change one iota with an all-out nuclear war.
That an all-out nuclear war would not change the lifespan of anybody on Earth because everybody in this generation is going to be dead as a doornail by the time the next generation's old.
For those who believe that God helps those who help themselves...
No, but hear me out.
Lloyd, Lloyd, Lloyd, Lloyd, Lloyd.
Hear me out.
For those who believe that God helps those who help themselves, there are going to be safer places on earth to be if something like this occurs.
Where are those and how much safer?
unidentified
Well, I would call this an equal opportunity cataclysm, but if you were trying to find a place that would be a bit safer, you don't want to be in California or in anywhere on the coast.
I think probably the safest place in the United States of America to live would be probably northern Oklahoma.
You would just probably just die from the drought.
And even there, you say you would die of the drought.
unidentified
Well, you know, what the Bible says is that when it happens, when the earth tips over on its axis, that immediately a third of the earth will die.
And then it says in the next season, right after that, another third of the earth will die from poisonous water, poisonous ash, and it's called wormwood in the Bible.
And that a third of the earth then will survive, and they will find themselves on an earth with no more seas.
There won't be any more face in the ocean floor.
There's just going to be no ocean because it says there'll be no more seas.
There'll be no more deserts.
It'll be like the earth is a paradise, sort of like the Garden of Eden, with beautiful fresh water and wonderful vegetation.
And I think that that's a nice thing to look forward to.
I can hear it in your voice, that you believe it thoroughly, and it's a great comfort for many millions of people listening to this.
It's not.
I mean, you've got to understand there are many agnostics.
There are many people who simply don't believe.
As a matter of fact, an awful lot of scientists and doctors and people like that that I interview, when you push them right to the wall, Lloyd, they don't believe.
unidentified
And they shouldn't be picked on because I think that they're sincere.
Not you because you're going to the great reward and you firmly believe that and that's your faith and you're comfortable.
Not everybody feels that way.
unidentified
Well also a lot of people that are in that agnostic And that kind of thing.
They're that way because they haven't seen any proof.
But you'd be surprised how many people, you know, after checking out my discovery of those images on the ocean, look at it and go, this has to be deliberate by some kind of higher power, and who have their scientific mind has said.
As a matter of fact, one gentleman who is an expert in constitutional law and an atheist wrote a letter and he said that he gave up on that crazy Bible years ago.
But after reading my book, The Amazing Mystery of the Great Face on the Pacific Ocean Floor, that he's going to go back and take a look at that book a second time because obviously there's something he missed.
So again, bottom line, you're saying, yes, the Creator put his face on the bottom of the ocean.
unidentified
Not only that, you got the Jesus king in the Middle East bending down with a nail going through his wrist in the same location as the Shroud of Turin right there at the Suez Canal.
And I have a big blow-up of that coming in close at 777news.com.
They can see the demon on the South Atlantic Ocean floor, the entire South Atlantic, 666 at his mouth, longitude 60, latitude 66.
Four images covering 70% of our planet, and then the entire Middle East, all of it, that king kneeling in prayer.
And everybody's curious about the Great Pyramid.
At the very center of his praying hand is the Great Pyramid of Giza, which E. Wallace Budge, a curator for the British Museum, said should be pronounced not Giza, but Gizas.
But I'm also not blind, and I can see clearly what's going on in our world right now.
And it is very, very disturbing.
And it does seem like it's adding up to something imminent.
And you think that something might be a magnetic or pole reversal?
unidentified
You know, there's so many different, not so many, but there's about five or six different things that could cause it that I don't know what the spark will be, what the catalyst will be, but the world is already teetering, and scientists completely agree on that.
And all it would take is a Yellowstone event, an ocean floor event.
Right now, and that ring of fire, which is the tracing of the face on the Pacific Ocean floor, has heated up so much, especially off the coast of Oregon, where I'm going to be next week, and Washington, that scientists are saying, you know, this is strange.
Mount St. Helen looks like it did in 1980.
I have 500 slides that I show during my presentation, which, you know, verifies these facts, the names of the scientists, the pictures close-up, that kind of stuff.
And tonight we had such a good time because people just going, wow, this is like amazing stuff.
But I don't want to live in a boring world.
I'm glad that we got something interesting to talk about.
I don't want to just stay home and watch Laverne and Shirley.
Watching CNN Headline News earlier today, they had this really wild story about bots, about the danger of bots and how these bot masters or whatever they're called are able to make enormous amounts of money by having sort of a pyramid scheme of as maybe thousands of computers below them, you know, whacking and whacking their way into accounts here and there.
And even just something, a scam so simple as a bunch of hits to Google, and then somehow the payment gets back to them, or a part of the payment gets back to them.
Yeah, in fact, I think one gentleman or one individual had pled guilty in Los Angeles to actually running some sort of botnet.
And what a botnet is, is like an army of soldiers, is that there is usually a worm or a virus that takes over unsuspecting victims' computers and installs a piece of malicious software.
It's, you know, and turns the computer into what is called a drone or a zombie.
And then this software, this piece of malicious software, phones home to the attacker, usually over an IRC channel, like a chat room.
And then the bad guy literally can control tens of thousands of computers of unsuspecting people and direct those computers to attack an innocent company through what we call a distributed denial of service attack.
It could be used to pipe spam through these unsuspecting victims because through their ISP, they don't have to worry about the email being rejected, so to speak.
And it's coming from so many different sources, it's really hard to track down.
