All Episodes
Previous Next
Jan. 28, 2006 - Art Bell
02:29:25
Coast to Coast AM with Art Bell - Kevin Mitnick - Computer-Related Topics - Lloyd Carpenter - Pole Shift
| Copy link to current segment

Time Text
As you all are aware by now, I think, most of you, I'm going through a grieving process.
The loss of my beloved Ramona.
I just realized something before the show.
Music is important and I haven't... I've been going through this wild... these wild waves of grieving and music actually helps.
I kind of shied away from it because all the words seem to mean something, you know, connected with Mona.
But I was wrong.
It's good.
I've decided it's good.
And that leads me to one other comment before we begin what we're going to do tonight.
And that's pole shift.
We're going to talk pole shift here in a minute.
And we're going to lay it really on the line for you.
Listen, if we do get to call-ins tonight, I understand that the inclination for you is to call me and express regret and condolences and everything, but I would ask you not to do that.
This program is something that I can immerse myself in.
It's something that will take me away for four hours on two nights.
Completely away!
And that's exactly what I wanted to do.
So I'm going to, you know, throw myself into the topic, throw myself into the show, which is not hard for me to do, never has been.
And so I would ask that you refrain from that if you would please.
I understand that you wish to give them to me.
I just... I would ask that you do not.
At least 32 killed in Poland.
I've got to get that out.
A roof has collapsed in Poland.
About 500 people in a convention hall and 32 of them are dead.
There was a priest outside the building praying over the bodies of an adult and child covered by a blanket and tarp as rescue crews and search dogs worked frantically through the night.
You can imagine what that's like in sub-freezing temperatures to try to save those people inside.
Witnesses are saying people beneath the wreckage were calling family or emergency services on their cell phones for help.
Can you imagine, oh my God, getting a call from a relative Saying that I'm underneath all this help.
So, in a moment, we're probably going to scare the hell out of you a little bit.
It's happened before on Earth.
There may be signs that it's coming soon.
I'm talking about a pole shift.
There are some who think that the only consequence of a pole shift is North will become South, South become North, and that's it.
And that's one possibility.
Another is, though, that the planet becomes completely White clean of all life.
Lloyd Stewart Carpenter is an expert in biblical end times prophecy and he is able to call upon his knowledge to explain what the Bible says about earthquakes, earthquakes and how they're going to play a central role in the grand prophetic stage known as the end of the world.
He is an author and has appeared on several radio and television talk shows discussing his research and discoveries.
Working as an author, inventor, researcher, pastor, teacher for more than 20 years, Lloyd is appreciated equally among members of the religious and scientific community.
So we're going to get it from both perspectives, that of religion and that of science.
That'll be on the first hour coming up in a moment.
The second hour, Bad Boy Kevin Mitnick is here, and we're going to talk, as a matter of fact, there was a big story on CNN earlier about the bots, and the bot warriors, and the bot masters, and all that sort of thing.
It was really cool.
So, that's what's ahead tonight.
Next!
By the way, questions coming.
The webcam photograph tonight is little Abby Dose.
He's not so little now.
He's growing like crazy.
He is one of my five, and that's Abby Dose.
You could hold him in the palm of your hand.
In fact, I did when we got him.
And, oh my, look at him now.
I don't think he can hear.
He doesn't have a hearing.
When we rescued him, he had ear mites.
We immediately took him to the vet and had them cleared out, but I believe it damaged his hearing.
That, however, does not damage any part of his personality.
He's a total sweetie.
Now comes Lloyd Stewart Carpenter.
I doubt you'll think of him as a total sweetie.
Lloyd, welcome to the program.
Well, it's very nice to be here again, Art.
Good to have you.
Now, this is a very serious topic.
Pole shift is, to me, really scary because I think I know what would happen, or at least I have my vision of what would happen.
I'd like to know what yours is, or actually what that of science is.
What did the scientists say about Well, there are differing ideas concerning it.
One of the things that's interesting to note is that there are no scientists that I know of of respect that do not believe that the earth will tip over on its axis.
Of course they're just saying to each other when and they disagree when it will happen.
It could be a thousand years or it could have happened already and there are certain things that make people believe that it could happen sooner than later.
All right, so conventional scientific wisdom is that it's not a matter of if but when.
Right.
Okay.
How much do we know scientifically, Lloyd, about how many there may have been in the past?
There is evidence that the Earth has tipped over on its axis several times.
There's two schools of thought.
Some people believe that the original, the first time that the pole shifted was like 600,000 years ago.
There are other people, like Peter Warlow, who wrote his book in the 1980s, The Reversing Earth, and he points out that it has happened every few thousand years.
He points out that in the Bible, where it talks about the The Sun standing still in the sky, what was really occurring was that the Earth was flipping over on its axis in a very slow method for a 24 hour period.
And the people on the Earth would observe the Sun virtually standing still.
Exactly, and some other people believe that around 2850 B.C., when King Tut was on the earth, that the earth tipped over on its axis right near that period, because his is the first tomb that shows it reversed from the other tombs.
And then after that, the other tombs are back to normal, so they think that it was a briefer shift, because it was the Egyptian belief that you bury the pharaoh with his head pointing to the west so he could see his god.
And for some reason, they don't know the reason, but Peter Warlow speculates, That the reason is, is because the sun was setting in the east the time that King Tut was alive.
Alright, well there's some, the reason for optimism in some of what you've said there, because obviously mankind did not become extinct at that point, so tell me, What is your belief regarding what the physical effects of a pole shift would be if it happened tomorrow?
Well, the biggest concern is that there will probably be a reversal of the magnetic field at the same time.
I'm more concerned about there being a reversal of the magnetic field than I am about a polar shift, because if the magnetic field reverses with it, it will affect everything electrical on Earth.
Peter Warlow said that Electrical things won't work anymore.
Basically, we'll have 15% of the energy and it'll slowly get back to its normal self.
But everything, all the poles will be opposite.
So everything we have electrical on this Earth won't necessarily work.
Now, more modern naysayers of Peter Worlow say that it's far more serious than that, that actually car engines will catch on fire, flashlights will cease to work, plasma TVs will explode, airplanes will fall out of the sky because if the
electrical systems of everything on earth is shortened it will become dark just
as it says in the Quran and in the Bible that when the earth rolls up as a
scroll that it will be so dark people will be afraid to hover out and there'll
be no light in the sky for a long time
I just got my plasmas.
You know, they were expensive.
I don't want to see them explode.
Well, don't worry about that, Art, because there won't be money.
Yeah, I do get the picture.
Okay, I guess I can understand that.
Now, for our society, America, I mean, to some degree, the hell with everybody else.
America is more dependent than any other nation on the face of the earth in electronic communication.
I mean, we are virtually, at this point, basing our entire economy on it, Lloyd.
So, we'd be wiped.
Now, from that point of view, I mean, the people living out in the jungle somewhere, in a village, they'd probably go, oh, but here in America, everything's electrical, you know, everything.
You're right, but it's like the preacher says about the Bible.
I didn't write the book, I'm just telling you what's going to happen.
And what's happening here is that there are certain anomalies in our solar system and on our Earth that have got scientists startled, have got researchers busily writing down what's happening, And a lot of people wondering how quick it might happen.
Okay, well I'm one of them.
And that's my next question.
In other words, what gives you some clue, or some feeling, because you obviously have it, that it's more likely to happen sooner than later?
What are the signs?
Well, I would say that one of the main signs is two startling events.
First, the sun's magnetic field has doubled.
...in strength since 1963.
That has never happened in recorded history, and scientists are going, what's going on with the sun?
Oh, wait a minute.
Now that you've pulled that one out, we need to examine that a little bit.
I had not heard that.
The sun's magnetic field has doubled in the last how long, please?
Since 1963, it has doubled in strength, according to Russian ...scientists that are very respected by American scientists, and all the other planet's magnetic field has also increased substantially, except the Earth, and it has decreased.
That's one thing.
The other thing is, is you know when you and I were kids, we were always taught the Earth is not round perfectly, it's sort of like an egg?
Wait a minute, I'm sorry, I've got to go back.
This is very serious.
If you're really sure, I mean, you say Russian scientists.
Well, a lot of things are printed in Pravda that turn out to be, frankly, BS.
This is not Pravda.
Okay.
These are respected scientists that meet in world teams and Announce to the world what's going on, and if they're disagreed with, they're laughed out, and if they're agreed with, they're studied.
How are they measuring the intensity of the magnetic field of the Sun?
They have various ways of doing that, and they've always been able to do that.
American scientists, European scientists, European Space Agency, they're very good at measuring solar flares and the magnetic field of the Sun.
It's so important to do that, because the magnetic field of the Sun shifts every 11 years.
That I'm well aware of.
Yeah, it shifted in 2001, and it will shift again in 2012, which is coincidentally the Mayan religion believed that the earth would roll up as a scroll.
And, uh, their calendar comes to an end in 2012.
I am aware.
Yes.
I'm aware.
And either somebody got sick of writing new calendars or, you know, maybe they just said 2012.
I mean, what the hell?
None of us are going to be alive.
Let's stop making calendars.
This is stupid!
The Earth is 23.5 degrees off of its axis.
In effect, the other planets are in line with the elliptic of the Sun, pole to pole to pole, right in line, but the Earth is 23.5 degrees tilted, unlike the other planets, and so it wobbles.
There's something called the Chandler wobble, which is covered, and startling news released just within the last two weeks The Chandler wobble, for some reason, and that's got everybody really freaked out, stopped wobbling.
Holy crap.
No wobble, no wobble.
You're bringing me... Maybe it'll wobble again, but it's not wobbling.
You're giving me headline news here.
Are you really sure of all this?
No, I'm certain.
One word has more emphasis than the other.
I would look very silly.
I'm doing a 13-city tour.
12 cities, they just added another city.
Talking to audiences all over the country about this.
And I just did one a while ago and there were scientific minds there.
There were people that really knew their stuff.
Back away from the phone just a little bit.
Now you're telling me again the Chandler wobble has stopped.
Yep.
You can Google it.
I imagine quite a few people are right now.
This is according to According to several sources, actually, it's not a hard thing to find right now.
This type of information, once it gets out, it ends up spreading kind of like the same thing with the polar ice caps melting 30% in the last 50 years.
I happen to know that's a fact.
And 10% of the ice in the last decade on the Earth has melted.
Snow caps, do you know that the North Pole at the very peak no longer has ice now?
Yes.
And so they're saying, you know, and this ice shelf broke off of the South Pole and it was the size of New Hampshire.
Yes.
If the South Pole melted completely, it would raise the ocean level by 600 feet.
That's right, yes.
They don't think that's going to happen, but already the ocean level has increased.
Global warming is causing Danger with the methane that's on the ocean floor.
And you know, I care about the Pacific Ocean.
I'm the guy who discovered the face on the Pacific Ocean floor.
You know that face tracing?
And you're right about the methane.
All volcanoes.
The methane is incredibly dangerous.
Very dangerous.
And you know what I'm worried about?
A new technique of oil drilling.
And they are pounding sound waves, 24 guns at a time, at the ocean's floor.
They did it off the coast of Australia, one month before the tsunami.
And it was decried in the Australian Assembly by the government.
The dangers there, they felt it on land.
And one month later, we have that tsunami.
And so one part of my lecture is, was the tsunami caused by man?
And there is very strong evidence that this pounding, this super big guns they have bashing at the ocean floor, is creating crevices down there.
The last time methane gas escaped, they want the methane.
You realize there are people who would say nonsense.
The earth is incredibly strong and we're like little ants just making little tapping noises.
So how would you answer that?
I would answer that by saying that the earth is an ecosystem that is sensitive.
And if you're pounding sound waves at it, you know, you have a volcano It gives off people 50 miles away feel an earthquake from it.
We are all sensitive to what happens on this earth with those kind of anomalies.
And when the country of Australia makes an outcry because of this, and pretty much blames the oil companies, and this is going on all over.
Methane gas, the last time it escaped wildly, caused the Ice Age.
90% of everybody in the world died.
All the dinosaurs died.
The oil explorers that are out there right now are so afraid that they will not shoot the sound wave straight down.
They've figured out a way to come in sideways with the hope that they won't be up there if there's a flashback of methane gas, because it's frozen on the ocean floor.
If it melts... I've heard of this slant drilling that they're doing, and you're saying they're doing it in order to avoid the possibility of a blowback?
Absolutely.
They all agree that it's a very dangerous, but the thing is, you see, it's so tempting.
It's so cheap.
I mean, gas could be 30 cents a gallon, because there's 800,000 times more, and that's not a made-up big number.
This is a proven number.
800,000 times more in quantity available methane on this planet, on the ocean's floor, than there is petroleum.
But it's just as dirty as petroleum.
It's not a clean gas at all.
Very plentiful.
What would the earth be like?
Can you describe our earth after a polar reversal?
You won't be able to call the local police.
You won't be able to call your mom.
