IATC - Hack the Future - Keren Elazari

now or do we have time y okay yeah so Karen elazari is GNA come up next um she's an awesome speaker uh she spoke for us last year she spoke at Defcon last year she's spoken at several Ted conferences so I think you're going to be really excited and uh she's got something special to say at the very end so make sure you stick around yeah there'll be little surprises throughout the day but listen guys and girls while we get set up it's going to take me a minute with the cables and stuff I want to offer you a chance to have some exercise so there's upgrades to first class today lots of seats in the front row you see

the talk you'll enjoy it more and uh you know just get up move around stretch your legs move your [ __ ] I might be amusing but it's not a standup so I'm not going to make fun of the people in the first row so I promise I won't make fun of you if you come and sit in the front you're very welcome feel free and I have another request housekeeping request can we keep the door just open and have people come in and out because it's way more distracting to hear that people trying to close the door and not you know failing at closing the door so let's just put this here and I'm going

to let The Magicians take care of that stuff I'll get miked up in a second here's the clicker also um and uh there's going to be something pretty special happening at the last couple minutes of the talk so y'all want to be sticking around for that because it's something never before seen and never to be seen again maybe so all right um you get that stuff set up looking good looking good um mic I need the lab

mic one two three testing one two three guys at the back row Martin can you hear me are you hear me from no you can't hear me it's not coming out okay how about now how about now 1 2 3 4 5 6 78 you feeling good you hearing me in the back row everyone because I'm GNA speak loud so we can have the door open and you all going to hear me even if you're all the way in the back row so I need the people at the back row to let me know if they're hearing me or not yes you are okay uh another second to get this stuff set up we need this stuff

power flag is good yeah that's going to be there there okay if I need what let's just plug it in man thank you muchas gracias and the audio is going to come into here so we need to have the audio coming into here so we have audio but it's at the very end can you connect it man thank you okay guys uh and is this the way the projector is supposed to look like which is a trap oid shape sort of trapezoid shape okay let me get over here yes good good yes good this is working okay um we we test the the sound later okay guys and girls boys and ladies gentlemen and creatures of other

genders kinds types and races thank you so much for having me here today I'm extremely excited to be here today and it's actually not because I love hackers and bides and Vegas it's actually because I was nearly blown up on the way over so uh this is not a a mock picture actually I was on this flight tk79 flight from Istanbul to San Francisco and this flight had an actual bomb threat and uh we had to do an emergency landing we had the Jets escorting us over Poland we dumped all the fuel it's a Triple 7 heavy coming over the Atlantic so it had to get rid of of all the fuel before we could do the

emergency landing uh the captain of the flight made the decision to do the emergency landing uh it was kind of freaky I was kind of you know very nervous about it and we had the fire trucks and the Polish SWAT teams and the dogs sniffing out all that you know a whole that circus happening on the jet um on the jetway in Poland so and all of this happened not because of somebody hacking in into the airplane it happened because the captain actually thought it was an Isis bomb uh they found a cell phone on the plane and the captain made a decision you don't have to I mean you can make an airplane crashing if you

like but you don't have to make a character of it anyway this is the reason I'm actually very very happy to be here because the captain actually thought it was an Isis bomb and made a decision to do the emergency landing it's the first time that's ever happened to me if it's ever happened to you I hope it never does it's very scary so I'm very happy to be here today because I am alive and I didn't get blown up to Pieces uh however when I got into Vegas to add insult to injury uh somebody stole my bags and uh I don't know if it's the DHS the FBI the FED other you know threel agencies but all they took

was my deodorant and my um backup SD cards and everything else was intact so either it's a plot to disrupt deodorant Defcon or it's a plot to disrupt other stuff I'm not sure I guess we'll find find out and maybe I can find my deodorant as well uh if not I hope I'm okay sming so uh here's the thing planes this is actually it it really happened to me but this story ties into what I'm talking about today planes flying over the ocean is a real thing and they can actually still get blown up not because of you know United or because of Chris Roberts poor guy or you know great guy and you know lots of compliments and and