You know, the story portrayed exactly what you just said.
Virtual, good word, armies out there, thousands of computers directed by individuals, sort of computer warlords, if you will, going after these different goals.
Man, we are in the middle of a world changing right in front of us.
And a lot of us are simply totally unaware of it, aren't we?
And it's a shame because if individuals out there just did a few extra steps when they purchase a computer, they could really raise the bar and they probably won't be attacked because if they run something like a personal firewall and they're careful about opening up attachments and doing certain things that people can do to really mitigate the risk.
But unfortunately, there's a lot of people that go into Best Buy or Circuit City, their mom and pops, they go buy a computer, they plug it into their DSL or to the cable, and then they're victimized.
Kevin, no matter how many warnings are given out, and they're constant, thousands, even no, millions of people are not going to tend properly to their computer.
That's just a fact of life.
So these armies are going to constantly be able to recruit new soldiers.
It's not going to stop.
I mean, is there some kind of educational process that you think would really get through?
We finally have people wearing seatbelts in America.
Well, I think the software manufacturers could release their computer operating systems.
For example, the one with the biggest market share, Microsoft, configuring it in a default security-on environment.
But why they don't do that is because people want interoperability, they want reliability, they want functionality.
Microsoft doesn't want to have their telephone support centers barraged with customer service calls.
So they usually release it in the more relaxed modes, so to speak.
But I think if the operating system manufacturers increase the security of their released operating systems, and also there were some public service campaigns to really help raise general awareness about computing and security to the general public, I think it would help tremendously.
I don't think so, but you can't really pick on Microsoft.
It's really, you know, all computer operating systems are developed by people.
Whenever you have the human factor, it's always prone to error.
And unfortunately, is back in the day when Windows XP Pro was coded and Windows 2000 and even the legacy systems, they were developed by engineers and developers that weren't taught secure coding practices.
So what has happened is these operating systems have been released and there's a lot of bugs, a lot of flaws that security researchers could identify and exploit.
And then once they're exploited, they release the information to the public over the Internet, then anybody could exploit it.
No, there's always going to be security vulnerabilities.
Humans develop computer programs, and there's always going to be problems.
The thing that we need to do is be aware that these systems aren't 100% perfect, and then develop a defense and depth model.
So you have to presume that any computer that's connected to the Internet could be compromised, but then knowing this in the back of your mind, what can you do to limit the damage?
And that's really how you have to think.
Now, think about all these companies that are out there with these firewalls and over the internet, like for e-commerce, for example.
And they have the company a firewall, but they still have to allow the public to connect to their website, else they can't do business.
And so what they do is they hire a junior programmer to develop the web application that the company is using to sell products and services.
That means that any information that you send is encrypted and also you have a reasonable level of confidence you're talking to the real site, not a bogus site.
Well, what you could think about is what are the threats?
For an attacker to come specifically after you and do what we call what the term is, it's called a man-in-the-middle attack.
And what that allows the attacker to do is even if you're using a secure connection, there's a way to trick you into connecting to the attacker, and the attacker actually connects to the real site and monitors all the information flowing in between, kind of like what the NSA would do.
I would think so, but don't forget, now that we have voice over IP, we have analog and digital telephone communications, we have gigabytes of traffic over the Internet of that.
You have a lot of data to shift through.
So you have to think about, well, if you have all these pipes of data, how are they determining what pieces of information need to be sent to an analyst to the current system?
Now, my question to you is there's a balance here, Kevin.
On the one hand, we are fighting a war on terrorism.
These people want to kill us, and they're making plans to kill us.
So we have a good reason to listen.
Is it a good enough reason to listen?
We have the Constitution, which is sort of crumbling under the effort.
The Fourth Amendment is sinking lower and lower and lower.
And so my question to you is, in your mind, Kevin, the old hacker mind of Kevin Midnick, is there enough justification to be doing what we're doing to our own citizens?
Well, it's a hard question to answer because we're balancing two very important interests, the interest of privacy and the interest of security.
And I'm a firm believer that our forefathers had fought and died in wars to, well, have fought and died to protect our constitutional rights.
And for the United States government, or for any state for that matter, to not comply with the constitutional protections causes me to really think about the issue.
I kind of lean towards really that our government authorities have to abide by constitutional protections.
And I actually, and people will be, some will be appalled.
But I think if I were the president and I was looking at this threat to the country that I had sworn to protect, you would do whatever you could to protect it.
Yeah, I think that is a good word, Art, but I also think that any intel that is gathered through illicit monitoring should not be available to law enforcement agencies.
For example, if the NSA is monitoring conversations and they learn some guy is a bookie, they shouldn't be able to pass that information to the state police.
Because I think that would really infringe on constitutional protections.
But if they actually undercover a terrorist plot, well, the more power to them.
But the Congress is really responsible for enacting the laws.
So they're going to do what they want to do, and then those laws are supposed to be enforced.
But then there's all these exceptions to the rules.
And usually the government has built in these exceptions to allow them to monitor communications, especially under the Electronic Communications Privacy Act, for any sort of even fraud.
Well, social engineering is a technique used by identity thieves, by hackers, even by law enforcement.
And social engineering is really using manipulation, deception, and influence to get a person to comply with a request.
In the social engineering that's relevant to computer hacking, it's where the bad guy calls or emails or calls somebody over the telephone and convinces a person to release information that could be proprietary, like, for example, their passwords, or has that person performed some sort of action item, like visiting a website.