Those poor people that were in that tragedy you were talking about earlier would not be able to call anybody because you couldn't use the phone.
Will you be alive?
If you were alive, you would probably be in a situation See, a lot of people believe that what's going to make this happen is some kind of a catalyst, like the volcano at Yellowstone, which has raised 74 feet in the last 30 years, and one end of there, and about 17 feet in the last 10 years at another end.
So much gas is escaping from Yellowstone that the Science Channel ran a special last month The title being, When Yellowstone Erupts.
And the last time Yellowstone erupts, it erupts like clockwork every 600,000 years.
I saw it.
And it's 40,000 years late now.
That was one damn scary special.
Yes, it was.
And the thing that is interesting about it is that the scientists there now are alarmed because for the first time since they can remember, animals are dying from the gases coming out of the ground.
The bison fell over and are dying in certain parts of the park.
If Yellowstone would give off, according to the Science Channel and so many other people, up to three-fourths of our nation would be covered in a black cloud of soot that has a glassiest cutting nature that would cut up people's lungs.
Very dangerous stuff, and that would cause weather climate change that would lower the temperatures by 16 degrees minimum.
That would again cause The Earth to have just enough so that that would be possible for the Earth to tip over and its axis from that event alone.
All right.
I want to stop you right there and note that there have been two headlines given to us this half hour, both of which you're welcome to check out.
You can think of them as crazy or you can go find out for yourself one.
The sun's magnetic field has doubled.
Two, the Chandler wobble, and I'm sure many of you have heard of that, has stopped.
If at the bottom of the day here, the end of the day, that Lloyd believes more strongly that this is about to occur from a scientific point of view, and he's laid a couple of big ones on us, the sun's magnetic field has doubled.
And the Chandler wobble has stopped.
Now some say that it does stop every now and then.
I was not aware of that.
We'll ask about that in a moment.
I know he also has some religious conviction, or at least I believe he does, that this is going to occur.
And I wonder which is the most influential.
will ask in a moment thinking things are not changing uh...
Matt Drudge tonight says that Phoenix now, Arizona, has gone 101 days without rain.
That ties the all-time record for Phoenix.
Northwest is getting drenched.
The weather certainly is cattywampus.
There's no question about that.
Lloyd, let me ask you that now.
There is a sort of a religious underpinning also to what you believe, isn't there?
Absolutely.
The company that hired me to do this 13-city tour is called the Prophecy Club, and what they care about is what's called end times prophecy.
If people want to see my schedule, they can go to 777news.com.
Is it okay if I say that, Art?
Yes.
That's where my itinerary is, because there's no reason to read off all the cities.
I'm going to be in Stockton tomorrow night, and I am going to Phoenix next week, and Portland, and Detroit, and so many other cities.
Oh, by the time you get to Phoenix, buddy, it's going to be well into a record without rain, unless they have it fixed now and then, and I doubt it.
Right, and I try to cover the weather problem, too, as best I can at 777news.com, because people just Don't go there just to see my itinerary.
They want to know about my other stuff, but the religious part of it, the Prophecy Club, this is my sixth tour with them, and we have been very successful because what I try to do is put the science first, but I'd be fibbing if I didn't tell you that it's just as amazing to me.
The Bible, in the book of Isaiah, says that the earth will roll and rock like a drunkard.
In the book of Revelation, it says that it will roll up as a scroll.
And that the North will become the South in effect?
There are about a half a dozen places in the Koran that talk about the Bible.
That's enough for me.
That's enough.
If the Bible and the Koran both speak of it, then, you know, I think it's reasonable to assume that this... The Upanishads, the Bhagavad Gita, Chinese religion discusses it.
There is no major respected religion that does not have something about a polar shift in its history and a definite End times type prophecy of the earth rolling up as a scroll.
Alright, alright.
Sold on that score.
Now do you, inside yourself Lloyd, do you give more weight to the religious aspect of it or what you've learned of the science?
Art, the only reason I was able to do over 500 radio and television shows about a face on the Pacific Ocean floor is because the science comes first.
I believe that is very important.
You lose respect.
If you have an incredible idea, you surround yourself with respected people that are well-known, and then you'll be listened to.
All right.
Somebody wrote that the Chandler wobble is supposed to stop every now and then.
Is that true?
Well, it does stop every now and then, but every now and then can mean like every Several years, and it's been stopped for days now, and they keep saying it still hasn't moved, and why hasn't it moved?
And in Texas, by the way, today, a place that had an entire lake is completely dry.
There's the biggest drought that's ever hit Texas and Oklahoma right now.
There are weather anomalies happening on this planet that are just amazing.
I can't argue that.
It certainly is occurring.
Is it a precursor to what's coming?
Is it part of what's coming?
Or is it a separate cycle?
I think it really is.
I do.
I believe that.
I think that enough things have happened.
There's something else called J2.
When you and I went to school, Art, we were taught that the Earth's not perfectly round.
It's a little bit like an egg, you know, because the north and the south is a little bit more than the equator.
What's happened is the equator has reached a point where it is actually more in circumference, its great circle, than the poles by 27 miles.
Two scientists have measured this and they have made announcements
concerning it and...
Well that's not too far off round.
Pardon me? That's not too far off round really.
It's just a very interesting thing that all of a sudden around the equator it's
it's wider now than it was around the pole, than it is around the poles and
that's only happened in the last, since 1997 actually.
Alright Lloyd, are you adding all of this up?
I'm talking now about the weather changes.
I'm talking about the poles melting.
What we've seen.
That's really frightening stuff, in my opinion.
And the weather is really frightening.
Not to me.
I live in California.
Not to you?
Why is it not frightening to you?
Because of the other part.
You know, I care so much about the science, but I'm one of those people that believe that Our lifespan, like Billy Graham said, that the lifespan of people will not change one iota with an all-out nuclear war.
That an all-out nuclear war would not change the lifespan of anybody on Earth, because everybody in this generation is going to be dead as a doornail by the time the next generation is old.
Anyway.
And I realized that, and after that, I got millions of years ahead of me because of my belief system, so I'm fine.
I don't really like Earth that much anyway.
You have millions of years ahead of you because of your belief system.
What is your belief system that tells you that?
I was on a show the other night and I told a guy, one of my favorite songs is A Million Years From Now.
And he goes, I never heard that song.
And I said, yeah.
A million years from now, a million years from now, I'll be in my father's house a million years from now.
That kind of thing.
Religious stuff.
I hope you're right.
In times of difficulty, when you've got something like that, and if you do it like I do, which is apologetically, which means prove it first, don't just make up stuff and walk around with a lollipop in your mouth.
Alright, Lloyd, how do you prove that?
There's something called biblical apologetics, which means don't say it's true unless you've got something valid to back it up.
Alright, back it up.
Certain prophecies have proven to be true that line up right in line with the Earth tipping over on its axis.
Certain things had to occur first.
One of the things that had to happen is the days have to be shortened.
Now that's never happened, but it happened right after the tsunami.
For the first time in history, the rotation of the Earth changed.
A very infinitesimal change.
Yes.
It startled scientists because they changed those atomic clocks In a very regular fashion, and it's never been different.
And they had to stop what they were doing and change the atomic clocks by as much as almost a second.
And that's a lot of time when you're talking about that type of science.
It is.
It is true.
It is true.
All right.
So you think all of this is... Well, that's a very important issue.
And then also the Earth wobbling in a way that's totally different.
The Chandra wobble is so minute.
It took amazing measurements to even find it.
It took a novice, a non-scientist, to discover the Chandler wobble, a man named Chandler, and then he was finally validated by the scientific community.
They went, wow, how did he figure that out?
Because it was so subtle.
But the wobble that happened after the tsunami almost was like a drunkard rocking back and forth.
I mean, it was a real wobble, and it was on the front page of the New York Times.
How close to this do you think we are?
I think it's close enough so people ought to just take stock of themselves and say, you know, How am I doing?
You know, am I the kind of a person that I'm going to like myself for how I've lived my life?
And am I... I'm not talking about just being good.
I'm talking about, is my life a test like some of these people out there say it is?
Like everybody in the world that's religious?
They say it's a test.
If it's really a test, do I want to take the test?
I like what the Islamics say.
You know, it doesn't have anything about accepting Mohammed.
It just has to do with a personal relationship with the Creator.
I believe in that.
I think they're right.
And I'm a Christian, and I have the same belief.
Alright.
For those who believe that God helps those who help themselves... No, I think... No, but hear me out.
Lloyd, Lloyd, Lloyd, Lloyd, Lloyd.
Hear me out.
For those who believe that God helps those who help themselves, there are going to be safer places on Earth to be if something like this occurs.
Where are those, and how much safer?
Well, I would call this an equal opportunity cataclysm, but if you were trying to find a place that would be a bit safer, you don't want to be in California or anywhere on the coast.
I think probably the safest place in the United States of America to live would be probably northern Oklahoma.
You would probably just die from the drought.
In other words, right in the middle of the land mass?
Yes.
And even there, you say you would die of the drought?
Well, you know, what the Bible says is that when it happens, when the earth tips over in its axis, that immediately a third of the earth will die.
And then it says, in the next season, right after that, another third of the earth will die from poisonous water, poisonous ash.
And it's called Wormwood in the Bible.
Yes.
And that a third of the earth then will survive, and they will find themselves on an earth with no more sea.
There won't be any more face in the ocean floor.
There's just going to be no ocean, because it says there'll be no more sea.
There'll be no more desert.
It'll be like the earth is a paradise, sort of like the Garden of Eden, with beautiful fresh water and wonderful vegetation.
And I think that that's a nice thing to look forward to.
Well, I mean, if you discount a third of the Earth's population dying, perhaps.
But, you know, there is that aspect of the event.
Well, Art, almost everybody in the whole wide world, from the beginning of time, who has ever been alive, is dead.
Yeah, I've got that.
And so, big deal.
I mean, basically, I have the belief system that everybody on Earth that's born is born dead.
I mean, you know, they're born dead because of, you know, the curse on the earth.
You know the old story, the Bible story and stuff like that?
Well, the only way they get out of it is to get uncursed.
And I believe that's true.
Meaning to be dead.
Well, I'm sure that that's a great comfort to you, Lloyd.
There's no question about it.
I can hear it in your voice that you believe it thoroughly and it's a great comfort for many millions of people listening to this.
It's not.
I mean, you've got to understand, there are many agnostics, there are many people who simply don't believe.
As a matter of fact, an awful lot of scientists and doctors and people like that, that I interview, when you push them right to the wall, Lloyd, they don't believe.
And they shouldn't be picked on, because I think that they're sincere.
They are.
And I think that... And something like this scares the hell out of them.
It scares the hell out of them.
Not you, because you're going to the Great Reward, and you firmly believe that, and that's your faith, and you're comfortable.
Not everybody feels that way.
Well, also, a lot of people that are in that agnostic and that kind of thing, they're that way because they haven't seen any proof.
But you'd be surprised how many people You know, after, like, checking out my discovery of those images on the ocean, look at it and go, this has to be deliberate by some kind of higher power.
And who have, their scientific mind has said, as a matter of fact, one gentleman who is an expert in constitutional law and an atheist, wrote a letter and he said that he gave up on that crazy Bible years ago, but after reading my book, The Amazing Mystery of the Great Face on the Pacific Ocean Floor, That he's gonna go back and take a look at that book a second time because obviously there's something he missed.
Let's get a... That's the people I'm talking about.
Yeah, let's get a quick summary of The Face on the Ocean Floor.
A lot of people may not have heard it when you originally aired it.
They can see it by going to 777 News.
I've made all the images free, available for free.
Alright, this face... And they get my book and a video out there on a special for Art Bell's people that want to look at it for $35 plus $5 shipping and handling.
But the images are free.
They can see the huge face, covers half of our planet, Crystal clear eyeball, longitude 7, latitude 77 at his mouth.
When the Los Angeles Times interviewed me, NBC News interviewed me about this, they asked what that meant.
I told them that the number 7 in the Bible, the Koran, the Bhagav, every great religion in the world is the number of God.
So they printed that big headline, Lloyd Carpenter sees the face of God.
And I made speeches throughout the 13 western states for 6 years while I was in college.
Went on to win the national championships because of this.
I found that our planet has five humongous images.
The face on the Pacific Ocean floor is half of our planet.
It's the entire Pacific Ocean.
And doctors, medical doctors, have seen that eyeball is anatomically correct.
They see that their teeth, you can see inside of his mouth when it's closed.
You can see the pineal body.
It is one of the most startling, shocking discoveries.
I did so many shows, I got burned out two years ago and stopped doing radio and TV all together until this new topic came up.
Lloyd, is it your position that the That our Creator put those faces there?
Well, I learned it from a rabbi.
He told me the very first thing ever mentioned in the Bible.
I didn't know it.
He said, in the beginning, God put His face on the bottom of the ocean.
I said, I've never heard of such a thing.
He said, yeah, that word is, you know, the word panim, and it means God's human appearing face.
