1 00:00:00,120 --> 00:00:02,679 Hey. This is Jason Edison from Intel techniques, 2 00:00:02,919 --> 00:00:05,960 and you are listening to, firewalls don't stop 3 00:00:05,960 --> 00:00:06,359 dragons. 4 00:00:14,579 --> 00:00:17,046 Hello, everybody. Welcome back to firewalls don't stop 5 00:00:17,046 --> 00:00:19,293 dragons. I'm your host Carrie Parker. Today we 6 00:00:19,293 --> 00:00:21,207 have episode 386 7 00:00:21,207 --> 00:00:22,881 for 07/22/2024. 8 00:00:23,280 --> 00:00:24,954 And, man, do we have an amazing interview 9 00:00:24,954 --> 00:00:26,230 for you today? I have been looking forward 10 00:00:26,230 --> 00:00:27,438 to 1 for a long time. 11 00:00:28,391 --> 00:00:30,219 There's been some, honestly, There's been some great 12 00:00:30,219 --> 00:00:32,206 interviews this year if I say so myself. 13 00:00:33,159 --> 00:00:34,923 But this is this a really fun 1. 14 00:00:35,242 --> 00:00:36,855 Jason was an amazing 15 00:00:37,310 --> 00:00:39,696 interview guest. And the topic matter I think 16 00:00:39,696 --> 00:00:40,651 was just fascinating. 17 00:00:41,302 --> 00:00:43,788 We're going to talk about Open source intelligence 18 00:00:43,844 --> 00:00:44,582 or os 19 00:00:44,956 --> 00:00:45,195 today. 20 00:00:45,989 --> 00:00:48,214 Jason is the perfect person to talk to 21 00:00:48,214 --> 00:00:50,215 you about this because he works, this from 22 00:00:50,215 --> 00:00:51,008 both sides. 23 00:00:51,564 --> 00:00:52,857 His day job working 24 00:00:53,468 --> 00:00:54,999 for basically law enforcement 25 00:00:56,562 --> 00:00:59,760 is finding people using open source intelligence and 26 00:00:59,760 --> 00:01:02,227 kinda his night job or off job is 27 00:01:02,227 --> 00:01:05,672 helping people to not get found by stalker 28 00:01:05,809 --> 00:01:06,309 and 29 00:01:07,098 --> 00:01:09,330 abusive of spouses or just people who want 30 00:01:09,330 --> 00:01:11,720 to up their privacy game. So he's just 31 00:01:11,720 --> 00:01:13,394 an absolutely perfect person to talk to you 32 00:01:13,394 --> 00:01:14,111 about this subject. 33 00:01:14,684 --> 00:01:15,959 And we're gonna talk about some things that 34 00:01:16,038 --> 00:01:18,189 I bet most of you are not that 35 00:01:18,189 --> 00:01:20,898 familiar with. And we'll be surprised to find 36 00:01:20,898 --> 00:01:21,398 out 37 00:01:21,934 --> 00:01:24,815 how much information about you is, out there, 38 00:01:25,530 --> 00:01:27,753 and is readily available to anybody who knows 39 00:01:27,753 --> 00:01:29,341 how to look for it. So the interview 40 00:01:29,341 --> 00:01:30,770 was a little bit long so I'm gonna 41 00:01:30,770 --> 00:01:32,850 keep the preview very short Just real quick, 42 00:01:33,088 --> 00:01:34,914 we talked about a few terms, but I 43 00:01:34,914 --> 00:01:36,740 wanna throw out real quick. We talk about 44 00:01:36,819 --> 00:01:39,122 Fo, and that's F0IA 45 00:01:39,122 --> 00:01:40,789 or Freedom of Information Act. 46 00:01:41,598 --> 00:01:43,451 That is a law that allows people to 47 00:01:43,667 --> 00:01:45,837 request information from their government 48 00:01:46,292 --> 00:01:48,064 in the spirit of transparency 49 00:01:49,094 --> 00:01:50,932 which I think is a noble goal, but 50 00:01:50,932 --> 00:01:52,071 it turns out that 51 00:01:52,530 --> 00:01:55,567 you can actually request information just on other 52 00:01:55,567 --> 00:01:57,165 people that might have public records, 53 00:01:57,898 --> 00:01:59,754 And most of these 54 00:02:00,211 --> 00:02:03,561 agencies will gladly turn that over. He also 55 00:02:03,561 --> 00:02:04,837 mentions in kind of the same breath, A 56 00:02:04,837 --> 00:02:06,911 think called a Pd or a public disclosure 57 00:02:06,911 --> 00:02:07,070 request. 58 00:02:07,961 --> 00:02:08,279 That is, 59 00:02:08,995 --> 00:02:10,746 along the same lines as a 4 year 60 00:02:10,746 --> 00:02:12,735 request, I guess, different places called different things. 61 00:02:13,292 --> 00:02:15,537 And finally, we talk about docs. Thing and 62 00:02:15,537 --> 00:02:17,530 we will explain what that term means, but 63 00:02:17,530 --> 00:02:19,226 it comes from the term documents 64 00:02:19,763 --> 00:02:22,793 and basically getting the information about somebody public 65 00:02:22,793 --> 00:02:24,955 documents on people So that's really all I 66 00:02:24,955 --> 00:02:26,224 need to set this up. Let's get right 67 00:02:26,224 --> 00:02:28,286 to my interview with Jason Ep. 68 00:02:34,509 --> 00:02:36,750 Jess Edison is a 25 year veteran for 69 00:02:36,750 --> 00:02:39,069 a major Us police department where he serves 70 00:02:39,069 --> 00:02:41,163 as the technical lead for the agency's criminal 71 00:02:41,163 --> 00:02:43,714 intelligence and cyber crime sections. Prior to this, 72 00:02:43,873 --> 00:02:46,902 you ran undercover an electronic surveillance operations for 73 00:02:46,902 --> 00:02:48,359 long term organized crime 74 00:02:48,736 --> 00:02:50,980 investigations, And last but certainly not least, Jason 75 00:02:50,980 --> 00:02:53,050 runs the Open source intelligence, privacy and security 76 00:02:53,050 --> 00:02:53,868 training programs 77 00:02:54,244 --> 00:02:56,711 at intel techniques dot com. Welcome to the 78 00:02:56,711 --> 00:02:58,621 show, Jason. Hey, Carrie. How's is it going? 79 00:02:59,274 --> 00:03:00,869 I'm so looking forward to this... I've been 80 00:03:00,869 --> 00:03:01,746 following you guys for a while. 81 00:03:02,544 --> 00:03:04,059 You guys literally wrote the book on privacy. 82 00:03:05,335 --> 00:03:07,090 Michael Ba allen and yourself. I I... I'm 83 00:03:07,090 --> 00:03:08,979 not sure what how you that up, but 84 00:03:09,180 --> 00:03:10,459 you guys have had some great tools and 85 00:03:10,459 --> 00:03:11,840 some great articles and 86 00:03:12,219 --> 00:03:13,340 I've been a following that for a long 87 00:03:13,340 --> 00:03:14,860 time. So I'm really, really psyche to get 88 00:03:14,860 --> 00:03:16,060 you on the show. And I've been wanting 89 00:03:16,060 --> 00:03:17,739 to do a show focused on open source 90 00:03:17,739 --> 00:03:18,060 intelligence. 