Like imagine this.
Imagine you've got Betty that's a secretary of a large company.
Betty gets a phone call one day, and it's a guy, John, and he says he's from the IT department of that company.
Betty doesn't really know him, but what John is asking, well, first of all, tells Betty that they've had some issues with their internet connection, and he wants to make sure that she can still get out to the internet, and there's no problem.
So he simply says, hey, Betty, I want you to go to this website and see if it actually comes up, if you could see a picture.
But what Betty has just done is when she opened that, when that picture was rendered in her browser, unbeknownst to Betty, it exploited what we call a client-side vulnerability in the browser.
And now the bad guy has complete control over Betty's machine.
Have you seen that, Kevin, the one in which the poor lady in her little cubicle brings up something that says, you just have contracted the pink slip virus.
And pretty soon all the other cubicles are getting the pink slip virus.
And her head sinks down and I don't know, she goes somewhere or something.
You walk into the restroom and you notice that somebody's left a CD in a jewel case on the sink, and it's red.
It's a red jewel case, and you want to find the owner.
So you open up the jewel case, and it's a CD that has the company logo on it, and it says Extremely Proprietary and Confidential Employee Salary History, Second Quarter 2006.
What are the chances that some guy is going to walk back to his office or his cubicle, stick in the CD just to check out what his coworkers or what his boss is making?
And there's an Excel spreadsheet there.
He double-clicks on it.
It comes up that it's corrupted, but unbeknownst to the guy, he just installed a piece of software that secretly connects out from his computer to the attacker on the outside of the company.
Well, I mean, the person that's doing hacking might have a different agenda.
You might have someone who just wants to steal using technology, so they learn a little bit about How to exploit vulnerabilities and they exploit e-commerce sites and steal credit card databases.
Well, again, you're really looking into the mindset of a hacker.
And I could talk about myself because many years ago, when I was involved in this activity, my mindset was really for the intellectual challenge, the thrill, the adventure, the seduction of danger of being somewhere where you really shouldn't be.
You have the purest hacker that might be a kid in high school that does something on the school computer because they're interested to see how far they can go.
Then on the other side of the spectrum, you could have some terrorist group that wants to hack into a telephone company switch because they want to bring down telephone service in an area where they're going to do a physical attack.
So you have a mixed bag here.
There's not really one good answer.
In the second book I wrote, in The Art of Intrusion, what I did is I told several stories of different hackers who had different agendas and illustrated the different techniques that they would use to break into systems and how they would cover their tracks.
Yeah, and if anybody's interested, they could go to Amazon, like your last guest mentioned, and they could actually read parts of the book for free online.
So we have two different kind of hackers, one motivated financially, one motivated, well, for the pure thrill, the pure everything that goes with it, not the money.
Now, let's talk about the money people for a second, because CNN earlier today said, you know what, people can download, they don't have to be an expert in computers.
They can download a program that will let them become one of these bot masters.
In other words, you don't really have to know anything about a damn thing except how to buy a program, and then you set yourself up at the top of a pyramid, and you make money.
No, I think what they were mentioning on the show, which I actually did not see, is probably people that have actually compromised a number of computer systems and have them under their control.
They're selling this as a service to buyers that want to send spam or pop up ads or do denial service attacks.
So it's just a service to be sold.
But it's not like you can go out and download a simple program and go and infect 10,000 unsuspecting victims' computers and take control because it would require a little bit of technical knowledge there.
The people that do this, the people that actually download programs and what I call like point-and-click hackers, there's a derogatory term called script kitties.
And what a script kitty is, is somebody that downloads a program that doesn't understand how it works, doesn't understand the vulnerability it is exploiting, but just simply knows if they run this program, good things would happen and they would get access to things that they shouldn't have access to.
More than sophisticated hackers, because the more sophisticated people that are doing vulnerability research, that even are ethical white hat hackers, and people that even on the darker side, when they find these vulnerabilities, they're publicized.
And even in some cases, programs that demonstrate what they call a proof of concept are published on sites and are sent and available on news groups and such.
And then anyone that really has access to the Internet in a browser could download these programs and use them.
Well, I don't really look down at them because I figure that they're novices.
And they have to, you know, it's like, I guess, an amateur radio operator.
It's a novice.
They know a little bit of electronic theory and they could do five words a minute of Morse code and they've got to start somewhere and then eventually they might become an extra class and then they know a lot more about electronic theory and they could do 20 words a minute.
Well, I know everything has changed by now, but I'm thinking back in the day.
I think a lot of people want to know these days, Kevin.
I do.
We have enemies, very serious enemies.
Now, I wonder if they're just out there tinkering around with explosives and biological stuff and even nuclear materials, or whether they're also conducting a war against us with our own technology.
And so in other words, is Al-Qaeda, do you believe involved intimately in some sort of cyber war with us, or is there an aspect to it, is it just communication among the cells or what?
I believe that these terrorist groups definitely use the Internet and use encryption and steganography to communicate.
That's just, you know, to me it seems like common sense because it would be a great way to conceal their communications.
Whether or not they're actually obtaining hacking skills or hiring people that have these skills to do cyber attacks against critical infrastructures, I really don't know that.
But I do know that other nation states are, and even the United States of America, that they are training people in our branches of service to do offensive attacks and also defend our critical infrastructures.
I'm thinking of a million different things that virtually these days are controlled by computer.