So it's always been a belief that the most important biblical myth, if you will, is that God put His face on the ocean floor.
And the last great promise in the Bible says right before the world comes to an end that all humanity will see the face of God.
So I'm fortunate enough to have people that endorse me from various religious faiths because I don't talk down on any religion.
I appreciate anybody who believes whatever they believe.
And, you know, I know how I'm going to get there.
I think God's a lot more forgiving and understanding than anybody I know, me, or whatever.
So again, bottom line, you're saying, yes, the Creator put his face on the bottom of the ocean for us.
Not only that, you've got the Jesus King in the Middle East bending down with a nail going through his wrist in the same location as the Shroud of Turin, right there at the Suez Canal.
And I have a big blow-up of that coming in close at 777news.com.
They can see the demon on the South Atlantic Ocean floor, the entire South Atlantic, 666 at his mouth, longitude 60, latitude 66.
Four images covering 70% of our planet, and then the entire Middle East, all of it, that king kneeling in prayer.
And everybody's curious about the Great Pyramid.
At the very center of his praying hand is the Great Pyramid of Giza.
Which, uh, which, uh, E. Wallace Budge, the curator for the, uh, uh, British Museum, uh, said, uh, should be pronounced, not Gee-zah, but Gee-zah.
Oh, really?
Yeah.
We live in a wild world, don't we, Art?
Uh, we do indeed.
Uh, we do indeed.
And, uh, you know, certainly there are a certain... I'm kind of a skeptic, Lloyd.
Really, I am.
Me too.
I'm a member of Skeptics International.
I'm also not blind, and I can see clearly what's going on in our world right now.
And it is very, very disturbing.
And it does seem like it's adding up to something imminent.
And you think that that something might be a magnetic or pole reversal?
You know, there's so many different, not so many, but there's about five or six different things that could cause it.
That I don't know what the spark will be, what the catalyst will be, but the world is already teetering, and scientists completely agree on that, and all it would take is a Yellowstone event, an ocean floor event.
Right now, in that ring of fire, which is the tracing of the face on the Pacific Ocean floor, has heated up so much, especially off the coast of Oregon, where I'm going to be next week, and Washington, that scientists are saying, you know, this is strange.
Looks like it did in 1980.
I have 500 slides that I show during my presentation, which, you know, verify these facts, the names of the scientists, the pictures close up, that kind of stuff.
And tonight we had such a good time because people just going, wow, this is like amazing stuff, but I don't want to live in a boring world.
I'm glad that we got something interesting to talk about.
I don't want to just stay home and watch Laverne and Shirley.
No, it's not boring.
And incidentally, I did see the Discovery special you were talking about.
Wasn't that fun?
On Yellowstone.
Oh, really, truly frightening stuff.
I mean, they drew out the scenario very carefully of how it would happen, the region, the entire region that would be affected, and It's scary stuff.
My book's also on Amazon.
If people ask for the Facebook or the Face on the Ocean book, I always forget to mention them.
Amazon.
I wanted to get that out there.
Yeah, that kind of blew my mind when I saw that.
Amazon has everything.
Let's see, the book is The Amazing Mystery of the Great Face on the Pacific Ocean Floor, right?
Amazon.com or 777 News.
And they get a video too.
I got one called Scientific Proof of the Deliberate Supernatural.
They get the two together for $35.
But I don't care.
care.
Go ahead and look at the pictures.
All right.
The Senate Committee on Governmental Affairs on the need for legislation to ensure the
security of the government's information systems.
His articles have appeared in major news, I shouldn't have laughed, major news magazines
and trade journals.
And he's appeared on Court TV, Good Morning America, 60 Minutes, CNN, The Burden of Proof, and Headline News.
Kevin has also been a keynote speaker at numerous industry events and has hosted a weekly radio show on the monster in LA, KFIAM 640, Los Angeles.
in a moment, Kevin Mitnick.
Here is Kevin Mitnick.
Kevin, old buddy, how you doing?
I'm doing great, Art.
How are you?
Long time no talk.
Yes, indeed.
It has been a while, and I have an immediate question for you.
Watching CNN Headline News earlier today, they had this really wild story about bots, about the danger of bots and how these bot masters, or whatever they're called, are able to make enormous amounts of money by having sort of a pyramid scheme of as maybe thousands of computers below them.
You know, hacking and whacking their way into accounts here and there and even just something, a scam so simple as a bunch of hits to Google and then somehow the payment gets back to them or a part of the payment gets back to them.
Scary stuff!
Yeah, in fact, I think one gentleman or one individual had pled guilty in Los Angeles to actually running some sort of botnet.
And what a botnet is, is like an army of soldiers, is that there is usually a worm or a virus that takes over unsuspecting victims' computers and it installs a piece of malicious software.
It turns the computer into what is called a drone or a zombie.
And then the software, this piece of malicious software, phones home to the attacker, usually over an IRC channel, like a chat room.
And then the bad guy literally can control tens of thousands of computers of unsuspecting people and direct those computers to attack Uh, an innocent company through what we call a distributed denial of service attack.
It could be used to pipe spam through these unsuspecting victims because through their ISP, they don't have to worry about The email being rejected, so to speak, and it's coming from so many different sources, it's really hard to track down.
You know, the story portrayed exactly what you just said.
Virtual, good word, armies out there.
Thousands of computers directed by individuals, sort of computer warlords, if you will, going after these different goals.
Man, we are in the middle of a world changing right in front of us, and a lot of us are simply totally unaware of it, aren't we?
That's true, and it's a shame because if individuals out there just did a few extra steps when they purchase a computer, they could really raise the bar and they probably won't be attacked because if they run something like a personal firewall and they're careful about opening up attachments and doing certain things that people can do to really mitigate the risk.
But unfortunately, there's a lot of people that go into Best Buy or Circuit City, they're mom and pops, they go buy a computer, they plug it into their DSL or to the cable.
And then they're victimized, you know.
Well, let's face it, Kevin.
No matter how many warnings are given out, and they're constant, thousands, even, no, millions of people are not going to tend properly to their computer.
That's just a fact of life.
So these armies are going to constantly be able to recruit new soldiers.
And it's not going to stop.
I mean, is there some kind of educational process that you think would really get through?
We finally have people wearing seatbelts in America.
Could we do a similar thing with computers?
Are we going to have to?
Well, I think the software manufacturers could release their computer operating systems.
You know, for example, the one with the biggest market share, Microsoft, configuring it in a default security on environment.
Why they don't do that is because people want interoperability, they want reliability, they want functionality.
Microsoft doesn't want to have their telephone support centers, you know, barraged with customer service calls.
Right.
So they usually release it in a more relaxed mode, so to speak.
But I think if the operating system manufacturers increase the security of their released operating systems, and also there were some public service campaigns to really help raise General awareness about computing and security to the general public, I think, would help tremendously.
How many holes are there in, like, XP?
Current operating systems, XP Pro, XP Home, are pretty good operating systems.
But, God, it seems like they keep discovering new holes all the time.
Is there going to be an end to it?
I mean, will Microsoft ever produce the last patch?
I don't think so, but you can't really pick on Microsoft.
It's really, you know, all computer operating systems are developed by people.
You know, whenever you have the human factor, it's always prone to error.
And unfortunately, back in the day when Windows XP Pro was coded, or Windows 2000, and even the legacy systems, they were developed by engineers and developers that weren't taught secure coding practices.
So what has happened is these operating systems have been released and there's a lot of bugs, a lot of flaws that security researchers could identify and exploit and then once they're exploited they release the information to the public over the internet than anybody could exploit it.
Alright, but look, there's gonna be another operating system just over the horizon.
In fact, I think there's a name for it.
Longhorn.
Longhorn, there you go.
So, now that they know about all of these security holes, when Longhorn comes out, it should be absolutely flawless, right?
No.
No, there's always going to be security vulnerabilities Humans develop computer programs, and there's always going to be problems.
The thing that we need to do is, you know, be aware that these systems aren't 100% perfect, and then develop a defense-in-depth model.
So, you have to presume that any computer that's connected to the Internet could be compromised.
But then, knowing this in the back of your mind, what can you do to limit the damage?
And that's really how you have to think.
Think about all these companies that are out there with these firewalls over the internet, like for e-commerce, for example.
They have the company firewall, but they still have to allow the public to connect to their website, so they can't do business.
So what they do is they hire a junior programmer to develop the web application.
That the company is using to sell products and services.
Well, Kevin, when I go on to a secure site and I see VeriSign with a little check there, am I basically safe?
Not really.
I mean, there's a tax that can be done.
What you're talking about is using what we call the secure sockets layer protocol with the little lock.
That's right.
That means that any information that you send is encrypted and also You have a reasonable level of confidence?
You're talking to the real site, not a bogus site?
Well, what I'm asking is, do I have a reasonable level?
Can I reasonably expect that I'm safe?
Well, what you could think about is, what are the threats?
For an attacker to come specifically after you and do what we call, what the term is, it's called a man-in-the-middle attack.
And what that allows the attacker to do is, even if you're using a secure connection, there's a way to trick you into connecting to the attacker, and the attacker actually connects to the real site and monitors all the information flowing in between, kind of like what the NSA would do.
I'm glad you brought up the NSA.
Let's have a little talk about that.
Let's sidetrack for a moment.
The NSA is listening.
They're listening to... To this radio show!
Well, the NSA is listening to probably all overseas communications, I would bet.
Now, would you go beyond that?
Would you say the NSA is listening to even domestic conversations do you think they've got big computers listening for keywords even domestically?
I would think so but don't don't forget now that we have voice over IP we have you know analog and digital telephone communications we have you know gigabytes of traffic over the over the internet you know yes that you have a lot of data to shift through so you have to think about well if you have all these pipes of data how are they determining what pieces of information You'd be sent to an analyst to investigate.
Obviously by very large computers that are looking for keywords and can monitor and do a great many things at one time, right?
I would suspect they even have really good voice recognition nowadays.
That too.
You know, you imagine that you're calling these companies up over the telephone and their voice recognition systems are pretty well done.
So you have to think that our government's ten years ahead.
So they probably are monitoring domestically as well as internationally.
They're just monitoring, right?
I don't really know, but I would suspect they are.
It would be my guess, too.
Now, my question to you is, there's a balance here, Kevin.
On the one hand, we are fighting a war on terrorism.
These people want to kill us.
And they're making plans to kill us.
So, we have a good reason to listen.
Is it a good enough reason to listen?
We have the Constitution, which is sort of crumbling under the effort.
The Fourth Amendment is sinking lower and lower and lower, and so my question to you is, in your mind, Kevin, the old hacker mind of Kevin Midnick, is there enough justification to be doing what we're doing to our own citizens?
Well, it's a hard question to answer because we're bouncing two very important interests, the interest of privacy and the interest of security.
And I'm a firm believer that our forefathers have fought and died in wars, well, have fought and died to protect our constitutional rights.
And for the United States government, or for any state for that matter, to not comply with the constitutional protections causes me to really think about the issue.
I kind of lean towards, really, that our government authorities have to abide by constitutional protections.
So, are you telling me, then, that if you were the President of the United States, you would not have signed that authorization?
To tell you the truth, if I was the President of the United States, I probably would have.
I would want the ground truth.
The intelligence.
See, there you are, Kevin.
There you are.
If I was the president, I probably would have.
Do I agree with it?
No.
That's the real test question, isn't it?
Yeah, it is.
And I actually, and some people will be appalled, but I think if I were the president and I was looking at this threat to the country that I had sworn to protect... You would do whatever you could to protect it.
I think I'd sign it.
Yeah.
I do.
I really do.
We really are in a war, and I don't know of any other way around it.
Honestly, I don't.
And I understand that it trumps on the Constitution, but I don't know.
I think the war trumps it.
Yeah, I think that is a good word, Art, but I also think that any intel that is gathered through illicit monitoring should not be available to law enforcement agencies.
For example, if there If the NSA is monitoring conversations, and they learn some guy's a bookie, they shouldn't be able to pass that information to the state police.
Because I think that would really infringe on constitutional protections.
But if they actually undercover a terrorist plot, well, the more power to them.
Well, what about if they uncover domestic terrorism?
What if they stumble into another nickel?
Somebody wants to blow up a building somewhere?
Terrorism is terrorism to me, whether it's international or domestic.
So, yeah, that should be passed on.
Yes, in my opinion.
But, you know, the Congress is really responsible for enacting the laws, so they're going to do what they want to do, and then those laws are supposed to be enforced, but then there's all these exceptions to the rules, and usually the government has built in these exceptions to allow them to monitor Communications, especially under the Electronic Communications Privacy Act, for any sort of even fraud.
Well, your answer is very interesting.
On the one hand, you're against it, but on the other hand, if you were the president, you'd be doing it, too.
Yeah, I would want the intel.
I'm putting myself in the position of having the power to get it, and if I did have the power and I had to protect the country, I would use it to get the ground truth.
I'd use it for a specific purpose.
Okay.
All right.