91 00:03:18,713 --> 00:03:20,067 And I can't think of a better person 92 00:03:20,067 --> 00:03:21,661 to do that with. So thank you for 93 00:03:21,661 --> 00:03:23,413 being here. So why don't you tell start, 94 00:03:23,573 --> 00:03:24,688 you know, stop a little bit more about 95 00:03:24,688 --> 00:03:26,377 your background, Tell us? You know, what sorts 96 00:03:26,377 --> 00:03:27,732 of things you do for the police department? 97 00:03:27,892 --> 00:03:30,124 And I'm very curious to know what it's 98 00:03:30,124 --> 00:03:32,356 like to run undercover electronic surveillance? What is 99 00:03:32,356 --> 00:03:34,110 that... What does that work and entail exactly? 100 00:03:34,923 --> 00:03:36,837 Sure. And I always like to start off 101 00:03:36,837 --> 00:03:38,353 by giving a little bit of a background. 102 00:03:38,592 --> 00:03:40,107 It is weird for those of us in 103 00:03:40,107 --> 00:03:43,080 the privacy industry to talk about ourselves publicly. 104 00:03:43,697 --> 00:03:44,197 But 105 00:03:44,509 --> 00:03:46,982 on the intelligence side, we always say information 106 00:03:46,982 --> 00:03:49,614 does not become intelligence until you have context 107 00:03:49,614 --> 00:03:51,688 for it. Right? And so it's important that 108 00:03:51,688 --> 00:03:53,921 when people are listening to my 2 cents 109 00:03:53,921 --> 00:03:55,769 worth, on some of the topics we're gonna 110 00:03:55,769 --> 00:03:57,761 cover today that they understand where I come 111 00:03:57,761 --> 00:04:00,310 from because that's going to bring into play 112 00:04:00,310 --> 00:04:03,179 my own perspectives, maybe my own biases, those 113 00:04:03,179 --> 00:04:06,310 different things. So My background is primarily in 114 00:04:06,790 --> 00:04:09,270 law enforcement in the Us. I started in 115 00:04:09,270 --> 00:04:11,604 the mid nineties and have worked everything. From 116 00:04:11,604 --> 00:04:14,161 being a patrol officer to street crimes like, 117 00:04:14,240 --> 00:04:15,838 doing undercover street buys. 118 00:04:16,637 --> 00:04:19,368 In the early 2 thousands, I... Worked into 119 00:04:19,368 --> 00:04:22,002 a task force position with the Fbi and 120 00:04:22,002 --> 00:04:24,738 worked organized crime for about 7 years, primarily 121 00:04:24,797 --> 00:04:28,644 doing field surveillance, electronic surveillance under undercover work, 122 00:04:28,884 --> 00:04:30,644 long term undercover cases. 123 00:04:31,285 --> 00:04:33,205 And then 20 10, I moved to our 124 00:04:33,205 --> 00:04:36,084 intelligence unit and have been doing intelligence in 125 00:04:36,084 --> 00:04:36,904 cyber crime 126 00:04:37,285 --> 00:04:38,098 investigations ever since. 127 00:04:38,974 --> 00:04:41,286 And then on the side, my second career, 128 00:04:41,525 --> 00:04:43,061 I work for Michael Biz 129 00:04:43,598 --> 00:04:44,554 at intel techniques, 130 00:04:45,272 --> 00:04:48,550 teaching bull offensive and defensive cyber. So basically, 131 00:04:48,869 --> 00:04:51,097 Open source intelligence, so we teach a lot 132 00:04:51,097 --> 00:04:54,677 of 3 letter agencies, private sector intelligence teams, 133 00:04:55,409 --> 00:04:57,502 all sorts of folks how to gather 134 00:04:57,958 --> 00:05:00,110 information off of the Internet effectively. 135 00:05:00,588 --> 00:05:03,217 And then we also go out and do 136 00:05:03,217 --> 00:05:05,384 a lot of cyber training. So we I 137 00:05:05,384 --> 00:05:07,719 take what I've learned from investigating, 138 00:05:08,256 --> 00:05:10,729 cyber crimes and in trading cyber crime groups, 139 00:05:10,889 --> 00:05:12,165 and we go out and do keynote notes 140 00:05:12,165 --> 00:05:14,420 and Do kind of a version of what 141 00:05:14,420 --> 00:05:16,740 you do with this podcast of trying to 142 00:05:16,740 --> 00:05:17,540 spread awareness. 143 00:05:18,259 --> 00:05:19,460 I've brought this up a couple times, but 144 00:05:19,540 --> 00:05:21,393 I really wanna get... Give this from a 145 00:05:21,393 --> 00:05:23,728 pro. What is Os? How do you define 146 00:05:23,866 --> 00:05:24,903 open source intelligence? 147 00:05:26,340 --> 00:05:27,536 What does that turn mean And what are 148 00:05:27,536 --> 00:05:29,224 maybe... And what are to kinda bring it 149 00:05:29,224 --> 00:05:30,997 home, what are some common sources 150 00:05:31,611 --> 00:05:33,599 of Os and and how do you access 151 00:05:33,599 --> 00:05:33,758 them? 152 00:05:34,713 --> 00:05:34,952 Sure. 153 00:05:35,603 --> 00:05:38,808 So open source intelligence is just a fancy 154 00:05:38,865 --> 00:05:41,729 way of saying being good at searching on 155 00:05:41,729 --> 00:05:44,534 the Internet. In the and technically, it's even 156 00:05:44,534 --> 00:05:46,769 more than just searching on the Internet. The 157 00:05:46,769 --> 00:05:49,721 origins of Os or open source intelligence was, 158 00:05:49,801 --> 00:05:53,415 like, collecting newspaper articles going to the library 159 00:05:53,415 --> 00:05:55,735 and pulling up micro fees. You know? It's 160 00:05:55,735 --> 00:05:58,535 basically being good at research. But in the 161 00:05:58,535 --> 00:05:59,415 modern age, 162 00:06:00,148 --> 00:06:02,137 95 percent of that research is going to 163 00:06:02,137 --> 00:06:03,569 be on the Internet because we can get 164 00:06:03,569 --> 00:06:04,546 to so much 165 00:06:04,921 --> 00:06:05,955 information so quickly. 166 00:06:06,592 --> 00:06:08,835 So that is sort of the textbook version 167 00:06:08,835 --> 00:06:10,903 of what it is. What I always like 168 00:06:10,903 --> 00:06:12,892 to add in there because I think there's 169 00:06:12,892 --> 00:06:14,086 a pretty big spectrum. 