Is our infrastructure in America, and I mean power plants and all the rest of it, nuclear power plants, for example, are they all protected well enough?
Well, I don't believe they're connected to the public Internet, at least the critical systems.
At least I would hope not.
But you have to think about what about the worker that has a laptop that's an authorized employee that plugs in their laptop or goes to Starbucks and enjoying a latte.
They're connected to T-Mobile surfing the Internet.
Well, I know that when we went to war with Iraq, there are many stories floating around out there, Kevin, about what the United States did, that we threw some magical switch and virtually turned off their communications, turned off their radar, hacked into this, hacked into that.
Well, can you imagine if you actually have access to the computing technology, like if you know Iraq is going to acquire X amount of computer systems from a particular manufacturer in the United States government's able to booby trap those systems before they're actually delivered.
You can even booby trap printers.
Because printers nowadays have, they're accessible basically through TCP IP, through an IP address.
And you have to think about, wow, your company or your business could be hacked through your printer that's connected to the Internet.
That's not even protected because the owner doesn't understand what threat exists in that case.
So you're saying, for example, if we could control the technological flow from here to, say, Iraq or any other country that we are at odds with, we could perhaps sell them equipment that's got little virtual bombs in it.
And if we suddenly went to open warfare with that nation, we could, with a click of a switch, an order given by a president or whoever, a military commander, we could turn them off.
Well, it's a possible if, for example, you have computer hardware and you're able to switch the firmware to some, it has some extra, let's say, functionality.
And even say with Microsoft, the Windows operating system, if it's able to, you know, a special version has been patched in the case of delivery, it has some extra bells and whistles that they would rather not have.
Yeah, it's possible, but you have to think that government institutions, you know, at least when it comes to software, are using some sort of due diligence to ensure that they're not getting a doctored version of the software.
But you have to think about the hardware.
The hardware could be booby-trapped in some cases, too.
It concerns a crisis the United States goes through with Iraq, as a matter of fact.
It assumes that the son of Saddam took over, and we come to blows with Iraq, nearly to nuclear blows.
And the threat of the story is that we sold Iraq through France a bill of goods.
We sold them nuclear weapons because they wanted them.
So instead of allowing them to get them from somebody else, we actually did it through the French.
Only we also sold them a terabyte computer that would assure them the weapons would work.
And when the critical moment came, they didn't work because the terabyte computer was ours and we had instructed it to tell the Iraqis that these nuclear weapons would detonate, that they were in good shape.
And it's the exact kind of thing you're talking about right now.
It's called a zero-day because it's been discovered, but it hasn't been reported to the software or hardware manufacturer, and it's relatively unknown to maybe one or to a small group of people.
And if you have a zero-day and that computer in a particular, say, application or service and that is accessible over the Internet, well, it is highly likely it could be compromised.
Now, there are security researchers that look for these vulnerabilities, and they actually sell them to companies like iDefense and, I think, Tipping Point.
They buy these vulnerabilities so they could act as an intelligence source to different businesses that subscribe to their services.
One of the recent published vulnerabilities at one time was a zero-day was the one with the Microsoft Picture and Fax Viewer.
So if a certain image was rendered in your browser, if that image was constructed in a certain way, the attacker could basically execute code on your computer, which allows them to pretty much take it over.
And what if that vulnerability was, before it was made public, was used for two years by the American government or the Chinese government to compromise each other's systems?
You've got a company like Microsoft, and I'll just throw their name out because what the hell, why not?
They're the big ones.
Do you think that the U.S. government approached Microsoft when the government figured out that Microsoft was going to be the big gorilla and intentionally had some zero-day stuff installed during the process of upgrades as we went from operating system to operating system?
Do you think it's possible that the U.S. government approached Microsoft and said, look, you want to do something good for your country?
We're going to set up this and this and this and this.
Well, you have to think about Microsoft has control of all its customers' computers, right?
Because basically your computer automatically, well, anytime you go to Windows Update, they download programs essentially into your computer and you don't know what it's doing.
you're not that technically astute, and who knows what those programs do.
I doubt that the government would approach Microsoft.
I think what they would do is they'd plant operatives in the company that would obtain jobs, and they would secretly Embed weaknesses in certain areas, they'd have to be pretty stealth about it.
But if you have rogue developers that are and well, that might not just go for the United States government.
That could probably go for any government around the world, right?
I think the government would keep it even secret, try to keep it secret from Microsoft.
I think they would plan an operative at the company or operatives and try to do something that's going to be very, very innocuous and appearance-wise, but might, a certain set of conditions, not just one, but a certain set of conditions, if they were met, it would create some sort of vulnerability.
I don't know if they've done it, but it would probably make sense in a time of war.
I'm getting a lot of notifications on FastBlast from all of you that our stream, our internet stream, which goes along with the program, as you know, is down.
It's actually down right now, completely down, according to the people.
Now, I don't know if that's all the stream, part of the stream.
What's going on with the internet, I have no idea.
But in honor of Kevin Mitnick being here, the stream is down hard, buddy.
Well, I think it's a constant cat and mouse game that companies that are innovative security companies are trying to build better and more resilient locks.
And you have a group of people out there that are trying to pick the locks.
And it's going to be this consistent process through the life cycle of security.
It just never ends.
So that's why we as consumers can't just feel confident that if we install Spy Sweeper, that we're safe from spyware.
It doesn't work like that.