What is social engineering?
Remind the audience.
We did this before, but go ahead.
Well, social engineering is a technique used by identity thieves, by hackers, even by law enforcement.
And social engineering is really using manipulation, deception, and influence to get a person to comply with a request.
In the social engineering that That's relevant to computer hacking.
It's where the bad guy calls or emails somebody over the telephone and convinces a person to release information that could be proprietary, like, for example, their passwords, or have that person perform some sort of action item, like visiting a website.
Like, imagine this.
Imagine you've got Betty that's the secretary of a large company.
Betty gets a phone call one day.
And it's a guy, John, and he says he's from the IT department of that company.
Betty doesn't really know him, but what John is asking, well, first of all, tells Betty that they've had some issues with their internet connection, and he wants to make sure that she can still get out to the internet and there's no problem.
So he simply says, hey, Betty, I want you to go to this website and see if it actually comes up.
Uh, if you could see a picture... And Betty, of course, complies immediately.
...complies, goes to www.youknowishouldngohere.com, and, you know, up pops a picture of a flower.
But what Betty has just done is, when she opened that, uh, when that picture was rendered in her browser, unbeknownst to Betty, it exploited what we call a client-side vulnerability in the browser.
And now the bad guy has complete control over Betty's machine.
Yeah, that's like that commercial on TV.
Have you seen that, Kevin?
The one in which the poor lady in her little cubicle brings up something that says, you just have contracted the pink slip virus.
And pretty soon all the other cubicles are getting the pink slip virus.
And her head sinks down and, I don't know, she goes somewhere or something.
I forget what the commercial is for.
Have you seen that?
No, I actually haven't.
Well, that kind of thing, anyway.
Poor Betty.
Or even a better one.
Imagine you're an employee in an office building, you walk into the restroom, and you notice that somebody's left a CD in a jewel case on the sink, and it's red.
It's a red jewel case.
You want to find the owner, so you open up the jewel case, and it's a CD that has the company logo on it, and it says, Extremely Proprietary and Confidential Employee Salary History, 2nd Quarter, 2006.
Yes.
What are the chances that some guy could walk that back to his office or his cubicle, stick in the CD just to check out what his coworkers or what his boss is making, and there's an Excel spreadsheet there, you double-click on it, It comes up that it's corrupted, but unbeknownst to the guy, he just installed a piece of software that secretly connects out from his computer to the attacker on the outside of the company.
So the whole thing was a ruse to get a program in there that would rob him of all the data that he's got.
Well, would give the bad guy control.
And technical hacking is very similar, because we have a thing, the technical term is called a buffer overflow.
that's where you could take advantage of the developers or programmers mistake.
It would be a very interesting thing.
It'd be a very interesting...
This is one of the questions, you know, that you get that are pre-written down when you do a program like this.
What is the typical profile of a hacker?
Where do they get their start?
Are they really as technologically sophisticated as we are sometimes told?
Now, I think Kevin would be the ideal person to answer that profile of a hacker, because Kevin was a hacker, so you should easily be able to answer that.
What kind of guy or gal goes to the dark side of computing?
Well, it's kind of really a mixed bag of questions, you know, a mixed question because... Just let's deal with that one first.
To deal with what?
The profile of a hacker?
Yeah, that's right.
Well, I mean, the person that's doing hacking might have a different agenda.
You might have someone who just wants to steal using technology, so they learn a little bit about how to exploit vulnerabilities, and they exploit e-commerce sites and steal credit card databases.
Well, again, though, you're really looking at the mindset of a hacker, and I could talk about myself, because many years ago, You know, when I was involved in this activity, my mindset was really for the intellectual challenge, the thrill, you know, the adventure, the seduction of danger of being somewhere where you really shouldn't be.
Okay, you weren't after the money?
No, no, not at all.
No.
Alright, so... Mine was purely challenge and seduction of danger and adventure and intrigue.
I would, I guess I would best sum up my interest, but in today's world, a lot of the people that are using hacking skills, skills to steal, are really profit-motivated.
They're not really into this activity for the passion of the technology like amateur radio operators.
In other words, from your point of view, Kevin, they're not pure hackers.
Correct.
You have a mixed bag.
You have the purest hacker that might be a kid in high school that Does something on the school computer because they're interested in how far they can go?
Yes.
And on the other side of the spectrum, you could have some terrorist group that wants to hack into a telephone company switch because they want to bring down telephone service in an area where they're going to do a physical attack.
So you have, you know, you have a mixed bag here.
There's no real, not really one good answer.
In the second book I wrote, In the Art of Intrusion, what I did is I told Several stories of different hackers who had different agendas and illustrated the different techniques that they would use to break into systems and how they would cover their tracks.
That book is out now, right?
The Art of Intrusion.
Art of Intrusion, yeah.
And if anybody's interested, they could go to Amazon, like your last guest mentioned.
They could actually read parts of the book for free online.
Okay, so we have two different kind of hackers, one motivated financially, one motivated, well, for the pure thrill, the pure everything that goes with it, not the money.
Now let's talk about the money people for a second, because CNN earlier today said, you know what, people can download, they don't have to be an expert in computers, they can download a program that will let them become one of these bot masters.
In other words, you don't really have to know anything about a damn thing except how to buy a program, and then you set yourself up at the top of a pyramid, and you make money.
No, I think what they were mentioning on the show, which I actually did not see, is probably people that have actually compromised a number of computer systems and have them under their control.
They're selling This is a service to buyers that want to send spam or pop-up ads or do denial-of-service attacks, so it's just a service to be sold.
But it's not like you can go out and download a simple program and go infect 10,000 unsuspecting victims' computers and take control, because it would require a little bit of technical knowledge there.
The people that do this, the people that actually download programs And what I call, like, point-and-click hackers.
Yes.
There's a derogatory term called script kiddies.
And what a script kiddie is, is somebody that downloads a program that doesn't understand how it works, doesn't understand the vulnerability it is exploiting, but just simply knows that if they run this program, good things would happen, and they would get access to things that they shouldn't have access to.
Yes, yes, yes.
Yes, yes.
How many script kiddie people do we have out there?
More than sophisticated hackers, because the more sophisticated people that are doing vulnerability research, that even are ethical white hat hackers, and people that even on the darker side, when they find these vulnerabilities, they're publicized.
And even in some cases, programs that demonstrate what they call a proof of concept are published on sites and are sent and available on news groups and such.
And then anyone that really has access to the internet and a browser could download these programs and use them.
And people like yourself look down their nose at script kiddie people, yes?
Well, I don't really look down at them because I figure that, you know, they're novices and they have to, you know, it's like, I guess, an amateur radio operator.
You know, it's a novice.
They know a little bit of electronic theory and they can do five words a minute of Morse code and they gotta start somewhere and then eventually they might become an extra class.
And then they know a lot more about electronic theory, and they could do 20 words a minute.
Well, I know everything has changed by now, but I'm thinking back in the day.
Yeah, it's five words a minute now for the whole group.
My God!
Well, I had to study my butt off when I was looking at this.
There are many who feel that these standards have been lowered, and well, anyway, I won't get into that right now, but look at them like script giddy people.
See, I could equate amateur radio operators of people that were into ham radio at the tinkers with what the electronics building he's get
radios oh yes you know it's a very analogous
to a class of computer hackers that were into the experimentation into the exploration
out of the passion for the for for technology and it all I think emerged from amateur radio
and the old phone freaks of the nineteen thirties Sure.
I think a lot of people want to know these days, Kevin.
I do.
We have enemies, very serious enemies.
Now, I wonder if they're just out there tinkering around with explosives and, you know, biological stuff and even nuclear materials or whether they're also conducting a war against us with our own technology.
And so in other words, is Elkatov, do you believe, involved intimately in some sort of cyber war with us or is there an aspect to it?
Is it just communication among the cells or what?
I believe that these terrorist groups definitely use the internet and use encryption and steganography To communicate, that's just a, you know, to me it seems like common sense.
Because it would be a great way to conceal their communications.
Yes.
Whether or not they're actually obtaining skill, hacking skills, or hiring people that have these skills to do cyber attacks against critical infrastructures, I really don't know that.
But I do know that other nation states are, and even the United States of America, But they are training people in our branches of service.
To do offensive attacks and also defend our critical infrastructures.
Well, I'm thinking of power plants, I'm thinking of nuclear silos, missile silos, I'm thinking of a million different things that virtually these days are controlled by computer.
Is our infrastructure in America, and I mean power plants and all the rest of it, nuclear power plants for example, are they all protected well enough Well, I don't believe they're connected to the public internet, at least the critical systems, at least I would hope not, but you have to think about what about the worker that has a laptop that's an authorized employee that plugs in their laptop or goes to Starbucks while enjoying a latte, they're connected to T-Mobile, surfing the internet, and goes to some sort of kiosk, uses, they have an open wireless network at home, and then they bring that laptop back into a protected facility and just plug it in.
You know, what type of malicious programs and worms could, you know, spread?
In fact, when we had that blackout, I don't know, many months ago, that was at the exact time that the MS Blaster worm was in its highest infection rate.
So it was quite suspicious of the timing, and you have to wonder, did that same exact incident occur there?
Well, I know that when we went to war with Iraq, there are many stories floating around out there, Kevin, about what the United States did.
That we threw some magical switch and virtually turned off their communications, turned off their radar, hacked into this, hacked into that.
We turned off Baghdad before the bombs fell.
Well, can you imagine if you actually have access to the computing technology Like, if you know Iraq is going to acquire X amount of computer systems from a particular manufacturer and the United States government is able to booby trap those systems before they're actually delivered.
Exactly.
You know, you could even booby trap printers.
Because you could even, you know, printers, you know, nowadays have, you know, they're accessible, you know, basically, you know, through TCP IP, through an IP address.
And you have to think about, wow, your company or your business could be hacked through your printer that's connected to the internet that's not even protected because the owner doesn't understand what threat exists in that case.
So, you're saying, for example, if we could control the technological flow from here to, say, Iraq or any other country that we are at odds with, we could perhaps sell them equipment that's got little virtual bombs in it.
And if we suddenly went to open warfare with that nation, we could, with a click of a switch, an order given by a president or whoever, a military commander, we could turn them off?
Well, it's possible if, for example, you have computer hardware and you're able to switch the firmware to some that has some extra, let's say, functionality And even, say, with Microsoft, with the Windows operating system, if it's able to, you know, a special version has been patched in the case of delivery, it has some extra bells and whistles that they would rather not have.
Yeah, it's possible, but you have to think that government institutions, you know, at least when it comes to software, are using some sort of due diligence to ensure that they're not getting a doctored version of the software.
But you have to think about the hardware.
The hardware could be booby-trapped in some cases, too.
I want you to see a movie.
It's a very little-known movie.
You've probably never heard of it.
It's called Deterrence.
Never heard of it.
It was made completely inside a diner.
It concerns a crisis the United States goes through with Iraq, as a matter of fact.
It assumes that the son of Saddam took over and we come to blows with Iraq, nearly to nuclear blows.
And the threat of the story is that We sold Iraq through France a bill of goods we sold them nuclear weapons because they wanted them so instead of allowing them to get them from somebody else we actually did it through the French only we also sold them a terabyte computer that would assure them the weapons would work and when the critical moment came they didn't work because the terabyte computer was ours and we had
Instructed it, you know, to tell the Iraqis that these nuclear weapons would detonate, that they were in good shape, and it's the exact kind of thing you're talking about right now.
They used a little bit of social engineering art.
That's right.
And so you have to imagine that we are doing this kind of thing, and that when we go to war with a country, we can virtually flip a switch, their electrical grid goes down, their radar computers go berserk, And on and on and on and on, and I guess we're pretty good at what we do.
I agree.
You know what the most valuable tool to a hacker is?
What?
It's what is called a zero-day exploit.
It's a flaw that exists in a piece of software, for example, that somebody has identified that nobody else knows about.
I read something about that zero day, zero day.
It's called a zero day because it's been discovered, but it hasn't been reported to the software or hardware manufacturer, and it's relatively unknown to maybe one or to a small group of people.
And if you have a zero day and that computer in a particular, say, application or service, and that is accessible over the Internet, well, it is highly likely it could be compromised.
Now, there are security researchers that, you know, look for these vulnerabilities and they actually sell them to companies like iDefense and I think, tipping point, they buy these vulnerabilities so they could act as an intelligence source to different businesses that subscribe to their services.
Wow.
But don't forget there's other security researchers that specifically sell zero-day vulnerabilities to the U.S.
government.
Why would the U.S.
government want zero-day vulnerabilities?
Let's be clear.
These zero-day vulnerabilities are actually things that, in other words, are a flaw that somebody has become aware of, but has not yet used.
Well, they probably used it and tested it.
Proved it.
Went through some QA process, but they haven't... Yeah, I'm sure.
Proved it.
Right.
But they haven't... It's a secret.
Because it's a secret way in.
Like one of the most, one of the recent published vulnerabilities at one time was the one with the Microsoft Pitcher and Fax Viewer.