170 00:06:14,498 --> 00:06:17,523 Of, I guess, quality of open source intelligence 171 00:06:17,523 --> 00:06:18,739 work is 172 00:06:19,273 --> 00:06:21,104 you... If you're going to do this as 173 00:06:21,104 --> 00:06:21,604 a 174 00:06:21,979 --> 00:06:23,753 profession and not just a hobby 175 00:06:24,064 --> 00:06:26,853 You need to also build up basic intelligence 176 00:06:26,853 --> 00:06:29,802 skills, which is things like gaining that context 177 00:06:29,802 --> 00:06:31,795 for what you find, fact checking. 178 00:06:32,366 --> 00:06:32,866 Sourcing. 179 00:06:33,320 --> 00:06:36,656 And basically being accountable for the research you 180 00:06:36,656 --> 00:06:38,881 do. And that's 1 of the big differences 181 00:06:39,293 --> 00:06:41,282 See these days is there's a lot of 182 00:06:41,282 --> 00:06:42,021 people doing 183 00:06:42,475 --> 00:06:44,225 online research open source intelligence, 184 00:06:44,782 --> 00:06:45,282 but 185 00:06:46,055 --> 00:06:46,110 I 186 00:06:46,944 --> 00:06:49,725 professionals, we should all be checking our work, 187 00:06:49,963 --> 00:06:52,029 showing our work and being accountable for our 188 00:06:52,029 --> 00:06:54,095 work. So I was like to add in 189 00:06:54,095 --> 00:06:56,740 that extra east because sometimes when people come 190 00:06:56,740 --> 00:06:57,240 in 191 00:06:57,618 --> 00:06:59,215 and go through our training, 192 00:06:59,694 --> 00:07:01,370 you know, I can I can teach them 193 00:07:01,370 --> 00:07:04,018 all the technical skills pretty easy, piece But 194 00:07:04,018 --> 00:07:07,282 sometimes the more important things are procedural, 195 00:07:07,680 --> 00:07:08,180 ethics, 196 00:07:08,794 --> 00:07:10,784 and all of those other things that sometimes 197 00:07:10,784 --> 00:07:13,107 we forget about? Right? It it all falls 198 00:07:13,107 --> 00:07:15,279 under that with great power comes great responsibility. 199 00:07:15,893 --> 00:07:17,644 And it sounds a little like journalism honestly. 200 00:07:18,201 --> 00:07:21,067 Yes. Yeah. And we we train a fair 201 00:07:21,067 --> 00:07:21,877 number of large, 202 00:07:23,146 --> 00:07:26,478 yeah, news agencies and journalists and attorneys. Like, 203 00:07:26,637 --> 00:07:29,096 we have a pretty diverse range of people 204 00:07:29,096 --> 00:07:31,094 that we train, our bread and butter are 205 00:07:31,094 --> 00:07:32,363 definitely in, like, government, 206 00:07:33,077 --> 00:07:33,394 military, 207 00:07:33,949 --> 00:07:36,645 intelligence teams at Fortune 500 companies, all of 208 00:07:36,645 --> 00:07:37,780 that. But 209 00:07:38,088 --> 00:07:40,628 really os is something that could be used 210 00:07:40,628 --> 00:07:43,485 in any field. Like, literally, I ran my 211 00:07:43,485 --> 00:07:45,494 2 kids through my classes 212 00:07:45,867 --> 00:07:48,273 just to help them at being better at 213 00:07:48,273 --> 00:07:50,351 doing things like researching their papers that the 214 00:07:50,351 --> 00:07:51,310 right oh tool. 215 00:07:52,349 --> 00:07:53,707 I and I got I got a lot 216 00:07:53,707 --> 00:07:55,785 of rolls when I did that, and I 217 00:07:55,785 --> 00:07:58,264 think mostly what my daughter got out of 218 00:07:58,264 --> 00:08:00,646 it was figuring out how to writ music 219 00:08:00,646 --> 00:08:03,027 and things off of the Internet, But it 220 00:08:03,027 --> 00:08:03,765 was still 221 00:08:04,233 --> 00:08:05,662 it was still kinda fun to go through 222 00:08:05,662 --> 00:08:07,885 it with them. Yeah. And I I'd just... 223 00:08:08,202 --> 00:08:08,440 You know, 224 00:08:09,234 --> 00:08:10,505 I can't tell you how many times when 225 00:08:10,663 --> 00:08:11,829 I tell people, like, well, you know, when 226 00:08:12,028 --> 00:08:13,620 do Google searches. You can do things like 227 00:08:13,620 --> 00:08:15,529 minus in front of words to ignore those 228 00:08:15,529 --> 00:08:17,757 and put quotes around things that have spaces 229 00:08:17,757 --> 00:08:18,871 in them or if you wanna make sure 230 00:08:18,871 --> 00:08:20,245 it's they exactly the way you type it. 231 00:08:20,324 --> 00:08:21,845 And there there's a lot of simple things 232 00:08:21,845 --> 00:08:23,604 like that. People are like, oh, wow, really? 233 00:08:24,004 --> 00:08:25,764 You know, there's there's a lot there's a 234 00:08:25,764 --> 00:08:28,164 lot of kinda hidden features even it just 235 00:08:28,164 --> 00:08:30,828 a straight up Google slash, you know, duck 236 00:08:30,884 --> 00:08:32,312 search that a lot of people I don't 237 00:08:32,312 --> 00:08:34,376 think Understand. But, yeah. This is this is 238 00:08:34,376 --> 00:08:35,884 always obviously way beyond it. I'm just making 239 00:08:35,884 --> 00:08:36,916 the point that there's a lot of things 240 00:08:36,916 --> 00:08:37,764 that that are 241 00:08:38,440 --> 00:08:39,871 that are available to people that that they 242 00:08:39,871 --> 00:08:42,256 don't even understand it there. So so what 243 00:08:42,256 --> 00:08:43,528 what company are you talking about? When you 244 00:08:43,528 --> 00:08:44,959 go searching, you... I I assume you're doing 245 00:08:44,959 --> 00:08:46,628 more than just a Google search. So what 246 00:08:46,628 --> 00:08:46,867 other... 247 00:08:47,599 --> 00:08:49,038 Types of sites good... I mean, if you've 248 00:08:49,038 --> 00:08:49,617 got a 249 00:08:49,996 --> 00:08:52,734 on your website, You've got, like, multiple dozen 250 00:08:53,193 --> 00:08:55,830 links to search sites. So what other places 251 00:08:55,830 --> 00:08:57,920 do you search looking for people info. 252 00:08:58,797 --> 00:09:02,227 Yeah. You know, surprisingly or maybe not surprisingly. 253 00:09:02,466 --> 00:09:04,939 Google is super effective. So there's a fair 254 00:09:04,939 --> 00:09:08,387 number of operations and investigations where I can 255 00:09:08,387 --> 00:09:10,544 find everything I need just using a browser 256 00:09:10,544 --> 00:09:13,521 in Google. And that actually is my preference 257 00:09:14,314 --> 00:09:16,069 because, you know, again, at the end of 258 00:09:16,069 --> 00:09:17,745 the day, I have to be accountable for 259 00:09:17,745 --> 00:09:19,979 my research, and a lot of my work 260 00:09:19,979 --> 00:09:22,785 ends up in court Right? Mh So when 261 00:09:22,944 --> 00:09:25,574 I have to testify to something, it's actually 262 00:09:25,574 --> 00:09:27,965 real nice if I get asked, like, hey, 263 00:09:28,364 --> 00:09:29,161 detective edison. 