Unfortunately, what consumers want is they want the security to be transparent.
They want to be able to plug in their computers to the Internet, use it, and have a confidence of security.
But unfortunately, when you purchase a computer from Dell in the mail, or you go into a store and you plug it in, it's not in a default security configuration.
You have to either learn about the technology or you have to get somebody to help you.
Maybe the kid that's in a computer class down the street could help you out.
It's true because if there's any fraud on your account, the bank takes the risk.
They take the loss.
As long as you didn't authorize the transaction, you didn't do it yourself or authorize anybody else, and there's fraud, and somebody has hacked your password or used what is commonly known as phishing, login in password from you, and you find out about the illicit activity within, I think there's a certain time period by law, maybe 30 days, 60 days, that the bank will just credit.
They'll do an investigation.
You'll have to probably sign a notarized document.
A good friend of mine, I thought it was hysterically funny at the time.
I mean, we were on ham radio, and I was talking to this fellow in Southern California, and a Mexican person had somehow acquired his banking information.
And he was doing his online banking, and it was, you know, other people's pain is funny.
But, I mean, he was on the air and telling us that this guy had his information or his card or whatever and was traveling south into Mexico.
And he could literally go online and look at this guy spending his money.
And he was going, oh, my God, he just spent $300 on so-and-so or $600 on so-and-so.
He just bought a case of booze.
He's having a blast.
And, you know, of course, it was great pain for him as this guy traveled south spending like crazy.
In the end, his bank took care of it and made good on it.
And you're telling me that's always the case, whether you go to a teller or whether you use online banking.
If something like that happens to you, they're going to cover it.
I believe there's certain rules, and I don't know those rules off the top of my head, but I think it's very similar to credit card fraud.
I think the law is that you could be responsible for up to $50 for fraudulent transactions, but at the end of the day, the bank rarely charges their customers any fee if there was fraud.
And that's why we have such high interest rates these days, is because the banks are taking the risk.
In other countries around the world, in Eastern Europe, it's a different story.
It's the consumer that takes the risk.
So that's where it becomes a little bit scary to do online banking.
So a lot of times losses are put in, you know, through creative accounting, they're put into other categories so it doesn't negatively affect the company.
But on the other hand, Kevin, if it goes over a certain percentage, then the company itself becomes in trouble.
It's not anywhere near that yet, is it?
As we look across the various credit card companies and all the rest of it, I mean, are the losses getting so severe as to perhaps even put the company in trouble?
Just recently, I don't know if you heard about this, but there was a company called Checkpoint.
And what they did is they sold information about people, including social security numbers and addresses, telephone numbers, basically the dossier that they've collected through data mining and purchasing information.
And they sold this information to legitimate customers that had a need to know, maybe insurance, underwriters, law enforcement, and so on and so forth.
So what had happened is some individuals, a fraud ring, actually applied for a checkpoint.
I'm sorry, it's ChoicePoint.
Checkpoint is actually a firewall comes.
They applied for legitimate access to this database, and they were granted.
And they were obviously using some sort of false cover that they had some legitimate need for this information.
And what they were doing, it was an identity theft ring.
Well, to an individual company, I think the loss of public confidence is much worse.
And because of that incident, what had happened is it created this backlash in the private investigation community where there's a lot of databases out there that people could obtain information about you.
And several of these companies started masking the social security number.
Some of them have not done that.
And usually you'd have to demonstrate a real need to know that you're a real business, and they would send somebody out to your place of business to verify you are real, and then they would allow you to have access to the information.
But you have to think about it.
A Nigerian fraud ring could simply open up a corporation, rent an office space, put in furniture, put in computers, and they look and feel like a real legitimate business.
Not recently, I think within the last couple of years, there was this woman that worked for a New York law firm, and she received the Nigerian email offering to deposit $30 million to her account, and she'd be able to keep 90% of it.
Oh, yeah.
And she had actually thought she had won the lottery.
So she communicated with the people wherever they were in the world, and they needed an advance fee to handle certain taxes and transferring and lawyers, and they needed $2 million.
So the lady thought, well, if I can retire with $20 million, at least $20 million, all I'll say have to do is, I'm a signer for the checks at the law firm I'm working, so maybe I just send them the $2 million, wait for the deposit, I could pay the law firm back the $2 million, and I could live happily ever after.
And then I changed the name to Mitmix Security because I thought it would be better to have my name in it.
And what I actually do is 75% of my time is I go around the world and I do public speaking engagements and I speak at a number of conferences and a number of companies talking about security, the human factor of security when it comes to social engineering, wireless security, and a number of different topics.
Actually, a lot of interesting security-type software comes out of Israel.
For example, I had a gentleman from Israel who wrote a program that could simply analyze your voice and render up an opinion about whether you were telling the truth or a lie just based on your voice.
I think that about a year ago, the technology was in its infancy.
And I think as time moves on, that a lot of these companies are developing better biometric technologies.
But the problem is there's not much early adopters.
Maybe in very secure facilities they're using biometrics, but I really don't see that as a huge trend.
You have to think about, because of all the online fraud, that you would think a lot of the banks and financial institutions wouldn't necessarily use biometrics, but they'd use what we call two-form factor authentication, which actually means that you have a piece of information, something that you know, and you might have a device like a smart card.
And with the combination of having the card that you swipe through like a card reader and having like a PIN code, that raises a level of confidence that you are who you say you are.