So if a certain image was rendered in your browser, if that image was constructed in a certain way, the attacker could basically execute code on your computer, which allows them to pretty much take it over.
What if that vulnerability was, you know, before it was made public, was used for two years by the American government or the Chinese government to compromise each other's systems?
It's probably done all the time.
All right.
Let's just let our minds wander for a moment.
You've got a company like Microsoft, and I'll just throw their name out because what the hell, why not?
They're the big ones.
Do you think that the U.S.
government approached Microsoft when the government figured out that Microsoft was going to be the big gorilla and intentionally had some zero-day stuff installed during the process of upgrades as we went from operating system to operating system.
Do you think it's possible that the US government approached Microsoft and said, look, you want to do something good for your country?
We're going to set up this, and this, and this, and this.
Are you willing to go along?
Well, you have to think about Microsoft has control of all its customers' computers, right?
Because you basically, your computer automatically, well, you know, anytime you go to Windows Update, they download programs, essentially, into your computer, and you don't know what it's doing.
You know, you're not that technically astute, and who knows what those programs do?
I doubt that the government would approach Microsoft.
I think what they would do is they'd plant operatives in the company that would obtain jobs and they would secretly embed weaknesses in certain areas.
They'd have to be pretty stealth about it.
But if you have rogue developers that are... Well, that might not just go for the United States government.
That could probably go for any government around the world, right?
Or maybe they were approached and they said no.
I don't think they would do that.
I think the government would keep it even secret, try to keep it secret from Microsoft.
I think they would find an operative at the company, or operatives, and try to do something that's going to be very, very innocuous appearance-wise, but might, if a certain set of conditions, not just one, but a certain set of conditions, if they were met, it would Create some sort of vulnerability.
i don't know if they've done it but it would uh...
probably make sense and and in the time of war all men is not interesting
I'm getting a lot of notifications on Fast Blast from all of you.
That our stream, our internet stream, which goes along with the program, as you know, is down.
It's actually down right now, completely down, according to the people.
Now, I don't know if that's all the stream, part of the stream, what's going on with the internet, I have no idea, but in honor of Kevin Mitnick being here, the stream is down hard, buddy.
That's unfortunate.
Yes, it is, isn't it?
I wonder if it has something to do with your appearance.
Well, I've appeared many times on your show before, and that never has happened, so it's probably unlikely.
Maybe.
Maybe those armies of drones that are now doing a denial-of-service attack against 3rd Channel.
Yeah, you never know.
You just never know.
And maybe it's being done in your honor, buddy, so thanks a lot.
Well, I hope not.
I definitely would discourage any of that type of activity.
That's not cool.
Uh-huh.
I bet that's the exact line they wrote to you as a response that you should give to anybody like me when you got out of the federal whatever.
No.
No?
That's coming from the heart.
Alright, so how dangerous now is all of this getting?
In other words, I guess in a way I'm asking, who's winning?
Are the software people and the people who put out all the protection programs winning?
Or are the hackers and the terrorists winning?
I think it's a constant cat and mouse game.
Companies that are innovative security companies are trying to build better and more resilient locks.
And you have a group of people out there that are trying to pick the locks.
And it's going to be this, you know, consistent process, you know, through the life cycle of security.
It just never ends.
So that's why we as consumers can't just feel confident that if we install Spy Sweeper, that we're safe from spyware.
It doesn't work like that.
Unfortunately, what consumers want is they want the security to be transparent.
They want to be able to plug in their computers to the internet, use it, and have a confidence of security.
But unfortunately, when you purchase a computer from Dell in the mail, or you go into a store and you plug it in, it's not in a default security configuration.
You have to either learn about the technology, or you have to Get somebody to help you.
Maybe the kid that's in computer class down the street could help you out.
I think we've talked about this before, Kevin.
Frankly, I know there are keystroke programs and a million things out there to monitor what you're doing.
I don't really have anything on my computer that I'd be ashamed for anybody to see or worried about.
However, I'm on the verge, I'm being talked into it by friends, to begin doing online banking.
Now, that's a horse of a different color, buddy.
A big horse of a different color for me.
I'm being told that online banking is every doggone bit as safe as when I walk up to my teller and I have a transaction.
True or false?
It is.
Do you want to know why?
Yeah, I do want to know why.
Yes, I want you to talk me into it.
It's true because if there's any fraud on your account, the bank takes the risk.
They take the loss.
As long as you didn't authorize the transaction, Um, you didn't, you didn't authorize it.
You didn't do it yourself or authorize anybody else.
And there's fraud.
And somebody has hacked your password or used, used the, what is commonly, commonly known as phishing.
Yes.
To phish your login and password from you.
Um, and you find out about the illicit activity within, I think, uh, I think that there's a certain time period by law, maybe 30 days, 60 days, that the bank will just credit you.
They'll do an investigation.
You'll have to probably sign an authorized document.
And you're saying this is true even if you're doing online banking?
I believe so.
A good friend of mine, I thought it was hysterically funny at the time.
I mean, we were on Ham Radio and I was talking to this fellow in Southern California, and a Mexican person had somehow acquired his banking information and he was uh... he he was doing his online banking and it was it was by you know other people's pain is funny but i mean he was on the air and telling us that this guy had his information or his card or whatever and was traveling south into mexico and he could literally go online
And look at this guy spending his money.
And he was going, oh my God, he just spent $300 on so-and-so, or $600 on so-and-so.
He just bought a case of booze.
He's having a blast.
And of course, it was great pain for him.
I believe so.
this guy traveled south spending like crazy uh... in in the end his bank took care of it and made good
on it and you're telling me that's always the case whether you go
to a teller or whether you you use online banking if something like that
happens to you they're going to cover it
i believe so i i believe there's certain rules and i don't know those rules off
the top of my head but i think it's very similar to credit card fraud
is i think the law is that you could be responsible for up to fifty dollars or
a fraudulent transactions but at the end of the day the bank you know rarely charges are good their customers
any fee if there was fraud
And that's why we have such high interest rates these days, is because the banks are taking the risk.
In other countries around the world, in Eastern Europe, it's a different story.
It's the consumer that takes the risk.
So, even that's where it becomes a little bit scary to do online banking.
Well, as a matter of interest, Kevin, how much money do you think American financial institutions are having to pony up for fraud?
Well, the FBI just did a new survey.
It was called the 2005 FBI Computer Crime Survey, and I actually was a contributor to this uh... survey that have been done uh... if any uh... the numbers uh... that are uh... that uh... i think i think it would look like the largest survey across a larger cross-section of uh... several states and it wasn't uh... if if you look at the fbi's calculation calculations that there was in the it's in the billions of dollars and if anyone's interested in the survey like uh... it's not on the fbi dot gov site uh...
I think it was up there, then it was moved.
I don't know where it is, but I did put it on my website if anyone's interested, and that is www.mitnicksecurity, M-I-T-N-I-C-K security dot com, and right on the homepage there in the upper left hand corner.
Anybody could pull down the recent survey that was just released, I think, a week ago.
Good plug.
I assume the financial institutions don't want the public to know how much they're ponying up for fraud, right?
Oh, absolutely.
A lot of times fraud is classed under, like for example with credit card fraud, if they realize they have application fraud.
That's where an individual uses fraud in applying for a credit card And the bank has suffered a loss.
What happens is they'll put it into the bad loan category because they don't want to report the fraud.
So they get to deduct that from their corporate tax, right?
Exactly.
So a lot of times losses are put in, through creative accounting, they're put into other categories.
So it doesn't negatively affect the company.
Companies can't take a hit in the media.
They don't want loss in customer loyalty.
Right, but on the other hand, Kevin, if it goes over a certain percentage, Then, you know, the company itself becomes in trouble.
It's not anywhere near that yet, is it?
As we look across, you know, the various credit card companies and all the rest of it, I mean, are the losses getting so severe as to perhaps even put the company in trouble?
I think so.
Just recently, I don't know if you heard about this, but there was a company called Checkpoint.
And what they did is they sold information about people.
Including social security numbers and addresses, telephone numbers, basically the dossier that they've collected through data mining and purchasing information.
And they sold this information to legitimate customers that had a need to know.
Maybe insurance, underwriters, law enforcement, and so on and so forth.
So what had happened is some individuals, a fraud ring, Actually applied for a checkpoint.
I'm sorry, it's a choice point.
Checkpoint is actually a firewall.
They applied for legitimate access to this database and they were granted You know, and they were obviously using some sort of false cover that they had some legitimate need for this information.
Sure.
And what they were doing was in the identity theft ring.
Okay, well, and they socially engineered them.
Exactly.
And in getting access, they actually paid for the service, but they were using the information to steal.
And I just saw in a recent news release that the company was fined like $15 million.
And I think that's a substantial hit.
Not only for public confidence, but You know, $15 million isn't a drop in the bucket, at least to me.
Well, I suppose in the large financial picture of the U.S., it is a drop in the bucket, but it's still a lot of money, and wow.
To an individual company, I think the loss of public confidence is much worse, and because of that incident, what had happened is it created this backlash in the private investigation community, There's a lot of databases out there that people could obtain information about you, and several of these companies started masking the social security number.
Some of them have not done that, and usually you'd have to demonstrate a real need to know that you're a real business, and they would send somebody out to your place of business to verify you are real, and then they would allow you to have access to the information.
But you have to think about it.
A Nigerian fraud ring You could simply open up a corporation, rent an office space, put in furniture, put in computers, and they look and feel like a real legitimate business.
But they've got to learn to write better scripts.
They really do.
I mean, they're pathetic.
Somewhere here I've got the recording of one.
I actually called this guy in Africa.
And I went through the whole thing with him, and I finally got him so exasperated.
You know, I should look up that audio.
I've got it here somewhere.
It was an absolute riot.
Have you ever done that?
Have you ever called one of them?
No, I never spent my time.
I just did it for a hobby, just to see, you know, what would happen.
And I got a million... You should play that audio one day.
I'd love to hear it.
Not recently.
I think within the last couple of years, there was this woman that worked for a New York law firm.
And she received the Nigerian email offering, you know, to deposit, you know, $30 million to her account, and she'd be able to keep, like, 90% of it.
Oh, yeah.
Right?
And she had actually thought she had won the lottery.
So she communicated with the people wherever they were in the world, and they needed an advance fee to handle certain taxes and transferring and lawyers, and they needed $2 million.
The lady thought, well, if I can, you know, retire with $20 million, at least $20 million, all I have to do is, you know, I'm a signer for the checks at the law firm I'm working, so maybe I just send them the $2 million, wait for the deposit, I could pay the law firm back the $2 million, and I could live happily ever after.
Well, you know, there's nobody easier to scam than a scammer.
And I was trying to figure out how to do that.
Anyway, I got this guy real frustrated.
Dog gone it, I can't find it.
I will find it.
And I will play it.
It was actually, on reflection, kind of a riot.
The poor fellow just... Anyway, I just kept talking about, when could I get the money?
And God, I really need a new car.
And he was just, you know...
Dr. Bell, you be patient.
You know, patient.
Guaranteed to work.
You know, it was just a riot and I do have it and there's really no reason I couldn't play it.
Sometime do that if you want to have some fun, Kevin.
Call one of those numbers in Africa and have some fun with them.
It makes you feel better.
I mean, I get so many of them in my public account that I finally just got frustrated and wanted to strike back.
Hey, about a year ago, last February, I was in Amsterdam and I went to an internet cafe and there was this group of Nigerians, like, huddled around this PC.
Really?
And it really looked like they were doing some sort of fraud, but I kind of, like, stayed out of their way.
I didn't want to, like, I didn't want to be noticed by these people and they come after me or something.
I should think you wouldn't want to be noticed by anybody near a bunch of Nigerians around a computer.
There you go!
By the way, how has life been for you since your encounter with our government?
It's been new and improved.
I started a security company, you know, defensive thinking that you mentioned in the initial broadcast.
Yes.
And then I changed the name to Mitnick Security because I thought it would be better to have my name in it.
What I actually do is 75% of my time is I go around the world and I do public speaking engagements and I speak at a number of conferences and a number of companies talking about security, the human factor of security when it comes to social engineering, wireless security, And a number of different topics.
So it's Mitnick, the name you know.
Yeah, my last name, Mitnick.
With a CK.
I figured it's good for the brand, right?
So I go around the world.
I'm going to Israel in mid-February to speak in Tel Aviv.
And then I come back and I go to Utah to a university.
Then I go to South Africa.
Have you ever been to Israel?
No.
You'll notice that it's a country of very young people, many of whom carry submachine guns.
Yeah, and you know that there's a lot of technically astute people out there.
Yes, yes, indeed.
It's like the real Silicon Valley of the world.
Actually, a lot of interesting security-type software comes out of Israel.
For example, I had a gentleman from Israel who wrote a program that could simply analyze your voice and render up an opinion about whether you were telling the truth or a lie, just based on your voice.
Voice stress analysis.