264 00:09:29,653 --> 00:09:32,196 What secret spy tools did you use like 265 00:09:32,196 --> 00:09:33,785 this, and I can look at the jury 266 00:09:33,785 --> 00:09:35,612 and say, well, I use this secret spy 267 00:09:35,612 --> 00:09:37,758 tool called Google? You might be familiar with 268 00:09:37,758 --> 00:09:40,473 it. And so as much as possible, it's 269 00:09:40,473 --> 00:09:42,379 actually nice to kinda stay in the shallow 270 00:09:42,379 --> 00:09:43,991 end of the pool and use 271 00:09:44,444 --> 00:09:47,168 tools that we can show are completely publicly 272 00:09:47,224 --> 00:09:47,542 available. 273 00:09:48,194 --> 00:09:48,433 Now, 274 00:09:49,152 --> 00:09:51,068 obviously, sometimes we have to go beyond the 275 00:09:51,068 --> 00:09:52,206 scope of Google 276 00:09:52,744 --> 00:09:54,282 to broaden our results 277 00:09:54,660 --> 00:09:56,417 and, you know, it really depends on the 278 00:09:56,417 --> 00:09:58,583 engagement we're doing. But if doing a homicide 279 00:09:58,583 --> 00:10:00,493 or we're doing a domestic terrorism case or 280 00:10:00,493 --> 00:10:03,358 something like that. We're gonna kick over every 281 00:10:03,358 --> 00:10:05,506 stone. Right? Like, we're we're not gonna stop 282 00:10:05,506 --> 00:10:07,751 20 minutes in. We're I I think my 283 00:10:07,751 --> 00:10:09,506 longest case was about 3 and a half 284 00:10:09,506 --> 00:10:09,825 years. 285 00:10:10,463 --> 00:10:13,335 And for that, we want those depth of 286 00:10:13,335 --> 00:10:13,835 resources. 287 00:10:14,372 --> 00:10:16,286 And as you mentioned on our site until 288 00:10:16,286 --> 00:10:18,220 techniques are com. We actually have a public 289 00:10:18,220 --> 00:10:21,600 facing dashboard and our our tools tab, which 290 00:10:21,659 --> 00:10:23,500 everyone... We built that for everyone who goes 291 00:10:23,500 --> 00:10:25,820 through our training, but anyone could use it. 292 00:10:26,233 --> 00:10:28,938 Right? Like, let's say I wanted to check 293 00:10:28,938 --> 00:10:29,756 my own 294 00:10:30,131 --> 00:10:32,597 exposure on the Internet. You could go on 295 00:10:32,597 --> 00:10:34,760 there. And put in your email address, your 296 00:10:34,760 --> 00:10:36,271 phone number and those sorts of things, 297 00:10:36,828 --> 00:10:40,065 and basically hunt yourself, research yourself 298 00:10:40,500 --> 00:10:42,560 And not only will that give you an 299 00:10:42,560 --> 00:10:45,492 idea of the types of tools that people 300 00:10:45,492 --> 00:10:46,997 coming after you are using? 301 00:10:47,488 --> 00:10:50,988 But it shows you your online exposures, which 302 00:10:50,988 --> 00:10:52,897 then you could use to do what we 303 00:10:52,897 --> 00:10:54,170 call a privacy cleanup. 304 00:10:54,745 --> 00:10:57,225 So I would encourage everyone. These are free 305 00:10:57,225 --> 00:11:00,105 publicly available. Their open source. Our source code 306 00:11:00,105 --> 00:11:01,225 is right on the page. 307 00:11:01,799 --> 00:11:04,679 We do not collect anything. This is just 308 00:11:04,679 --> 00:11:06,759 there as a free resource for the people 309 00:11:06,759 --> 00:11:09,000 who do our training programs, but we've made 310 00:11:09,000 --> 00:11:11,159 it available to everyone. So no strings attached. 311 00:11:11,574 --> 00:11:14,371 If you wanna know what Os is about 312 00:11:14,371 --> 00:11:16,449 and try your hand at it, you could 313 00:11:16,449 --> 00:11:18,926 just hop onto our dashboard and play around. 314 00:11:19,246 --> 00:11:20,445 I will add this warning though. 315 00:11:21,339 --> 00:11:23,279 Anytime you do what we call a self 316 00:11:23,419 --> 00:11:25,360 assessment, that is checking your own 317 00:11:25,819 --> 00:11:26,299 exposure. 318 00:11:27,019 --> 00:11:28,860 We don't do that on, like, our work. 319 00:11:29,193 --> 00:11:31,097 Computer. We don't do that on a public 320 00:11:31,097 --> 00:11:32,921 computer. We would wanna do that on our 321 00:11:32,921 --> 00:11:36,070 personal private computer because I don't want my 322 00:11:36,189 --> 00:11:37,864 employer, and in my case my employer's the 323 00:11:37,864 --> 00:11:40,278 government. So anything I do in my government 324 00:11:40,416 --> 00:11:43,607 equipment is subject to Fo. Right? Mh. So 325 00:11:43,607 --> 00:11:45,383 if you're gonna hunt your vulnerabilities, 326 00:11:46,253 --> 00:11:48,953 be smart about it. Do it on your 327 00:11:48,953 --> 00:11:50,938 private computer. And then what I do is 328 00:11:51,017 --> 00:11:52,526 I just have a little privacy journal where 329 00:11:52,606 --> 00:11:54,908 I go through and start taking notes by 330 00:11:54,908 --> 00:11:57,237 hand. Hey. This site has my phone number. 331 00:11:57,477 --> 00:11:59,554 This site has my date of birth, and 332 00:11:59,554 --> 00:12:00,913 then I do the same for my kids. 333 00:12:02,111 --> 00:12:03,331 Wow, so, 334 00:12:03,804 --> 00:12:05,631 I've often heard the term do, and I 335 00:12:05,790 --> 00:12:07,141 I think I could probably define that, but 336 00:12:07,221 --> 00:12:08,731 I wanna I wanna hear you define that... 337 00:12:09,208 --> 00:12:10,956 It sounds like what you're basically recommended it 338 00:12:10,956 --> 00:12:13,275 is you try to docs yourself. To see 339 00:12:13,275 --> 00:12:15,420 what's out there. Let's talk about that term 340 00:12:15,420 --> 00:12:17,008 and and and if that's what you meant. 