But the problem is the fraud losses that are actually, the losses that are actually reported as fraud, those numbers aren't high enough to justify putting in stronger authentication systems because it's too costly to roll out.
But there are other innovative companies that are trying to build in two-factor authentication.
Like, for example, there's a company that if you log on to your bank account, it might present an image of an airplane.
And you know that if you visit your bank and you don't see an image of your airplane, the airplane before you log in, that it's likely to be not really the bank site, but a bogus site that somebody's trying to deceive you into logging in as and to steal your username, to steal your password.
James E. Hansen, longtime director of the agency's Goddard Institute for Space Studies, said in an interview that officials at NASA headquarters had ordered the public affairs staff To review his coming lecture papers, any postings on the Goddard website, and requests for interviews from journalists.
Okay, for the sake of my audience, I think I want to get practical with Kevin for a moment here.
And Kevin, what I mean by that is there are a million different things offering to remove spyware from your computer, offering to remove viruses, offering to prevent viruses.
What I'd like to know is what's really good?
What's the best advice you can give an individual either with respect to a program to have or what to do?
Firewalls, I don't know, what's really good out there?
Yeah, of course, because it's by default, it's actually turned on, which they should have done years ago, was when the firewall should have been turned on by default.
But what happens is then sometimes it breaks things, and then customers end up calling their support number, and it takes their time.
But a more resilient firewall, which I mentioned before, is ZoneAlm.
What happens if let's say a malicious program, let's say you visit a malicious website, and that website exploits a flaw with an Internet Explorer and the hacker is able to download a malicious program to your computer.
And what happens is that malicious program secretly logs all your keystrokes.
So every time you write an email, it stores the information, all your keystrokes, every time you sign on to your online bank, every time you use AOL Instant Messenger, and then it secretly sends it off to the bad guy, to an email account in Russia or whatever.
What would happen is the more resilient firewalls will pop up a dialogue box where that program is going to ask for permission to connect out.
And unfortunately, some users might just say yes and let it go out, not knowing what it is, just thinking, well, it has some really complicated name, so maybe it's part of an important program with Windows, so I'm going to allow it to connect out.
Now, with spyware, what I recommend is actually there's not one spyware scanner that I would say is like the killer app, so to speak, that will detect any piece of spyware.
But still, I must admit to you, Kevin, the last time I ran Spybot, which I think is pretty good, I had like 100 and something and pieces of spyware in there.
Literally about six months ago, I went to Aerosmith.com, and I just went to look at their tour schedule.
And I don't know, like 15 minutes later, I get this pop-up dialog box saying, you know, your computer is infected with spyware.
If you want to get this fixed, please click here.
And I'm going, that's interesting.
So I started taking a look around my system and realized when I went to the Aerosmith.com website, it exploited a vulnerability in the browser and downloaded a piece of spyware that they were using to sell me products.
And then what I was kind of angry because what it did is it renamed certain things in the Windows operating system like Notepad and WordPad.
It renamed those files to, well, it actually infected those files so I could never get rid of this pop-up dialog box.
So I actually had to reinstall the operating system from scratch.
Well, think about what Sony did with the digital rights management software that they were secretly embedding in your computer to control access to music and to video.
Wow.
The technology that we call in the field is called rootcape technology, is where the operating system is modified in such a way that you could hide files, you could hide processes.
No, I understand your position, but what I'm talking about here is you have a company, a third-party company that's planting software secretly within your computer that if an attacker understands how that software works, they could use it as a conduit to do evil things to you.
And I take issue with any company that if I install, you know, if I put their CD in my system and install some sort of product that it secretly embeds some sort of management software without my permission or consent, especially if it's really buried where I can't really see what's there.
In other words, if you produce a piece of software and whoever you are and you put something in it for some commercial reason for your company, a reasonable thing, I guess, to do, there's no real law against that, right?
Well, usually I think these companies are able to cover themselves and have very limited liability because in their long license agreements that you click yes to that nobody reads, they probably have it right in there what they're doing.
By the way, we're watching everything you do on your computer and every Internet site you visit, every keystroke you type, we're monitoring and capturing and using for our own purposes.
And that's why it's so concerning with what I was.
Have you ever used, well, let me back up.
Have you ever went to an Internet hotspot And used wireless?
I have, yes.
I've been doing a lot of research on wireless hacking techniques because I'm preparing a talk for when I go to South Africa.
And I found a very interesting tool that was developed by some really good security researchers.
And what this tool allows you to do that's freely available to anyone on the Internet is you can go into any type of hotspot or anywhere for that matter and you run this tool.
And basically what it does is there's a modification that's made to the drivers that drive the wireless card.
And what it does is what happens is you as a user are, you know, you get ready to associate, you know, you want to connect to like T-Mobile at Starbucks.
What happens if you have an attacker in RF range, radio frequency range, what the attacker's computer could be set up to do is when you're sending a probe looking for that particular access point, this computer sends back, yeah, I'm it, and then hands you an IP address.
Let me tell you, a friend of mine in Las Vegas, Kevin, where there's a very high density of hotspots, has simply put a Yaggy antenna with a rotator on his roof.
And believe me when I tell you, Kevin, he doesn't pay for internet ever.
He just rotates that beam around and can get just like any number of wireless points as it rotates.
And he's just using other OPN, other people's nets.
Well, I mean, in cities, I was recently in Washington, D.C., and it's like anywhere in this five square blocks, they had public wireless internet.