other superlatives uh actually planes still get you know threats and real bomb threats and get blown up and this really ties into what I want to talk to you all about today actually um jump right in there okay so I don't know if you can see it but I want to talk to you about how our world is made up of bits and atoms right that's kind of clear I think it's a statement kind of clear and for the past 20 years in information security we've been all about protecting bits data right and Di and information and that kind of stuff now um did I just all move CU I didn't move it okay I have to watch out my

slides have a mind of their own this guy is Nick ne Negron from the MIT media lab 20 years ago he wrote a book called being digital and he said one thing which stuck with everyone he said in 20 years it's not going to be about the atoms and the molecules it's all going to be about the bits and the bites and in a way I think we can agree that you know he's got a point there but guess what we still have the atoms and actually now we have more bits controlling more atoms so that's very abstract but what I mean is that we have more ways to use information to disrupt physical reality and that's why I like

what I am the Cav is doing because I think it's all about the physical stuff it's all about the physical cybernetic you know uh atoms that could ruin your day of course bits could still ruin your day if you are a member of the Ashley medicine dating Community I don't know if you all heard about this uh this happened last week I think I was actually on CNN right after this moment talking to Brook BW in The Newsroom she actually introduced me as a cyber hacker that's the first time that's happened to me so I'm now you know put in my intro once called cyber hacker on CNN I think maybe that's why they stole my luggage

anyway uh Ashley medicine dating site you don't know it maybe their tagline says it all life is short have an affair life is short have an affair they have 37 million Anonymous users turned out not so Anonymous after all all so yes bits could still ruin your life information could still your still ruin your life secret stuff could still ruin your life and you know um Sony Pictures had a massive leak last year pretty terrible stuff for the Hollywood industry but pretty great for shaliz terone Academy Award nominated actress because she was able to negotiate a fair fee uh an equal fee for her next uh gig starring in Mad Max if you haven't seen

a great movie because she saw in the email leaks from Sony that she was not getting paid the same way as the guy actors so these leaks what they tell us is that secrets are going to get out there at some point and it could ruin somebody's day but it also could do some good stuff and that brings me to why people are so afraid of hackers we are hackers and what happens is that a lot of the times the [ __ ] that we do shatters people's illusion people think they're living in a safe World they think they have privacy they think they have secrets and whether the secrets are on Ashley medicon or they're

on Gmail or you know wherever their secrets are actually I don't think they have any secrets from these guys because these guys don't charge money for the service right you don't pay to use Facebook WhatsApp or Instagram what you pay with is your information you pay with your choices your decisions the stuff that you do the places you go to the people you like the people you don't like all of that stuff that's actually worth a ton of money the movies you you you enjoy watching Ing and interacting with actually did you know that if you upload something to YouTube it kind of belongs to them and it's it's kind of crazy if you look into the rules of what

it means when you upload video to there so all of this is happening because if you're on the internet and you're not paying for something there are good chances you are the product right if you all heard this one before maybe some of you okay are you aliens are you awake yes some of you good all right so basically this is all happening because of what our good friend Miko hippen and likes to say oh look I have a fire fire thing in the middle of my slides I just realized this is there way we can move a little bit the projector so it's not on this or can you see it okay you can see it okay so I have read

and accepted the terms of use this is probably the biggest lie on the interwebs because nobody has read and accepted I mean nobody has read them they just accepted they click through even us who are hackers and you know minded individuals we never read these terms of use anyway now I have a sister who is a lawyer and she tells me about this stuff and she says you know what it's crazy the stuff you're all accepting she's not a hacker she's a she's a lawyer like I said and she's she's done her master thesis only about the stuff that we are all agreeing to do so we're agreeing to do some crazy stuff and this is what mik hippen from F

secure calls the biggest lie on the interwebs and basically here's the reality our information is worth a lot of money everybody's information is worth a lot of money and maybe maybe we don't really have a lot of Secrets anymore not us not the other people so really maybe the future of cyber security is not about secret information it's not about keeping things secret it's not about privacy or it's not just about privacy and secrecy I know this is a little bit of a a controversial claim here but you know stick with me for the l i more have a coffee I'm going to I'm going to suggest also the flip side of that statement if there are no more