341 00:12:17,723 --> 00:12:20,900 Yeah. So the do is basically a loaded 342 00:12:20,900 --> 00:12:21,956 term. It is basically 343 00:12:22,424 --> 00:12:25,681 using open source intelligence to do harm. So 344 00:12:25,681 --> 00:12:29,018 you're not exactly docks yourself. But what what 345 00:12:29,018 --> 00:12:30,869 you are doing is you're 346 00:12:31,417 --> 00:12:34,199 attacking yourself from the position of someone who 347 00:12:34,199 --> 00:12:36,265 is a cyber criminal or a doctor. So 348 00:12:36,265 --> 00:12:38,332 what do, how that usually happens is, 349 00:12:39,303 --> 00:12:41,936 me and a bunch of other kinda idiots 350 00:12:41,936 --> 00:12:44,808 on the Internet, see someone, like a public 351 00:12:44,808 --> 00:12:47,215 figure or you know, a lot of times 352 00:12:47,215 --> 00:12:48,890 the do has to do with what I 353 00:12:48,890 --> 00:12:50,245 call the Ism, racism, 354 00:12:50,804 --> 00:12:53,355 sexism. There's almost always some sort of bias 355 00:12:53,355 --> 00:12:54,892 involved. And so, 356 00:12:55,363 --> 00:12:56,953 you know, I'm on the Internet with my 357 00:12:56,953 --> 00:12:58,782 group of idiots and we're like, hey, 358 00:12:59,338 --> 00:13:01,643 this person dared to say this thing or 359 00:13:01,643 --> 00:13:04,187 this person is evil. We we should get 360 00:13:04,187 --> 00:13:04,346 them. 361 00:13:04,997 --> 00:13:06,371 And then we basically, 362 00:13:06,824 --> 00:13:08,095 like lord of the flies. 363 00:13:08,572 --> 00:13:10,875 Pile on, dig through their life cyber stock 364 00:13:10,875 --> 00:13:12,941 them, and then we post all the personal 365 00:13:12,941 --> 00:13:15,983 stuff online to make them fearful or uncomfortable. 366 00:13:16,303 --> 00:13:18,620 So that is the key component. It is 367 00:13:18,620 --> 00:13:21,337 done with the intent to create fear. It 368 00:13:21,337 --> 00:13:22,936 is done to harass. 369 00:13:23,415 --> 00:13:25,982 Right? Mh. And I I think sometimes these 370 00:13:25,982 --> 00:13:27,974 things are cloaked in this idea of oh, 371 00:13:28,133 --> 00:13:30,204 It's the great good because they're evil, so 372 00:13:30,204 --> 00:13:32,366 we should out them. But man, that is 373 00:13:32,366 --> 00:13:34,533 a dangerous road to go on where we're 374 00:13:34,589 --> 00:13:37,130 standing judgment of other people often and without 375 00:13:37,130 --> 00:13:39,376 all the details. And sometimes it's just flat 376 00:13:39,432 --> 00:13:39,988 malicious. Right? 377 00:13:41,037 --> 00:13:43,907 Both Michael, my partner, Michael and I had 378 00:13:44,226 --> 00:13:46,059 a bunch of people on 4 chan come 379 00:13:46,059 --> 00:13:48,052 after as several years ago and decide, we're 380 00:13:48,052 --> 00:13:50,374 gonna docs because they're teaching people how to 381 00:13:50,374 --> 00:13:53,792 investigate us. And, like, literally, they were calling 382 00:13:53,792 --> 00:13:56,986 in social engineering our employers. They were you 383 00:13:56,986 --> 00:13:59,207 know, doing everything short of digging through our 384 00:13:59,207 --> 00:13:59,445 trash. 385 00:14:00,080 --> 00:14:02,539 Now, my partner, Michael is pretty much the 386 00:14:02,539 --> 00:14:04,681 invisible man, so they had 0 luck there 387 00:14:04,681 --> 00:14:06,794 for Like, their their skills 388 00:14:07,174 --> 00:14:09,355 were not up to par with their 389 00:14:09,894 --> 00:14:11,575 kind of their narrative around the whole thing, 390 00:14:11,735 --> 00:14:13,495 so they weren't really able to take that 391 00:14:13,495 --> 00:14:15,440 very. Far, but there are definitely 392 00:14:15,972 --> 00:14:17,639 a lot of people who fall victim to 393 00:14:17,639 --> 00:14:20,498 detox and we're lot of damages done. A 394 00:14:20,498 --> 00:14:22,840 lot of them are far on the privacy 395 00:14:22,897 --> 00:14:24,567 side of our business where we do a 396 00:14:24,567 --> 00:14:26,714 lot of cleanup ups or move people. Like, 397 00:14:26,873 --> 00:14:29,815 literally, people getting cyber stocked so badly, we 398 00:14:29,815 --> 00:14:31,326 have to move them to a different home. 399 00:14:32,139 --> 00:14:33,980 We see a lot of this boxing as 400 00:14:33,980 --> 00:14:36,159 part of cyber harassment and 401 00:14:36,539 --> 00:14:39,179 things like ex. Right? If I can go 402 00:14:39,179 --> 00:14:41,899 in and dig out your personal photos, then 403 00:14:42,057 --> 00:14:44,435 I can start an ex scheme to you. 404 00:14:44,672 --> 00:14:47,209 We see that a lot both on our... 405 00:14:47,526 --> 00:14:49,316 For high profile targets 406 00:14:49,693 --> 00:14:52,324 and clients, but also just on everyday people. 407 00:14:52,483 --> 00:14:53,839 I see it in my day job too 408 00:14:53,839 --> 00:14:56,231 as a detective. Ex is a big deal. 409 00:14:56,963 --> 00:14:58,553 You'd already basically, I mentioned, You're you're kinda 410 00:14:58,553 --> 00:14:59,689 of basically playing, 411 00:15:00,222 --> 00:15:01,653 like, often offense during the day in defense 412 00:15:01,653 --> 00:15:02,527 at night kind of thing. 413 00:15:03,243 --> 00:15:04,674 You're you're doing both sides of this thing. 414 00:15:04,912 --> 00:15:05,412 So 415 00:15:06,438 --> 00:15:08,511 how how does each 1 of those inform 416 00:15:08,511 --> 00:15:08,989 the other? 417 00:15:09,786 --> 00:15:10,982 And and I'll go ahead and bring up 418 00:15:10,982 --> 00:15:11,939 the question you kind of alluded allude to, 419 00:15:12,098 --> 00:15:13,533 you know, someone who works for the government 420 00:15:13,533 --> 00:15:14,170 in intelligence, 421 00:15:14,983 --> 00:15:16,578 and who is also a privacy you have 422 00:15:16,578 --> 00:15:18,413 to get? You know, what are what are 423 00:15:18,413 --> 00:15:20,566 your thoughts on master surveillance? What do... How 424 00:15:20,566 --> 00:15:22,401 how do you do both? And how do 425 00:15:22,401 --> 00:15:23,916 they... How do how do they affect each 426 00:15:23,916 --> 00:15:25,282 other from you play both sides. 