So basically what they're doing is they're making internet available wirelessly to anybody in the area.
But even with WEP, with their software out there, because of the weaknesses of that protocol, anybody with a laptop and the right software, it just takes 20 minutes to crack the key.
And you have to think about like a lot of businesses.
I was recently at my doctor's office and I turned on my computer and Windows has a thing called the wireless zero configuration utility.
So what happens is if it sees a wireless access point and your card is, you know, and it's scanning and finds one, pops up and says, oh, I found a wireless network.
I mean, I give out my website, you know, for information that I post a lot of articles on there.
What's the most interesting thing now on the website is the new FBI survey.
So I'll give out the website again for those new listeners.
It's www.mitnik, M-I-T-N-I-C-Ksecurity.com.
And I guess I'll mention my new book, The Art of Intrusion, which is really a book that contains stories of other hackers.
It mostly gets into mindsets and really what drove them to do the things that they talk about in their stories.
And then I really get into the techniques, the different attack methodologies they use, whether it's social engineering, whether it's physically gaining access to a building through some elaborate lockpicking.
And then I talk about how they cover their tracks and then how we as business people, government agencies, and universities could mitigate those vulnerabilities.
So that's really what the book is about.
I really wrote it because I was more interested in telling the stories because I thought they really illustrated how these hackers work today.
So that's what I really wanted to do, just give people a glimpse into the mindset and the techniques and how to protect themselves.
So that's what I really wrote the book for.
I got to tell you something.
I had a dear friend.
She came out from Florida, and she called me this morning to let me know she was in Vegas.
And when I received the phone call, the number that was calling my cell phone was my cell phone number.
And I think we already talked in a couple shows about caller ID spoofing, where it's trivial for people nowadays, you know, you could subscribe to services on the Internet, you just put in caller ID spoofing, and then what you can do is you could basically come or you could appear to be coming from any phone number.
So I get this call, it's coming from my own cell phone number, and then it's this like, you know, this man's voice.
And I go, oh, so you're spoofing my number, that's really nice, and thanks a lot, goodbye.
And I hang up.
And then I get a call five minutes later, and it's from my friend.
And she goes, that was me.
And I go, no, it wasn't.
It was some guy.
And she goes, no, that was me.
I was the one spoofing your number, and I'm the one that was sounding like a guy.
Kevin, would it be possible to put in a very, very, very easy switching arrangement to put indeed a sort of a dummy, don't care what you do to this drive kind of drive in there when you go on the Internet?
And if that was kind of technical and people didn't understand it, your host computer, your Windows system per se, is running a software program called VMware, and then you have guest operating systems under it.
Yeah, I mean, my main concern is I do so much international travel doing public speaking that somebody, you know, I get searched at the metal detector or whatever because I get the unlucky number and then somebody steals my laptop and I have my clients' information to protect, which is very proprietary and confidential.
And so I have to exercise due diligence to protect their information and my own.
East of the Rockies, you're on the air with Kevin Mintnick.
Good morning.
Hello.
Going on.
Hello.
Yes.
unidentified
Yes.
Kevin, I'm certain that you are aware of it, but maybe a lot of people aren't.
One of the large internet providers that offers the free all the virus I can see and everything.
But if you use that, then if you happen to have a song or a friend or somebody sends you a small like shooting Saddam or something, but you have to buy it.
You should buy it.
You should go to the site and buy it.
So when you go to use their security checkup and everything, it knows exactly everything that's on your computer and they have no scruples about it.
I know because a lot of times when it says, you know, after you install something, it says you have to shut down and restart.
That's right.
And then it comes back and the thing, you know, is still there and you have to sign back on.
And lots of times, you know, it's asked if you want to register it now when it comes back on.
I usually click no and just went back to doing the graphics, you know.
Your internet service provider doesn't really gain access to your computer unless you're like a company and you're using like a colo and they're supporting your system because you're paying for it.
But the ISP basically is like your conduit to the outside world.
They could monitor any traffic in the clear, which means it's not encrypted.
But usually they don't have access to your computer per se.
Well, I imagine ISPs, Kevin, are in kind of an unusual pickle in a way.
Aren't they many times?
In other words, they're approached frequently by the authorities, looking for people downloading child porn or financial theft or any one of a zillion different things that somebody might be doing on there.
There's where they could do a real-time interception, which they would, I believe, I don't know, with the new Patriot Act, if this requirement has really been watered down, what they would need was a Title III warrant, like doing a wiretap.
If they're requesting information from an ISP which is stored data, like for instance your email, I think the only requirement is simply a subpoena because that type of communications is protected less than contemporaneous communications.
Okay, well, here's the reason I'm asking, because there were a lot of rumors, Kevin.
Maybe you can nail it down for everybody listening.
There were a lot of rumors that PGP had a backdoor?
Well, not it's a specific rumor.
Not that here's the way it went, that the first PGP that was written is essentially unbreakable and does not have any kind of backdoor, and that successive ones were in some way perhaps compromised.
Well, the way to make crypto is not usually to go after the algorithm or to brute force the key because there would be too many possibilities.
But usually the implementation is incorrect and you could find ways of getting around the crypto or getting to the information without necessarily having the key.
It's not like with the Enigma machine at Bletchley Park where you're going to have teams of people trying to crack the Germans code.
Okay, well, they had a program called Discrete in one of their older Norton utilities packages.
And Discrete was where you can create a virtual encrypted drive.