Yes, the Israelis use it at checkpoints and so forth.
Maybe the facade is like a pocket version.
Oh, it's very effective.
Very effective.
How are we doing in that world, by the way, of voice recognition and face recognition?
I remember I went to the Super Bowl, told you, and they took a picture.
That was the first one where they took everybody's picture and looked in, you know, files to see if you were a bad guy.
I think it's getting better.
I think that, you know, about a year ago, you know, the technology was in its infancy, and I think as, you know, time moves on, that a lot of these companies are developing better biometric technologies, but the problem is that there's not much early adopters.
You know, maybe in very secure facilities, they're using biometrics, but I really don't see that as a huge trend.
You have to think about, because of all the online fraud, that you would think a lot of the banks and financial institutions wouldn't necessarily use biometrics, but they'd use what we call two-form factor authentication, which actually means that you have a piece of information, something that you know, and you might have a device, like a smart card, and with the combination of having the card that you swipe through like a card reader and having like a pin code, that raises a level of confidence that you are who you say you are.
But the problem is that the fraud losses that are actually reported as fraud, those numbers aren't high enough to justify putting in stronger authentication systems.
Because it's too costly to roll out.
But there are other innovative companies that are trying to build in two-factor authentication, like, for example, there's a company that if you log on to your bank account, it might present an image of an airplane.
And you know that if you visit your bank and you don't see an image of your airplane, the airplane before you log in, that it's likely to be not really the bank site, but a bogus site that somebody's trying to deceive you into logging in as and to steal your username, to steal your password.
I must say it was done to me once.
James E. Hansen, longtime director of the agency's Goddard Institute for Space Studies, said in an interview that officials at NASA headquarters had ordered the public affairs staff to review his coming lecture papers, any postings on the Goddard website, and requests for interviews from journalists.
In my world, that's a wow.
Kevin Mitnick back in moments.
Okay, for the sake of my audience I think I want to get practical
with the Kevin for a moment here.
And Kevin, what I mean by that is, there are a million different things offering to remove spyware from your computer, offering to remove viruses, offering to prevent viruses.
What I'd like to know is, What's really good?
What's the best advice you can give an individual, either with respect to a program to have, or what to do?
Firewalls?
I don't know.
What's really good out there?
Well, first of all, personal firewall.
Microsoft XP after Service Pack 2, well, Windows had a built-in firewall in Service Pack 1, With Service Pack 2, Microsoft, when it releases, you know, when you install the OS, it turns it on by default.
And what that does is it blocks malicious incoming connections.
So anybody trying to connect to your computer from the outside, however, it doesn't stop malicious programs from connecting out.
So a more resilient firewall, actually, the one that I use myself when I'm using Windows, There's one called Zone Alarm.
Zone Alarm.
Yeah, and it's a real popular firewall, and you can actually download it for free.
I actually bought the pro version so I could tweak it to my needs.
My question would be, and you tweaked it, and you know how to do that, but if you just get it as is, which most of us would do... Oh, it's certainly better than nothing.
It's better than nothing.
My question would be, like a radar detector in a car, how often does it false, in other words, tell you that there's apparent attempted access when really there is not?
Well, the problem is if you're connected to the Internet, you're constantly being probed by malicious programs.
The terminology in the computers, I guess, security field or hacking underground is called port scanning.
Right.
What port?
You know, a port is like a door.
You know, you're going down the street and you're knocking on every door to see if there's a computer application behind it.
Looking for an open door.
Right, but a port really just lets you talk to a computer program, and if a hacker could find programs that he or she can talk to remotely, he or she might be able to find the vulnerability.
Okay, so what What ZoneAlarm does, or what I think Microsoft's default installation of the firewall does, is it basically just closes all the ports.
So, nothing is open unless you explicitly open it.
Okay, so what's in there, from Microsoft, from Service Pack 2 on, is, you're saying, very helpful?
Yeah, of course, because it's by default, it's actually turned on, which they should have done years ago.
Was when they, you know, that the firewall should have been turned on by default, but what happens is then sometimes it breaks things and then customers end up calling their support number and it takes, you know, their time.
But a more resilient firewall, which I mentioned before, a zone alarm, what happens is, let's say a malicious program, let's say you visit a malicious website and that website exploits a flaw with an Internet Explorer And the hacker is able to download a malicious program to your computer, and what happens is that malicious program secretly logs all your keystrokes.
So, every time you write an email, you know, it stores the information, all your keystrokes, every time you sign on to your online bank, every time you, you know, use AOL Instant Messenger, and then it, you know, secretly sends it off to the bad guy, you know, to an email account in Russia, or whatever.
Well, what would happen is the The more resilient firewalls will pop up a dialogue box where that program is going to ask for permission to connect out.
And unfortunately, some users might just say yes and let it go out, not knowing what it is, just thinking, well, it has some really complicated names.
So maybe it's part of, you know, an important program with Windows, so I'm going to allow it to connect out.
Kevin, you keep mentioning Internet Explorer.
So I want a frank, honest answer from you.
Because IE is, you know, Microsoft's product, is it better Would you advise people to use another browser?
I don't know, Netscape, or there's a lot of them out there.
Like Firefox, there's Opera.
I'd recommend Firefox.
I'd recommend any browser besides Internet Explorer, actually.
Actually?
Any other than, huh?
Okay, well that's honest.
Yeah, there's been a lot of flaws identified with Internet Explorer, and it's not to say that Other browsers don't have as much flaws.
They're just not going after them as hard, because Microsoft is the million-pound gorilla.
Exactly.
They have the biggest market share, so if you find a flaw in a Microsoft program, then it's going to affect many more people.
Got it.
Got it, got it, got it.
So that's what everybody goes after.
There's no real slam on Microsoft.
In fact, they're going after them precisely because they are so successful, and you've got more numbers, more people using IE, so certainly.
Exactly.
Now with spyware, what I recommend is actually, uh, there's not one spyware scanner that I, that I would say is like, uh, the killer app, so to speak, that will detect any piece of spyware.
I like AVG.
I use that.
Okay.
And it's free.
AVG is free.
There's one that I actually, uh, used in the past called Spycop, which I really liked.
Um, I think the web root has like spyware scanner.
I think Microsoft has a free one.
Um, I don't recall the name off the top of my head.
Well, you know, I'm pretty careful, Kevin.
Honestly, I am.
I'm very mindful.
I don't open, you know, attachments I don't know about.
I'm careful with the websites I visit.
But still, I must admit to you, Kevin, the last time I ran SpyBot, which I think is pretty good, I had like a hundred and something in, you know, pieces of spyware in there.
A hundred and something.
Yep.
It made me sick.
Yep, yeah, because a lot of the companies, the legitimate companies, install programs to kind of track where you're going on the Internet.
Well sure.
Remember the old DoubleClick?
Well sure.
You know, DoubleClick cookie?
Well, you know, they do it to, you know, to advertise things that you will be interested in, so you'll buy the product or service.
Yes.
But, how do you spy where scanners work?
because similarly with the AV scanners, is most of it signature-based.
So a malicious spyware tool would have already had it been detected and analyzed by a lab.
The lab would have had to create a signature, and then they would have had to put it in their database.
And then when their customers update their database Right.
You know, it identifies that as, oh, that's, you know, whatever they labeled that piece of... Well, I notice nearly every time I log on, there's always an update to get.
So this must really be a big business on both sides.
Oh, it's huge!
Literally, about six months ago, I went to Aerosmith.com, and I just went to look at their tour schedule, and I don't know, like 15 minutes later, I get this pop-up dialog box Saying, you know, um, you know, uh, your computer is infected with spyware.
If you, you know, if you want to get this fixed, please click here.
And I'm going, that's interesting.
So I started, you know, taking a look around my system and realized when I went to the Aerosmith.com website, it exploited a vulnerability in the browser and downloaded a, a piece of spyware that they were using to sell me products.
And then what I was kind of angry because what it did is it renamed Oh my goodness.
in the Windows operating system like Notepad and WordPad.
Oh my goodness.
And renamed those files to, well, it actually infected those files, so I could never get
rid of this pop-up dialog box.
So I actually had to reinstall the operating system from scratch.
Oh my God.
Which, you know, took a whole day because I have so many applications and custom things
that I, you know, wasted a whole day of my time.
Gee, one whole day, Kevin.
When I have to do it, it's like two or three days and out of my life, just gone.
And you do it in one day.
Well, you know, my day is probably longer than yours.
I'll spend sixteen hours in front of the computer to do it.
I see.
Yeah, I tend to do the same thing.
Just go and go and go and keep going.
I mean, but it's so sad to have to do.
Well, think about what Sony did with the digital rights management Software that they were secretly embedding in your computer to control access to music and to video.
Wow.
The technology that we call in the field is called rootkit technology.
It's where the operating system is modified in such a way that you can hide files, you can hide processes.
Alright, now let's talk about this for a second.
Whether it's music, Or movies.
I kind of side with the artists and the producers and the motion picture companies on this.
My God, it's going to ruin... I really think it has the potential to ruin the record industry, to ruin the motion picture industry.
The minute A movie gets out.
It's available on the net for download.
Millions of people are downloading, well probably millions, downloading both music and movies before they even get into the theater.
It's a rip-off of these artists and these companies and it's not right.
It's stealing.
No, I understand your position but what I'm talking about here is you have a company A third-party company that's planting software secretly within your computer, that if an attacker understands how that software works, they could use it as a conduit to do evil things to you.
I see.
So, in other words, in an effort to protect, they're opening a door.
Exactly.
Exactly.
And I take issue with any company And if I install, you know, if I put their CD in my system and install some sort of product that is secretly embed some sort of management software without my permission or consent, especially if it's really buried where I can't really see
Uh, see what's there.
Hey Kevin, do we need laws about this?
Or do we have laws about this?
Maybe we do and I don't know it.
In other words, if you produce a piece of software, and whoever you are, and you put something in it for some commercial reason, for your company, a reasonable thing, I guess, to do, um, There's no real law against that, right?
Well, usually I think these companies are able to cover themselves and have very limited liability because in their long license agreements that you click yes to, that nobody reads, they probably have it right in there what they're doing.
You know, you're right.
I've never actually taken the time to read one of those.
I always click yes, sure, I accept the terms and the conditions.
Yeah, I never read one of them myself.
Does it say down near the bottom?
Oh, by the way!
By the way, we're watching everything you do on your computer and every internet site you visit, every keystroke you type, we're monitoring and capturing and using for our own purposes, thank you very much, and you would never know about it.
Yeah, you'd just say, okay.
Exactly.
And that's why it's so concerning with what I was Have you ever used, well let me back up, have you ever went to an internet hotspot and used wireless?
I have, yes.
I've been doing a lot of research on wireless hacking techniques because I'm preparing a talk for when I go to South Africa and I found a very interesting tool that was developed by some really good security researchers and what this tool allows you to do That's freely available to anyone on the internet is you can go into any type of hotspot or anywhere for that matter and you run this tool and basically what it does is that there's a modification that's made to the drivers that drive the wireless card and what it does... Oh my god, I see it coming.
What happens is you as a user are, you know, you get ready to associate, you know, you want to connect to like T-Mobile at Starbucks What happens if you have an attacker in RF range, radio frequency range, what the attacker's computer could be set up to do is when you're sending a probe, looking for that particular access point, this computer sends back, yeah, I'm it, and then hands you an IP address.
Yeah, I've got the picture.
This is horrible.
Right?
And then you can imagine all the potential ability to exploit client-side vulnerability.
Oh, jeez.
How much of that is going on now?
Oh, I'm sure it's happening all the time.
I mean, think about airport lounges at airports.
On and on and on and on, yes.
Right?
You know, think about the... In other words, instead of capturing Starbucks, There's a guy with a computer sitting a few feet away from you, and you're capturing what he's putting out.
He's saying, here I am.
I'm a wireless point.
I'm available.
You're basically a rogue access point, and you're man in the middle.
So what you're doing is you're saying, oh, I'm T-Mobile.
Connect to me.
You're handing that user an IP address, which is now connected to your computer.
Yikes.
Right?
So anything the victim does goes through your system.
You can control what the victim sees or you could be man in the middle
right?
Yeah. Oh my god. Pretty scary stuff.
And you're saying this is a pretty common knowledge among those who do this
kind of thing out there and that there are many of them?
Absolutely. I mean a lot of people that go and buy wireless uh... yes the convenience of buying a wireless router go to
you know go to Fry's to go buy when they install it.
They might think oh I have to be secure so I'm going to turn
on you know what they'll wired equivalency privacy or what they call
Well, let me tell you, a friend of mine in Las Vegas, Kevin, where there's a very high density of hotspots, has simply put a yaggy antenna with a rotator on his roof.
And believe me when I tell you, Kevin, he doesn't pay for internet, ever.
He just rotates that beam around and can get just like any number of wireless points as it rotates.
And he's just using other people, O-P-N, other people's net.
Open, open, uh, wireless networks.