427 00:15:26,155 --> 00:15:28,297 Yeah. And I I think the short answer 428 00:15:28,297 --> 00:15:31,549 is just like anything else, having experience on 429 00:15:31,549 --> 00:15:33,872 both the offensive... When and defensive sides is 430 00:15:33,872 --> 00:15:36,825 huge. Right? Because you can anticipate a tax. 431 00:15:37,065 --> 00:15:40,438 You know what sort of, a threat model 432 00:15:40,737 --> 00:15:43,386 you are in and what sort of attack 433 00:15:43,386 --> 00:15:46,020 surface you have because you've been the attacker 434 00:15:46,020 --> 00:15:48,733 before. Right? And folks who work in the 435 00:15:48,733 --> 00:15:51,062 info sec field, folks who work in military, 436 00:15:51,381 --> 00:15:54,251 anything where we do things, like red teaming 437 00:15:54,251 --> 00:15:56,642 where Red teaming is basically where you and 438 00:15:56,722 --> 00:15:58,635 I works together, and we attack each other, 439 00:15:58,889 --> 00:16:01,287 so we get used to defending against the 440 00:16:01,287 --> 00:16:03,764 attacks. Right? Mh. That's like a real simple 441 00:16:03,764 --> 00:16:05,602 example. That the whole idea of a red 442 00:16:05,602 --> 00:16:08,134 team is attack ourselves so that we learn 443 00:16:08,254 --> 00:16:10,317 both sides of that equation and can test 444 00:16:10,317 --> 00:16:13,174 our defenses. So there's definite advantages there. 445 00:16:13,809 --> 00:16:16,110 1 training I went to years ago, I 446 00:16:16,269 --> 00:16:17,558 I was going through a boot cam to 447 00:16:17,558 --> 00:16:19,576 do my certified ethical hacker 448 00:16:20,115 --> 00:16:21,334 certification. And 449 00:16:22,033 --> 00:16:23,790 about halfway through this class. I'm looking around 450 00:16:23,790 --> 00:16:26,692 the room for I am the only non 451 00:16:27,224 --> 00:16:29,606 engineer in the room. Like, there's 30 people 452 00:16:29,606 --> 00:16:31,670 from Info sec, and I I just remember 453 00:16:31,670 --> 00:16:34,626 thinking I am by far the person in 454 00:16:34,626 --> 00:16:37,971 room. Like, these were super smart experience people. 455 00:16:38,768 --> 00:16:40,680 And I... Still so All beat myself up 456 00:16:40,680 --> 00:16:43,070 of like, oh, my gosh. And then... Oh, 457 00:16:43,244 --> 00:16:45,313 By the last day, I had a realization. 458 00:16:46,428 --> 00:16:48,520 Everyone in that room had superior technical 459 00:16:49,055 --> 00:16:52,574 experience and skills. But it became clear because 460 00:16:52,574 --> 00:16:54,647 all the water cooler talking and all the 461 00:16:54,647 --> 00:16:55,944 discussions of 462 00:16:56,560 --> 00:16:59,111 anytime cyber crime came up, even though it 463 00:16:59,111 --> 00:16:59,510 wasn't... 464 00:16:59,922 --> 00:17:03,016 Information security class and about hacking, 465 00:17:04,364 --> 00:17:06,610 no 1 else in the room had ever 466 00:17:06,918 --> 00:17:11,056 had any experience working with, exposure to crime, 467 00:17:11,215 --> 00:17:13,124 like criminals Mh. Like, people that had their 468 00:17:13,124 --> 00:17:15,532 cars proud but nobody had spent time with 469 00:17:15,532 --> 00:17:18,408 criminals. Nobody had infiltrated criminal work. And what 470 00:17:18,568 --> 00:17:20,485 I have the sudden realization was that... 471 00:17:21,299 --> 00:17:24,176 My experience on the investigative side was a 472 00:17:24,176 --> 00:17:27,153 huge benefit to me on the defensive side 473 00:17:27,212 --> 00:17:30,265 because I understand the culture of organized crime. 474 00:17:30,505 --> 00:17:31,884 I understand the culture 475 00:17:32,345 --> 00:17:33,464 of the enemy, 476 00:17:34,025 --> 00:17:35,244 and that is huge 477 00:17:35,545 --> 00:17:38,045 because in in intelligence, we call that cultural 478 00:17:38,265 --> 00:17:40,597 intelligence, organized And I've really come to over 479 00:17:40,597 --> 00:17:41,077 the years, 480 00:17:41,876 --> 00:17:44,832 appreciate how that is a very very important 481 00:17:44,832 --> 00:17:45,332 thing 482 00:17:45,710 --> 00:17:45,950 is, 483 00:17:47,005 --> 00:17:49,404 understanding the adversary. What are their goals? What 484 00:17:49,404 --> 00:17:52,125 are their methods? What are their tendencies? Because 485 00:17:52,125 --> 00:17:53,804 1 of the things we use most in 486 00:17:53,804 --> 00:17:54,304 intelligence 487 00:17:54,605 --> 00:17:55,105 is 488 00:17:55,419 --> 00:17:57,972 people are generally predictable because we tend to 489 00:17:57,972 --> 00:18:00,047 do things and patterns. But if you don't 490 00:18:00,047 --> 00:18:01,085 understand someone's culture, 491 00:18:01,643 --> 00:18:03,055 1, you're not going to be able to 492 00:18:03,332 --> 00:18:05,550 see those patterns into, you're not going to 493 00:18:05,550 --> 00:18:06,422 understand what they mean. 494 00:18:07,294 --> 00:18:09,829 And then as far as government master surveillance, 495 00:18:10,559 --> 00:18:12,876 So that's real interesting for me because I 496 00:18:12,876 --> 00:18:13,855 used to literally 497 00:18:14,234 --> 00:18:17,291 do electronics surveillance, like putting out cameras, putting 498 00:18:17,350 --> 00:18:20,159 hidden you know, recording devices on undercover 499 00:18:20,717 --> 00:18:21,994 inform, things like that. 500 00:18:22,712 --> 00:18:24,708 And now I also work on the private 501 00:18:24,708 --> 00:18:27,194 sector quite a bit for, doing privacy, and 502 00:18:27,354 --> 00:18:29,824 I really care about privacy for myself. 503 00:18:30,620 --> 00:18:32,713 And so this could be a 5 hour 504 00:18:32,851 --> 00:18:34,843 conversation about this. But I will just tell 505 00:18:34,843 --> 00:18:36,211 you having work both sides. 506 00:18:37,085 --> 00:18:38,992 I am not for me and my family 507 00:18:38,992 --> 00:18:42,353 worried about what most people consider mass government 508 00:18:42,568 --> 00:18:44,316 surveillance, like the cameras and all those things, 509 00:18:44,555 --> 00:18:45,785 both what a lot of people 510 00:18:46,238 --> 00:18:49,019 don't realize because a lot of people's idea 511 00:18:49,019 --> 00:18:51,005 of what we do, especially in law enforcement 512 00:18:51,005 --> 00:18:53,966 is driven off. The Internet and shows and 513 00:18:53,966 --> 00:18:56,198 things like that. Yeah. There's no 1 I 514 00:18:56,198 --> 00:18:58,030 work with who shows up at work and 515 00:18:58,030 --> 00:18:59,067 it's, like, you know, 516 00:19:00,359 --> 00:19:02,839 tapping their fingers together like mister Burns on 517 00:19:02,839 --> 00:19:05,240 the simpsons, deciding how we can, you know, 518 00:19:05,400 --> 00:19:06,679 do master surveillance on people, 519 00:19:07,653 --> 00:19:10,119 The reality is it's a lot of not 520 00:19:10,119 --> 00:19:12,585 having enough resources having too many tasks to 521 00:19:12,585 --> 00:19:15,449 do. We can't even catch all the bank 522 00:19:15,449 --> 00:19:15,926 robbers. 