So a friend of mine actually had the access to the source code of Discrete, and I looked at it and realized that the programmer who wrote the application screwed up.
And the actual, it was supposed to be using a 56-bit DES key.
DES stands for Data Encryption Standard.
It was the standard by the U.S. government.
Anyway, the way that it was coded because of the error, it was only a 30-bit key.
And a 30-bit key could have been brute-forced by, you know, government agencies at the time or even...
Certainly a fascinating Individual, Kevin Mitnick, and his book, his current book, the one you might want to look for on Amazon, is The Art of Intrusion.
acquired this information through what I read through the press, but from what I recall from like a couple of years ago, there were some tools that people in China could use to bypass the Chinese restrictions.
Like, for example, a user would be able to connect to random volunteers' computers throughout the world.
And I think it was run by a company that started an anonymizer called SafeWeb.
And what this allowed you to do was they were able to proxy their connections through what we call a peer-to-peer network so they could bypass all the Chinese restrictions.
But I don't think that service, I don't think that exists anymore.
A lot of people who are really into computers That I know just absolutely love that operating system.
So, Wildcard Line, you're on the air with Kevin Mitnick.
unidentified
Hello.
Yes.
Hello.
My name is Eric, and I'm calling from Kearney, Nebraska.
Currently, an undergraduate major in physics at the University of Nebraska, Kearney.
My question to Kevin Mitnick is, can you hear me, Kevin, first of all?
Okay.
My question to you is, have you done any research into a quantum computing or looked at any of the certain types of security aspects that seem to be possible with using quantum mechanics to make computers more secure and more user-friendly?
Yeah, the only thing I've read on quantum computing, how to do with encryption, and this was a hypothetical article that was written, I think, like two years ago.
But I haven't really looked into the issue of quantum computing lately.
Having said what you said about PGP in your experience a little while ago.
Do you think that if the target was really worth it from a national security point of view, that we could cut through PGP like a hot knife through butter?
Well, remember, well, again, PGP, the public key cryptography, it's using an asymmetric, it's using asymmetric encryption to create.
The problem is if I want to communicate with UART, and I need a secure way to send you the key, so you could encode information and decode information, right?
So the whole reason that public key cryptography came about is a way that I could securely send you the key.
So the underlining algorithm isn't necessarily PGP.
There's several algorithms the user could choose from.
do they have enough power and it's just a matter of enough computing power because eventually Well, first I must say I don't know the government's capability with distributed computing, but you really doubt it, don't you?
Either ask a question or I'm pushing the next button.
unidentified
Okay.
Kevin, in the 70s and 80s, you know, a lot of the focus was on the tricks with the telephone and that sort of thing.
And with the focus now primarily on the internet, in a way it seems like the phone freaking tricks are making a comeback because a lot of people are not aware of them and that sort of thing where you can actually take over someone's phone service and that sort of stuff.
Well, it's being done all the time, and that's usually to defraud companies by gaining access to their PBX and making fraudulent calls to Afghanistan or to Argentina.
So people that are doing phone fraud, it still exists.
Now, of course, if you want to extend phone freaking into voice over IP.
It's not like the old days of cloning a phone by getting somebody's electronic serial number and mobile number.
That's the old ways now.
People are using fraudulent credit cards to add time to prepaid phones.
So they go to Verizon.com or whatever it is, and they get a fraudulent card and then they add 100 minutes to a phone that they bought at 7-Eleven or whatever.
I'll make a short cogent statement here and see if Kevin agrees with me.
According to the FTC and the FBI, and it only appeared about 10 days ago and immediately disappeared off the national news, cybercrime and identity theft has now exceeded the drug trade as far as profitability.
And then that story, it's hard to find all of a sudden.
The Federal Trade Commission website, that identity theft, in particular, cybercrime in general, had exceeded that Profitability of the entire drug trade in the United States combined.
I mean, drug trade, I mean, it's extremely profitable.
Oh, yeah.
I doubt it, but I believe that identity theft and computer crime are contributing to very large losses, but I don't think it's exceeded.
But then again, I don't have the numbers.
I'm just using gut instinct.
But identity theft, this is another, I mean, it's so easy because of the system here in America for people to steal identities.
It's not the consumer or you and I can't protect ourselves.
How could our information is already out there on the internet and on databases just for the asking, and then people can go out and obtain certified copies of our birth certificate?
And the best thing that we can do as consumers to guard against our identities, we can't prevent it from our identities getting stolen, but what we can do is detect it.
And one of the best things to do is really monitor the three credit bureaus, TransUnion, Equifax, and Experian.
And any time you have an inquiry, anytime there's a new extension of credit that's opened under your Social Security number or whatnot, immediately you need to be notified in real time.
I mean, if the credit reporting agencies could do that, that would really, I think, give us an upper hand.
Your computer will become part of that army of spam and evil, right?
Well, That's why we've got to protect ourselves, have antivirus software, backup our computers, have a resilient firewall, use spyware utilities to scan our systems, patch our systems, turn patching on so anytime there's a security update, you're patching your system, keeping your operating system up to the latest release.
And we have to do these things on a consistent basis to really maintain the safe environment for.
I mean, today in modern America, Kevin, if you're not computer literate, if you don't have a computer, if you don't know how to use it and are fairly competent with it, you're just lost.
You can't participate in a lot of modern America.
It has become not a luxury, in my opinion, but in modern America, a necessity.