secrets and if our information is worth a lot of money and it's worth a lot of money to the big guys governments and corpse it also means that with the power of releasing information you know one person may a couple of people can change the world they can influence governments they can maybe uh take down a corrupt CIT or you know uh help sh terone get an equal pay in her next movie which is great for Hollywood actresses so maybe maybe just maybe in a few years in this reality where there are no more secrets maybe with the help of some hackers the governments and the corporates will be as transparent and as exposed to us as we are to

them maybe it's one idea and as you all know this is something I I mention a lot about a 100 years ago Supreme Court Justice brandise here in the United States he said that there is no better disinfectant than the light of day and that releasing information is a cure for many social illnesses and I very much liked that that idea 100 years ago but I think it still makes sense so it's not about Secrets it's about a way of life it's about our atoms it's about the things that we're going to trust so I just wanted to get all that information and secrecy stuff out of the way before we move into the physical stuff and the

physical stuff could be one of these boats $80 million super Yak you know sailing on the Adriatic Sea stop me if you've heard this one before you all heard this one before no okay $80 million super Act about a team of researchers from a University of Austin Texas using some GPS spoofing and a laptop worth like a thousand bucks can send it veering off course so it is bits controlling atoms information controlling physical reality and it's the same stuff the same stuff that they use to take this Yak off course same stuff they use to crash land the Drone and it's not new stuff they did it a few years ago at the University like I said

University of Austin in Texas so what's happening here with a th000 bucks you you can take down a thousand bucks worth of fiberglass or $80 million worth of fiberglass that's a little bit scary so why is this happening it is happening I think because of two reasons one is Convergence and the second is multiplicity and I will explain when I talk about convergence for years people told us that very soon we're going to have one device that does everything you know if you probably seen those images of how people used to have like a camera and MP3 player and a personal digital assistant and I don't know like a fax machine and now it's all in your iPhone

or something like that so everything is converging the technology is all coming together and we are told that this is you know going to keep happening so at some point you're only going to have one operating system you know one major computer programming language but this is actually [ __ ] there's actually more and more and more stuff and more and more types of Technologies being connected and created every day so it's not convergent at all it's actually um very diverse uh but at the same time we still have a lot of core things which are shared among everyone and these are very vulnerable things and what do I mean by that uh thank you all by the way for for

joining this session I hope I'm making some sense because my brain has been very frazzled and I've been on a bomb threat and coffee and jetl and it's like the perfect storm in my brain right now so I'm happy that actually there are people here okay let me ask you all you all came over from all kinds of parts of the world you all speak a few languages I'd imagine what would you think is the most popular language in the Galaxy right now Mandarin I heard another one Cobalt Cobalt okay good one good one other guesses C++ C++ so actually guys and ladies math math well math is good but it's kind of abstract so I'm actually

you're right but it's kind of abstract so I'm actually talking about software language not a big surprise there and it's more more popular than mandering and English combined and this is of course Java so Java is on billions of devices yeah God help us all and this [ __ ] has been around for years and we're still finding like zero days like every moment and the stuff is not running like on laptops and web apps right it's running like ATMs and medical devices and cars it's freaking running the Java the Mars Curiosity Rover on Mars I mean it's part of the OS it's not the only thing running it but it's part of the OS

so it is convergent everybody's using Java but it's used for like a bunch of multiple different stuff so can we protect robots on Mars the same way we protect mobile apps is it the same kind of mindset I'm not sure so this is like where the problem gets really complex it's not just about information it's not just about Secrets it's about the safety of this [ __ ] which is a laser Ro you know laser firing robot on Mars and it's you know tweeting about it so it's also about the safety of its Twitter feed same thing but but all using Java but the problems are different so I hope this brings to home the complexity of

the problem that I'm trying to to bring through here and all of this stuff these are the past um in the past 25 years this is what source Fire have uh released in a report a couple years ago they looked at 25 years of vulnerabilities these are the most uh the environments in which most severe bugs were found so of course you could say it's the most popular ones people find the bugs there they don't look at the unpopular stuff well maybe that could be true but we're still using the stuff and a lot of it is very very vulnerable and we're still using finding more and more bugs even though we've been had 25 years