Yeah.
Yeah.
Right.
Oh, I mean in, in cities, I was recently in Washington DC and it's like, Anywhere in this, like, five square blocks, they had, like, public wireless internet.
So basically what they're doing is they're making internet available wirelessly to anybody in the area.
But even with WEP, with their software out there, because of the weaknesses of that protocol, anybody with a laptop and the right software, it just takes 20 minutes to crack the key.
Five to twenty minutes.
So all these wireless hot points are sort of a magnet for modern computer pickpockets.
Only now it's easier and the pickpocket doesn't have to actually put his hand anywhere near the guy's pocket, so to speak.
Right, and you have to think about a lot of businesses.
I was recently at my doctor's office and I turned on my computer And Windows has a thing called the Wireless Zero Configuration Utility.
So what happens is, if it sees a wireless access point and your card is scanning and finds one, it pops up and says, oh, I found a wireless network.
Network, do you want to connect?
So, what do you want to plug?
I mean, is it your website?
Your book?
Both?
What do you really want to hit?
Well, nothing in particular, really.
I mean, I give out my website, you know, for information that I... I post a lot of articles on there.
What's the most interesting thing now on the website is the new FBI survey.
I'll give out the website again for those new listeners.
It's www.mitnicksecurity.com.
I guess I'll mention my new book, The Art of Intrusion, which is really a book that contains stories of other hackers.
It mostly gets into their mindsets and really what drove them to do the things that they talk about in their stories.
I really get into the techniques, the different attack methodologies they use, you know, whether it's social engineering, whether it's, you know, physically gaining access to a building, you know, through some elaborate lock picking.
And then I talk about, you know, how they cover their tracks, and then how we as, you know, business people, government agencies and universities could Mitigate those vulnerabilities.
So that's really what the book is about.
I really wrote it because I was more interested in telling the stories because I thought they were... They really illustrated how these hackers work today.
So that's what I really wanted to do.
Just give people a glimpse into the mindset and the techniques and how to protect themselves.
So that's what I really wrote the book for.
I've got to tell you something.
I have a dear friend.
She came out from Florida.
She called me this morning to let me know she was in Vegas.
When I received the phone call, the number that was calling my cell phone was my cell phone number.
I think we already talked in a couple shows about caller ID spoofing, where it's trivial for people nowadays.
You can subscribe to services on the internet.
You just put in caller ID spoofing.
And then what you can do is you could basically come, or you could appear to be coming from any phone number.
So I get this call, it's coming from my own cell phone number, and then it's this like, you know, this man's voice, and I go, oh, so you're spoofing my number, that's really nice, and thanks a lot, goodbye, and I hang up.
And then I get a call five minutes later, and it's from my friend, and she goes, that was me!
And I go, no, it wasn't, it was some guy.
And she goes, no, that was me.
I was the one spoofing your number, and I'm the one that was sounding like a guy.
I go, what are you talking about?
She goes, well... And this is your girlfriend?
No, no.
A friend of mine.
Oh, I see.
Yeah.
And I go, oh, that's interesting.
She goes, yeah.
You know how, you know, caller ID spoofing became, you know, popular where people could sign up for these services?
Now there's services that not only allow you to spoof the number, but actually will change your voice.
To sound like that of the person with the... Oh my God!
So you could sound like a man?
You could sound like a woman?
I mean, it's crazy.
I was like going, wow, that's kind of interesting.
Well, you would want to sound, of course, if possible, like the person whose number you were spoofing, right?
Exactly.
But I mean, now they're actually building in voice changing capability.
Now, it didn't really sound all that good.
I wasn't really paying attention to the call, but I just thought, wow.
You know, what's the next step from here?
Kevin, that's really a sick trend, you know?
Really sick.
I mean, I can see where all of this is going, and it's not anywhere good.
If somebody just like you looks down the road 50 years, and forget 50 years, if you look down the road 10 years, what do you see the world being like, Kevin?
With respect to doing technological magic tricks?
We're turning into a complete technological society, so... I guess the Unabomber wouldn't like it.
Oh, no.
Oh, no, no, no.
The question is, in another 10 years of development, both by the good guys and the bad guys, what kind of world is it going to be?
I don't know.
I mean, if we watch motion pictures, it might become like Blade Runner.
I think technology is a good thing, though.
Automation helps businesses compile and catalog and make good business decisions.
Of course, technology is like a hammer.
You could use it for good, you could use it for evil.
I guess what I'm asking is, how much farther down the road are we going to be in 10 years?
Isn't this all advancing at a somewhat exponential rate?
Yeah.
I would agree with that assessment.
Uh-huh.
So, in another 10 years, all our appliances are going to be... Have IP addresses.
Won't that be scary?
Well, yeah.
Your refrigerator will have an IP address.
Your pacemaker might have an IP address connected to the Internet.
So your doctor could monitor it, but, you know, God forbid, some hacker would somehow be able to control it.
Oh, good Lord.
So your heart is on the Internet.
I'm just kidding.
I don't think we're going to go that far, but, you know, it's a thought.
Oh, I think we'll go that far.
I think we're inevitably headed in that direction.
Not a matter of if, but when.
Maybe hard monitoring equipment, but I don't think, you know, the pacemaker is going to have, like, an IP address.
I was just kind of, you know, joking around there.
Yeah, I hope you're right.
Wild Card Line, you're on the air with Kevin Mitnick.
Good morning.
Hey, good morning, Art.
How are you doing?
Just okay.
Good, all right.
Kevin, hey, here's an answer.
What do you think about this?
You're a tremendous expert.
A long time ago, I was a old freaker and a cracker.
That was a long, long time ago.
When I go on the internet, Art, I just swap in.
I have a removable C drive.
I just pop out my C drive, pop in another C drive that has all the programs I use.
I keep my data on my D drive.
If anything does happen, which does happen, I don't have to go through 16 hours, 8 hours the next day.
All I do, I have a better solution.
I got the idea. It's actually pretty, pretty interesting.
Right, and who cares?
Hold on a sec. Kevin, would it be possible to put in a very, very, very easy switching
arrangement to put, indeed, a sort of a dummy, don't care what you do to this drive, kind
of drive in there when you go on the Internet? What about it?
Well, I have a better solution. There's a product out there called VMware, and it's
where you have images of other guest operating systems.
So what you could do is with your regular computer being the host, you just have a guest operating system, you boot the guest operating system, and you do everything you want to do, and if anything ever becomes corrupt, you just replace it with the original one, and then you store, you transfer any data to the host.
Well, that's pretty slick.
You know, and if that was kind of technical and people didn't understand it, your host computer, your Windows system, per se, is running a software program called VMware, and then you have guest operating systems under it.
Right.
Kind of like virtual PC.
Yes.
Are you paranoid to be doing enough to be doing that?
I'm paranoid enough to be using a PGP whole disk, which is an encryption product, so my entire hard drive is encrypted.
So everything on your hard drive is encrypted?
Including the operating system, right?
Is encrypted?
Yes.
Oh, you are paranoid.
I guess... I go to airports a lot, Art.
Anybody could lift my laptop.
I guess you would be a target, wouldn't you?
I mean, you're a big name in the hacking world, and so to get Kevin is probably like, I don't know, putting a notch in your mouse.
Yeah, I mean, my main concern is I do so much international travel doing public speaking that when I get searched at the metal detector or whatever, Because I get, you know, I get the unlucky number and then somebody steals my laptop and I have, I have my client's information to protect, which is, you know, very proprietary and confidential and so I have to exercise, you know, due diligence to protect their information and my own.
Got it.
Alright.
East of the Rockies, you're on the air with Kevin Mindick.
Good morning.
Hello?
Going well?
Yes.
Yes, Kevin.
I'm certain that you are aware of it, but maybe a lot of people aren't.
One of the large internet providers that offers the free all-the-virus micro-free and everything, but if you use that, then if you happen to have a song or A friend or somebody sends you a small, like, shooting Saddam or something, but you have to buy it, you know?
You should buy it.
You should go to the site and buy it.
So when you go to use their security checkup and everything, it knows exactly everything that's on your computer.
And they have no scruples about it.
Okay.
I know because a lot of times when it says, you know, after you install something it says you have to shut down and restart.
That's right.
Right.
And then it comes back and the thing, you know, is still there and you have to sign back on.
And lots of times, you know, is ask if you want to register it now when it comes back on.
I usually click no and just went back to doing the graphics, you know.
Okay, well I'm not sure what all of this has to do.
Yeah, what's your question?
Okay, how can you prevent your provider from getting in and I don't know that program, what you type.
I think.
Alright, so she's asking your provider.
Your ISP, your Internet Service Provider.
That's right.
They usually don't have access to your, they don't gain access to your computer, unless you're like a company and you're using like a colo and they're supporting your system because you're paying for it, but the ISP basically is like your conduit to the outside world.
They could monitor any, you know, traffic in the clear, which means it's not encrypted, usually they don't have access to your computer per se
they had it would have no reason to uh... like a pilot child you have a man general is peace uh...
kevin are in a kind of an unusual
Aren't they many times?
In other words, they're approached frequently by the authorities looking for people downloading child porn or financial theft or any one of a zillion different things that somebody might be doing on there.
Yeah, but they have no authorization to gain access to a suspect's computer.
What they can do is they could monitor log in log off times, kind of like a
telephone ped register if you will, and they could also monitor traffic and the only thing that's
going to really be useful is anything that's in the clear that's not encrypted.
Right, but that's still an all.
There's got to be an awful lot of pressure from different agencies to get information from these providers.
Are they in any way protected from giving this information out, or do they just automatically have to do it?
Well, there's different types of interceptions.
There's where they could do a real-time interception, which they would, I believe, I don't know, with the new Patriot Act, if this requirement has really been watered down, what they would need is a Title III warrant, like doing a wiretap.
If they're requesting information from an ISP, which is stored data, like, for instance, your email, I think the only requirement is simply a subpoena.
Because that type of communications is protected less than contemporaneous communications.
Even with PGP, do you worry?
Well, not really.
An attacker could plant a keystroke logger on your computer, so if you're typing in your PGP passphrase, they capture it.
Okay, well here's the reason I'm asking.
Because there were a lot of rumors, Kevin, maybe you can nail it down for everybody listening.
There were a lot of rumors that PGP... Had a backdoor?
Well, not... It's a specific rumor.
Not that... Here's the way it went.
That the first Maybe the first PGP that was written is essentially unbreakable, and does not have any kind of backdoor, and that successive ones were, in some way, perhaps compromised.
Is that rumor true or false?
I don't know, but I know that Philip Zerman, I think, worked on PGP up to like version 2.3, but I'm not really all that certain.
But then you had companies like NAI and then PGP that developed the applications, and I think they're closed source.
Yeah, I think it is closed source.
How unbreakable is it?
Well, the way to make crypto is not usually to go after the algorithm or the brute force, the key, because there'd be too many possibilities.
But usually the implementation is incorrect and you can find ways of getting around the crypto or getting to the information without necessarily having the key.
It's not like with the Enigma machine at Bletchley Park where you're going to have teams of people trying to crack the Germans code.
What you have is poor implementations.
For example, remember old Peter Norton?
Oh yes.
Okay, well they had a program called Discrete in one of their older Norton Utilities packages.
Discreet was where you can create a virtual encrypted drive.
So, a friend of mine actually had the access to the source code of Discreet, and I looked at it and realized that the programmer who wrote the application screwed up.
And the actual... It was supposed to be using a 56-bit DES key.
DES stands for Data Encryption Standard.
It was the standard by the U.S.
government.
Anyway, the way that it was coded, because of the error, It was only a 30-bit key, and a 30-bit key could have been brute-forced by, you know, government agencies at the time, or even... Well, okay, the good PGP you're using right now, if the NSA had to crack it, do they have the computer to crack it?
I don't know if they have the capability.
I don't know what the NSA's capability is at this point.
Do you have a guess?
I think it's unlikely.
I think what they would do is have operatives that would try to get the key some other way.
Really?
Yeah, I don't... Well, there might be... I'm not a mathematician, so I haven't studied the algorithm.
I probably don't have the background in higher mathematics to really analyze... Have you heard any credible rumors that it's been broken?
Or is the standing rumor that it has not been?
I haven't heard anything on the street, so to speak, that it has been cracked.
But what PGP does is it uses public key cryptography, the Rivest, Shamir, and Altman RSA, and you're using a public key cryptography to create a key, a fixed key, so to speak.
And then this key is Transmitted to the other party and then they're able to share.
I'm trying to explain it where it's not complex.
But in any event, there's two algorithms involved here.
The RSA algorithm and the actual, the real session key that's being used.
There's another algorithm.
And I don't know of any weaknesses in any of them.
Don't you think though that if our government could not break PGP, There'd be a law against its use.
No, but I think if they could break PGP, they'd never let the public know about it.
Well, thank you very much.
I guess that's where I was going.
That's exactly where I was going.
No, why Art?
Because when I was busted for hacking, I used PGP.