523 00:19:16,419 --> 00:19:18,405 And, you know, murderers and all of those 524 00:19:18,405 --> 00:19:20,709 things. Nobody's got the time to spy on 525 00:19:20,709 --> 00:19:23,489 the masses. Right? So that that has been 526 00:19:23,489 --> 00:19:25,411 my experience. I'm not... And you know, I 527 00:19:25,411 --> 00:19:27,877 can't say that there's no hidden secret government 528 00:19:27,877 --> 00:19:30,661 groups somewhere not doing things, But I've worked 529 00:19:30,661 --> 00:19:33,138 with almost every... Let our agency. I work 530 00:19:33,138 --> 00:19:35,516 with all the largest police agencies in the 531 00:19:35,516 --> 00:19:37,839 nation, and a lot of the private sector 532 00:19:38,053 --> 00:19:38,553 intelligence 533 00:19:38,925 --> 00:19:41,404 agencies. We And so I will tell you 534 00:19:41,404 --> 00:19:43,710 having kind of a foot in both sides. 535 00:19:44,665 --> 00:19:47,074 I am more concerned about the massive 536 00:19:47,687 --> 00:19:47,926 collection. 537 00:19:48,498 --> 00:19:50,492 Of just day to day data off of 538 00:19:50,492 --> 00:19:52,885 things like the Internet and taxes and every... 539 00:19:53,284 --> 00:19:55,438 And so on the government side, when I 540 00:19:55,438 --> 00:19:57,113 meet with decision makers, 541 00:19:58,323 --> 00:20:00,937 The drum that I keep beating is we 542 00:20:00,937 --> 00:20:04,027 need to stop collecting so much because we 543 00:20:04,027 --> 00:20:05,057 can't protect it. 544 00:20:05,789 --> 00:20:08,346 I am more concerned as a citizen of 545 00:20:08,346 --> 00:20:10,523 the government getting my data breached 546 00:20:11,142 --> 00:20:13,709 than them putting cameras out. Something like that. 547 00:20:13,947 --> 00:20:15,854 Because I know that is much more likely 548 00:20:15,854 --> 00:20:18,872 to affect me. Right? Now if your threat 549 00:20:18,872 --> 00:20:21,390 model is that the government's, your enemy or 550 00:20:21,509 --> 00:20:23,020 you know, then that probably is going to 551 00:20:23,020 --> 00:20:25,645 be a different perspective for you. But for 552 00:20:25,645 --> 00:20:28,603 me, it's things like, shortly after Covid, there 553 00:20:28,603 --> 00:20:30,058 was a massive nationwide 554 00:20:30,672 --> 00:20:33,853 unemployment scam going on where millions of people 555 00:20:33,853 --> 00:20:35,126 had their identity stolen. 556 00:20:35,618 --> 00:20:37,944 And that was just more incompetence 557 00:20:38,635 --> 00:20:41,994 and lack of resources. So my biggest issue 558 00:20:42,050 --> 00:20:44,273 with the government as far as working there 559 00:20:44,273 --> 00:20:46,825 is, We do not do a good job 560 00:20:46,825 --> 00:20:48,964 of predicting the data we have, and we 561 00:20:48,964 --> 00:20:52,388 need to stop collecting so much. Right? It's 562 00:20:52,388 --> 00:20:53,821 kinda similar to where you go to your 563 00:20:53,821 --> 00:20:56,289 doctor's office, and what I have started saying 564 00:20:56,289 --> 00:20:57,484 when I go to see a doctor is 565 00:20:57,484 --> 00:20:58,997 when they asked for my Social security number, 566 00:20:59,235 --> 00:21:00,111 I politely decline. 567 00:21:00,923 --> 00:21:03,156 They do not need my social security number. 568 00:21:03,396 --> 00:21:06,209 That was a tax number. Right? Mh. So 569 00:21:06,427 --> 00:21:08,660 I think if we can all start bringing 570 00:21:08,660 --> 00:21:11,543 these issues up of, like, why are all 571 00:21:11,543 --> 00:21:12,043 these 572 00:21:12,498 --> 00:21:14,645 organizations, private and public collecting so much in 573 00:21:14,645 --> 00:21:16,020 the first place because 574 00:21:16,554 --> 00:21:18,701 anyone who works in information security? 575 00:21:19,194 --> 00:21:21,214 Or works on my side of the house 576 00:21:21,434 --> 00:21:23,595 knows. We can't protect it all. Like, the 577 00:21:23,595 --> 00:21:25,514 days of putting up walls is over. 578 00:21:26,234 --> 00:21:26,690 So 579 00:21:27,365 --> 00:21:29,773 I just think the first step is encouraging 580 00:21:30,228 --> 00:21:33,487 the that the government just collect and control 581 00:21:33,487 --> 00:21:35,714 less. And then I think I have to 582 00:21:35,714 --> 00:21:37,399 remind us all, we have a role in 583 00:21:37,399 --> 00:21:39,785 this. We have been led into a culture 584 00:21:39,785 --> 00:21:43,126 of constantly trading our data for stuff. 585 00:21:44,015 --> 00:21:46,080 And, like, we gotta stop using free apps, 586 00:21:46,318 --> 00:21:48,462 we have to start realizing that if you 587 00:21:48,462 --> 00:21:50,367 wanna a private service, you probably have to 588 00:21:50,367 --> 00:21:50,923 pay for it. 589 00:21:51,734 --> 00:21:52,234 And 590 00:21:52,611 --> 00:21:55,402 understand the long term cost of all these 591 00:21:55,402 --> 00:21:57,954 free things. The free coupons and the free 592 00:21:57,954 --> 00:22:00,427 apps and the free raffle and the free, 593 00:22:00,586 --> 00:22:03,473 you know, Anything that is free is probably 594 00:22:03,473 --> 00:22:05,626 a bad idea. So I think we do 595 00:22:05,626 --> 00:22:07,801 have to acknowledge our role in this is 596 00:22:08,179 --> 00:22:10,890 we can't freely give up all this stuff 597 00:22:10,890 --> 00:22:13,785 to these companies and agencies that we don't 598 00:22:13,785 --> 00:22:14,105 trust, 599 00:22:14,664 --> 00:22:17,384 and then really just sit back and complain. 600 00:22:17,865 --> 00:22:19,865 We need to stop giving it to them 601 00:22:19,865 --> 00:22:22,187 and also maybe stop giving them our business. 