of finding bugs and this stuff we're still finding more bugs and now all of this [ __ ] is connected to this new [ __ ] and all [ __ ] uh pardon my French by the way sorry if I'm hurting anyone's feelings with my uh yes your feelings Ian me oh you're so so gentle you're kind White Rose in the middle of the desert I'm so sorry have a drink yet over it so uh this new stuff and old stuff you know GSM is not new GPS is not new RFID is not so much new you know this stuff is not very much new some of it is old but it's connected in new ways

never before connected in new ways to stuff running this stuff so this is the complexity of the problem I'm talking about it's not about Secrets it's about bits controlling atoms I think I'm starting to get the message through to you guys and of course we have all kinds of vulnerabilities every day and all kinds of you know poodles and shell shocks and heart bleeds and you know stuff they haven't found a cool name and a logo for yet I'm actually waiting to see if Marvel is going to do a superhero movie where the characters are Sofer vulnerabilities because if they can give the lead part to a like a raccoon in a tree and you know I think heart bed

deserves it own movie you know yeah here's hoping right so uh I actually recently baby oh oh it's Bandit hi I hope you're enjoying the talk honey he's so sweet that's Grant's baby baby Grant Grant's baby hey hello hello um it's very it's actually first time I had a baby in the talk I mean not had a baby like I said it might be amusing but I'm not going to make fun of you guys don't worry uh okay so we keep finding bugs bugs will be around as long as humans write code and create technology we'll have more and more bugs and actually companies are under severe pressure to put new technology out there faster than ever before and connect it

to a bunch of other stuff so is there is no way even if they had the best intentions in mind even if they had like a fantastic security team even if they didn't have governments forcing them to put back doors in it there's just no way they're going to secure all the things it's just not going to happen it would be naive of us to expect this to happen and this is why the world needs hackers this is why the world needs hackers because governments and companies and the people running all of these Technologies they might find some of this stuff and even if they're really kind-hearted and you know they want to make this stuff secure and they don't

want to put any back doors in it well guess what there's still going to be a couple of those so that's where hackers come into the pictures and and I think that's like basically only hackers can actually be that solution so this is an idea year I previously discussed and called it the immune system for the technology age or the internet I think hackers are part of the immune system it's about finding the problems and making you know making the problems go away by sparking a solution barnab Jack said sometimes we have to demonstrate a threat to spark a solution I'm very much inspired by that I think that's very much uh you know within the spirit of

I'm the caval but I also want to you know I I want to go back to that in a second so this is an idea I actually presented last year at something called Ted and uh maybe you've heard about this event it's a little bit of a big deal for me because the people on stage were like Bill Gates and and Snowden via robot and me so that was weird but look I almost got it to say lit so I almost got the view count to say lit now I have to say I didn't mess with the view count it's totally organic and I guess at some point it did say lit but uh you know I was very

hopeful uh to get the message out it looks like it did get out so my message about hackers being the immune system kind of became viral in its own Spirit if you go to RSA or blacka you'll see five different companies talking about the immune system of the internet uh which is you know good and bad I don't know I think hackers are the immune system of the internet and not like a security company uh but I can't sue them for you know spreading this idea onwards because that's kind of counterproductive so I want I want to go back to something which I think is important to all of us I think everybody's thinking and talk

about this Jeep hacking stuff right and it's so complicated to even talk about without offending anyone's feelings I just want to say one thing about what is sometimes called um stunt hacking okay I don't think it's a bad thing personally I think it has some impact uh but I think one of you know probably the biggest impact of this stuff is that for people outside of our world they start prioritizing control and trust and safety of like the atoms over the privacy and the secrets of of the bits and maybe it's okay that they prioritize this stuff for a little bit because the atoms have not had the same amount of attention as the bits that we as an

industry have been giving them however uh you know to put things in perspective I don't think it's just about atoms or just about bits or to make it even more clear we cannot choose one or the other right we cannot just choose to protect this stuff and not protect this stuff it is connected inherently in a way that never be separated we're only going to get more wired and more connected and this stuff is going to be like on the moon and Mars and you know but here in my pocket it's all the same stuff and so what can we do about it a few things I suggest we can do before we move on to