Oh?
And they couldn't crack the key.
So it became a big issue in my court case.
You're sure they never did?
Well, I don't think I was an important enough target for them to even trust.
well that's a good point certainly a fascinating individual kevin mitnick and his
book is current book the one you might want to look for on amazon
is the art of intrusion Thank you.
That's a good title.
The Art of Intrusion.
How'd you come up with that?
Well, my first book was called The Art of Deception.
That was the book on social engineering, and the reason I named it The Art of Deception was paying tribute to Sun Tzu's Art of War.
Because wars are won through deception, if you recall the treaties.
Oh, yes.
Oh, absolutely.
What do you think of the Google thing in China?
Censorship at its best.
Yes, so I've heard.
Explain everything to them.
Well, Google obviously has a presence in China, however the Chinese government has required that Google censor, obviously censor certain types of materials from the search engine, so Google is Apparently fully cooperating with the Chinese government because, you know, it's a profit center.
And they want to be in China.
I don't blame them.
That would be an awfully big thing to refuse.
Yeah, imagine, yeah, because the Chinese population is quite large.
Do you have any, can you give us an idea of the extent of the censorship?
I don't know.
I have only acquired this information through what I read through the press, but From what I recall from like a couple years ago, there were some tools that people in China could use to bypass the Chinese restrictions.
Like, for example, they would be able to, a user would be able to connect to random volunteers' computers, you know, throughout the world.
And I think it was run By a company that started an anonymizer called SafeWeb.
And what this allowed you to do was they were able to proxy their connections through what we call a peer-to-peer network so they could bypass all the Chinese restrictions.
But I don't think that service, I don't think that exists anymore.
I forgot the name of it off the top of my head.
So, you're telling me there really is a way that a country, like China, can get away with censoring the internet?
Apparently so.
They censor the internet for their... What I mean is, the standard, the average user that's not going to attempt a bypass The censorship restrictions, if they try looking for particular information in Google, it's just not going to come up.
If I'm in China and I put in Tiananmen Square, what do you think I get back from Google?
A 403 error.
403?
I'm just kidding.
403. I'm just kidding. Page not found. That's a 404.
Access is restricted.
Oh God.
No, I guess that'd be too obvious.
Page not found actually would be better.
Maybe a link to one of their re-education camps or something.
Your name.
Yeah, and a cookie.
And a cookie and some milk.
There you go.
First time caller on the line, you're on the air with Kevin Mitnick.
Hello.
Hello, I'm a first-time caller from Edmonton, Alberta, and I would like to know what his opinion is of the operating system OpenBSD.
Well, I actually use OpenBSD, so I do like it.
Oh, OK.
Oh, by the way, for the listeners, OpenBSD is a Linux variant.
Well, not really, Len.
It's really BFD Berkeley.
But it's a Unix variant, correct myself, that has been developed with secure coding practices in mind.
So the operating system, the way it's coded, the way it's reviewed, is much more secure than the standard Unix.
A lot of people who are really into computers that I know just absolutely love that operating system.
So, wildcard line, you're on the air with Kevin Mitnick, hello.
Yes, hello, my name is Eric and I'm calling from Kearney, Nebraska, currently an undergraduate major in physics at the University of Nebraska, Kearney.
My question to Kevin Mitnick is, can you hear me Kevin, first of all?
Okay.
My question to you is, have you done any research into quantum computing or looked at any of the certain types of security aspects that seem to be possible with using quantum mechanics to make computers more secure and more user-friendly?
Alright, well, you know, I wasn't aware that quantum computers had yet existed on Earth.
They're theoretical, I think, Kevin.
Yeah, the only thing I've read on quantum computing had to do with encryption, and this was a hypothetical article that was written, I think, like two years ago.
But I haven't really looked into the issue of quantum computing lately.
Having said what you said about PGP in your experience a little while ago, do you think that if the target Was it really worth it, from a national security point of view, that we could cut through PGP like a hot knife through butter?
Well, remember, again, PGP, the public key cryptography, it's using an asymmetric encryption to create... The whole idea, the problem is, if I want to communicate with you, Art, and I need a secure way to send you the key, So you could encode information and decode information, right?
So the whole reason that public key cryptography came about is a way that I could securely send you the key.
Right.
So the underlining algorithm isn't necessarily PGP.
There's several algorithms the user can choose from.
I've got that.
Again, my question stands.
Could the government with enough resources crack Any key?
Absolutely.
Irregardless of any, I don't think so.
Can a Cray or its offspring, whatever we're currently using, do they have enough power?
And it's just a matter of enough computing power, because eventually... In other words, can the U.S.
government brute force a 1024-bit key in a reasonable period of time?
Well, first I must say, I don't know the government's capability with distributed computing, but I really doubt it.
You really doubt it, don't you?
Yeah, I do.
Well, that's quite an endorsement.
All right.
Easy with the Rockies.
You're on the air with Kevin Mindell.
Not with PGP, but with encryption in general.
All right.
Hello.
Okay.
Thanks for taking my call.
Sure.
This is Rick from Virginia, and I was calling regarding where you'd mentioned earlier about the phone freaking.
Right.
Well, I'll be able to call people spoofing and change your voice to a woman.
Right, right.
Well, by the way, Art, regarding you calling some of the South African numbers, I have your email the same as always?
Yes.
I want to send you a phone number.
I'll just put it in the subject line of the email.
It might be a couple weeks before I'm back on the net, but I'll send you a number to check out.
By the way, that site where you can do that is called spoofcard.com, if you're interested.
I might want to oppose as a woman for some reason.
You seem to really like that.
I like giving out good information.
Caller, pose your question.
We could use the spoofing to call the Coast to Coast Show more often.
Either ask a question or I'm pushing the next button.
OK.
Kevin, in the 70s and 80s, you know, a lot of the focus was on the tricks with the telephone and that sort of thing.
And with the focus now primarily on the Internet, in a way, it seems like the phone freaking tricks are making a comeback because a lot of people are not aware of them.
Uh, that sort of thing, where you can actually take over someone's phone, uh, service, and that sort of stuff.
Alright, alright, we've got it.
Alright, so, yeah, Kevin, is, uh, phone freaking making a kind of comeback?
Well, if you remember the movie War Games, you know, back in the 80s, you used war dialing, right?
Oh, yeah.
To find modems?
Absolutely.
Right, but I would make it analogous to wireless networks.
It's like, with wireless today, it's like plugging in one of these old 46 megahertz cordless telephones.
Right?
Where anybody could listen in.
Sure.
When you plug in that wireless access point, it's like the base unit to a cordless phone, which anybody can, you know, become a handset.
Well, again, you're rushing into better technology.
He was asking if the old-style phone phreaking is making any kind of comeback.
Whether you know anybody out there still doing it.
Well, it's being done all the time, and that's usually defraud companies by gaining access to their PBX.
And making fraudulent calls to Afghanistan.
Right.
Or, you know, to Argentina.
So, you know, people that are doing phone fraud, it still exists.
Now, of course, if you want to extend phone phreaking into voice over IP... Well, my question is bigger with VoIP.
It's this.
Is voice over IP going to ruin phone companies?
I think phone companies are going to start to embrace it and use it as a profit center.
I don't think it's going to necessarily ruin them.
I'm waiting for... Well, it's going to ruin their current rates.
Oh, yeah.
That's for damn sure.
It's going to be... Well, again, that's with cellular.
Remember the cellular rates were $1 a minute 10 years ago?
You know, now they're next to nothing, but the cell companies are still making, you know, oodles of money.
That's true.
But they're hardly being hacked, or are they?
No, there's already tools out there, too, if you're in the path where you could intercept a voice call and listen.
No, I meant, how much hacking are the cell phone companies experiencing?
Quite a bit.
It's not like the old days of, you know, of cloning a phone by getting somebody's electronic serial number and mobile number.
That's the old ways now.
You know, people are usually using fraudulent credit cards to add time to prepaid phones.
Right?
So they go on the, you know, they go to Verizon.com or whatever it is and they get a fraudulent card and they, you know, and then they add a hundred minutes to a phone that they bought at 7-Eleven or whatever.
This is such a war.
Right.
You know, drug dealers, you know, and maybe even terrorist operatives, if you want to go that far.
But, you know, they want disposable, untraceable phones, so they use stolen credit cards to, you know, to launder their coal, so to speak.
Boy, if you're going to be a good thief these days, you've got to be very technological.
Well, technology makes it easier to steal.
I mean, it's just, it's so, technology has really I mean, that's kind of stealing a line from Frank Abagnale, the guy, you know, catch me if you can.
I mean, in his business of check fraud, it's certainly made check fraud, where you can manufacture checks on a laser printer, much easier.
But also, technology has made it easier to get access to information, to do fraudulent transactions.
I mean, it's just...
You know, again, it's helped the world in one respect, but in the other respect, people have used it for unethical purposes.
Got it.
West of the Rockies, you're on the air with Kevin Mitnick.
Good morning.
Good morning, Gary.
KSMA, Santa Maria, California.
Yes, sir.
I'll make a short, cogent statement here and see if Kevin agrees with me.
According to the FTC and the FBI, and it only appeared about 10 days ago and immediately disappeared off the national news, Cybercrime and identity theft has now exceeded the drug trade as far as profitability.
And then that story, it's hard to find all of a sudden.
And you're saying, sir, that it... I'm sorry, it appeared where?
The statistics came from the FTC and FBI.
Yes, and you saw it where?
On the FTC website.
Wow.
Federal Trade Commission website that identity theft, in particular cybercrime in general, had exceeded that profitability of the entire drug trade in the United States combined.
Well, that's astounding.
Do you think it has a chance of being true, Kevin?
I don't know.
I mean, drug trade is extremely profitable.
I doubt it.
That, uh, I believe that identity theft and computer crime are contributing to, you know, very large losses, but I don't think it succeeded.
But then again, I don't have the numbers.
I'm just, you know, using gut instinct.
Um, but identity theft, you know, this is another, uh, I mean, it's so easy because of the system here in America for people to steal identities.
It's, it's not the, the consumer or you and I can't protect ourselves.
How could, you know, our information, It's already out there on the internet and on databases just for the asking.
And then people can go out and obtain certified copies of our birth certificate.
Kevin, should everybody have a shredder?
Oh, I believe so.
I mean, going through your trash is just one way, but I mean, the information, the milk is already spilt.
And all you need to do to create identity in America is just have knowledge of information.
That's it.
Yeah.
That's what's scary.
Yeah, and it's terribly true.
I know.
And the best thing that we can do as consumers is to guard against our identities.
We can't prevent it from our identities getting stolen, but what we can do is detect it.
And one of the best things to do is really monitor the three credit bureaus, TransUnion, Equifax, and Experian.
And any time you have an inquiry, any time there's a new extension of credit, That's opened under your social security number or whatnot.
Yes.
Immediately, you need to be notified in real time.
I mean, if the credit reporting agencies could do that, you know, that would really, I think, give us an upper hand.
All right.
One more, I think.
You're on the international line.
Good morning.
Hello.
Hi.
Oh, hi.
I just had a real quick question.
I'm calling from Winnipeg, Manitoba.
Okay.
It's a simple question.
I was wondering if your ISP is capable of monitoring what you search on, like a search engine?
Okay, that's absolutely a good question.
And we sort of answered it, but Kevin?
Yes, they are.
If they want to, usually when you're using a search engine, you're just using You're just using web, you know, HTTP and unencrypted communication?
Yes.
You're just accessing their web server?
Yes.
Without encryption and your ISP, if they want to, can intercept and capture.
And that leads to the other controversy involving the federal government issuing subpoenas to Google for certain types of searches.
Another can of worms.
Boy, well, this is nothing but worms.
The worms are falling out of the can!
Your computer will become part of that army for spam and evil, right?
That's why we've got to protect ourselves.
Have antivirus software, backup our computers, have a resilient firewall, use spyware utilities to scan our systems, patch our systems, turn patching on so you Anytime there's a security update, you're patching your system, keeping your operating system up to the latest release.
And we have to do these things on a consistent basis to really Maintain a safe environment.
I'll tell you, listening to you is enough to make a person reach over and turn their computer off!
Just turn it off!
Well, hopefully they won't turn their radio off.
But you can't really do that.
I mean, today, in modern America, Kevin, if you're not computer literate, if you don't have a computer, if you don't know how to use it and are fairly competent with it, You're just... You're lost.
You can't participate in a lot of modern America.
It has become, not a luxury, in my opinion, but in modern America, a necessity.
Oh, absolutely.
You have to have a computer!
I mean, kids in elementary school are learning computers.
I mean, I didn't get to touch my first computer until I was a senior in high school.
Well, see, that's... Imagine if I started younger.
It's like the story about Catholic girls.
There you go.
Listen, buddy, it's been a pleasure having you on the program.
It's always great to be on your show, Art.
You're the greatest.
It's always fun, and we will no doubt do it again soon.
Have a good night.
Export Selection