the more exciting part of today's presentation which is going to happen in a couple of minutes something pretty special uh a few things we can do we think about the atoms not about just secrets we keep thinking about them and this is what I am the Cav is pushing forward protecting the physical reality stuff I think it's critical that we talk about it all the time I sure talk about it all the time and we try and find all the bugs like we help work do what we can to make more bugs known because we got to make the Bugs known there's no better disinfectant than the light of day right this is very important and

think about an ecosystem think about the fact that there's no Islands in cyber security maybe Richard Branson the guy who started virgin maybe he has a private island to which he flies with a private jet and he makes all his calls on his private Virgin Mobile network which he owns and you know he has everything set up privately that's one guy for the rest of us we got to figure this [ __ ] out unless you know you you know become one of Richard Branson's slaves guests at the island and then you're good to go um I I was actually offered a trip to this island it exists uh they have a Bitcoin conference happening there uh I declined politely

so This Is Us guys this is how the world sees us and you know what it's kind of scary but it's also how we got to be we got to be armed to the teeth we got to be working together we've got to be you know making a difference in the world and we also got to make other people be like us or understand us and we gotta take this very scary image which I put in Lego to make it a little bit less scary okay actually somebody else made the image I didn't make it but you know Lego people are less scary so maybe if we are like this but we are Lego people

people can relate to us more I hope that makes sense now before we move on I want to just bring home one last point it's really up to us here in this room the covery is not coming we are it we totally are it so guys that's a big responsibility the future is all already here this stuff is already happening it really is about us if we can save this future or not so um thank you for listening and participating no no applause yet please I want to ask you if you want to see the next part so oh I just realized I totally skipped my introduction about who I am but you don't need to know that I

mean you can Google it or something I don't have a Wikipedia page but you can figure it out so actually a lot of yeah I guess uh a lot of what I am about is because of this woman and I think for a lot of people it's like this Angelina Julie in 1995 film hackers as acidburn I was 14 when I saw this movie and I was inspired just deeply inspired keep keep the door open guys just keep the door open I'll speak up loudly keep the door open thank you it's very distracting the you need WD40 on the door you know what it is okay so this woman inspired me to be like a hacker and to think about it as

something which is a good thing I never for a minute when I saw this movie I never for a minute thought the hackers are the bad guys I only thought the hackers Were Heroes and that's what I keep thinking for the past 20 years so this movie has done you know quite a lot of impact you can make fun of it or you can admire it like I do but the movie has made an impact Angelina Jolie has made an impact on the cyber security industry I think an undeniable impact and so this movie just had its 20th anniversary and I had a crazy idea a few hours ago actually uh 72 hours ago somewhere in Sebastapol in Northern

California where I was camping out with a bunch of hackers at something called Fu Camp which is an unconference and I came out there and I just had a crazy idea I realized hey it's 20 years for hackers let's do something cool let's make a fan version of Hackers from 1995 and this is a fan version in the spirit of what is called sweding movie if you don't understand this it's from a Michelle gondre film called Be Kind Rewind where they actually have a video library and they lose all the videos and they have to recreate the videos themselves because people want to rent Ghostbusters so they recreate Ghostbusters with aluminum foil in the library and they call it the sweded

version of the movie and it becomes more popular than all of the other stuff so we tried to make a sweded version which means it's a mashup cover version redo You Know Remix uh it might make more sense than the original plot it might not um there were a lot of people involved actually like 30 people involved some of these names you will recognize and I'm going to let you I mean I suggest you stick around for the credits role at the end of the film that we may see in a minute because there's a lot of people you might know and love or hate you know um spoiler no no spoiler you know what let

you find out for yourself uh just before I screen this to you guys I want to say this is a like totally a labor of love that these 30 people made happen in 24 freaking hours between Friday night and Saturday night after I nearly got blown up on a plane so if it's kind of crazy you know bear with us it's wacky I think maybe it's adorable who knows it's never before seen footage and it will never before never after be seen again unless it gets licked I mean uploaded to the interwebs uh but at this point my friend at the console hello I'm speaking to you I need to stop the video filming so thank you all for watching