602 00:22:23,219 --> 00:22:25,363 Yeah. Right. Right. This goes back to something 603 00:22:25,522 --> 00:22:26,554 I I'd like to say a lot it 604 00:22:26,554 --> 00:22:28,222 which is the only data that can't be 605 00:22:28,222 --> 00:22:29,492 abused or stolen on this data that doesn't 606 00:22:29,492 --> 00:22:31,972 exist. Oh if it exists, it's just it's 607 00:22:31,972 --> 00:22:34,597 just waiting for somebody somehow to either stumble 608 00:22:34,597 --> 00:22:36,744 across it or to hack into it. And 609 00:22:36,744 --> 00:22:38,415 the other thing, I just recently interviewed Byron, 610 00:22:38,669 --> 00:22:40,344 who wrote a great called means of control. 611 00:22:40,902 --> 00:22:43,375 And his point was about a lot of 612 00:22:43,375 --> 00:22:46,906 the corporate data collection, in further of targeted 613 00:22:46,964 --> 00:22:48,320 behavioral advertising and things like that. 614 00:22:49,373 --> 00:22:50,353 That is allowing 615 00:22:50,811 --> 00:22:53,927 the law enforcement and intelligence agencies both ours 616 00:22:53,927 --> 00:22:54,427 and 617 00:22:55,285 --> 00:22:55,525 abroad, 618 00:22:56,256 --> 00:22:58,717 to have access to massive amounts of data 619 00:22:58,717 --> 00:23:00,464 on all of us and in the Us 620 00:23:00,464 --> 00:23:01,893 bypassing the fourth amendment to do so because 621 00:23:01,893 --> 00:23:03,664 they could just buy it. So 622 00:23:03,974 --> 00:23:06,451 as somebody worked inside, and, you know, I 623 00:23:06,531 --> 00:23:08,449 I always think of James Comey saying they're 624 00:23:08,449 --> 00:23:09,088 were going dark. 625 00:23:09,887 --> 00:23:11,725 For and somebody worked both sides of this, 626 00:23:12,297 --> 00:23:13,806 the the people that you work with or 627 00:23:13,806 --> 00:23:15,973 the people who advise, the people you train 628 00:23:16,108 --> 00:23:17,220 within the system. 629 00:23:18,411 --> 00:23:20,475 Are there other people that understand the privacy 630 00:23:20,475 --> 00:23:22,244 risks of this stuff 2 or do they... 631 00:23:23,125 --> 00:23:24,725 You know, you're you're 1 of the unique 632 00:23:24,725 --> 00:23:26,005 people I would have to think that I've 633 00:23:26,005 --> 00:23:26,505 seen 634 00:23:26,805 --> 00:23:28,404 both sides of this and understand the harms 635 00:23:28,404 --> 00:23:30,093 that could come from it. What what about 636 00:23:30,093 --> 00:23:31,759 other people you've worked with and? What's what's 637 00:23:31,759 --> 00:23:33,584 the culture like on the inside for for 638 00:23:33,584 --> 00:23:34,219 that point of view? 639 00:23:35,488 --> 00:23:38,214 Yeah. So... I mean, things have really changed 640 00:23:38,214 --> 00:23:40,615 over the last 15 years. So when I 641 00:23:40,615 --> 00:23:42,214 first started in intelligence, 642 00:23:42,615 --> 00:23:44,134 I mean, it pretty much was the Wild 643 00:23:44,134 --> 00:23:47,981 west. Right? Like, it nobody privatized anything. Everything 644 00:23:47,981 --> 00:23:50,293 was out there. So especially on the open 645 00:23:50,293 --> 00:23:52,287 source intelligence side. It was just kind of 646 00:23:52,287 --> 00:23:53,882 like everything was freely available. 647 00:23:54,853 --> 00:23:57,421 There has been quite a bit of 648 00:23:57,955 --> 00:23:59,887 progression along privacy 649 00:24:00,341 --> 00:24:02,648 lines and security lines as far as data 650 00:24:02,648 --> 00:24:02,807 collection. 651 00:24:03,539 --> 00:24:05,772 And the use of that. So what I 652 00:24:05,772 --> 00:24:07,708 find now is we're in this kind of 653 00:24:08,165 --> 00:24:10,797 strange place where a lot of the agencies, 654 00:24:10,956 --> 00:24:12,631 at least on the public side across the 655 00:24:12,631 --> 00:24:15,199 country are in really disparate parts of the 656 00:24:15,199 --> 00:24:17,831 spectrum. So for example, the the agency that 657 00:24:17,911 --> 00:24:20,064 I work at, I can't use any of 658 00:24:20,064 --> 00:24:22,457 these services. I can't... We're just not allowed 659 00:24:22,457 --> 00:24:24,618 to. It's against policy. We have an ordinance 660 00:24:24,618 --> 00:24:27,159 in our city. We have a high level 661 00:24:27,159 --> 00:24:30,810 of scrutiny around anything that involves data sharing, 662 00:24:30,969 --> 00:24:32,974 data collection, policy of those things. 663 00:24:33,693 --> 00:24:36,010 The the upside is that's a good level 664 00:24:36,010 --> 00:24:37,768 of control so that we don't start just 665 00:24:37,768 --> 00:24:40,246 doing whatever we want. The downside is, sometimes 666 00:24:40,246 --> 00:24:42,919 these things can be reaching these policies. So 667 00:24:42,980 --> 00:24:45,400 we're using super outdated technology, 668 00:24:45,779 --> 00:24:47,859 which can have a security cost. Right? And 669 00:24:47,859 --> 00:24:49,380 and an effectiveness cost. 670 00:24:49,873 --> 00:24:51,857 So for us on the inside, it's this 671 00:24:51,857 --> 00:24:54,715 constant balance of, we have to retain enough 672 00:24:54,715 --> 00:24:57,414 capability to protect people, but at the same 673 00:24:57,414 --> 00:24:59,815 time, we need to make... Maintain or gain 674 00:24:59,815 --> 00:25:00,851 back public trust. 675 00:25:01,489 --> 00:25:03,721 And depending on what part of the country 676 00:25:03,721 --> 00:25:05,953 you live in, people's level of care on 677 00:25:05,953 --> 00:25:07,584 that is different, the 678 00:25:07,962 --> 00:25:09,957 politicians drive all of this, and I think 679 00:25:09,957 --> 00:25:11,952 that's a lot of times what people forget 680 00:25:11,952 --> 00:25:14,347 is, like, I work for a very large 681 00:25:14,347 --> 00:25:15,145 police department. 682 00:25:15,638 --> 00:25:17,870 There's very few decisions I make during my 683 00:25:17,870 --> 00:25:20,102 day that isn't dictated by a chain of 684 00:25:20,102 --> 00:25:23,211 command. Right? So a lot of what is, 685 00:25:23,944 --> 00:25:25,944 assigned to us as tasks, a lot of 686 00:25:25,944 --> 00:25:28,105 the tools we get are actually decided at 687 00:25:28,105 --> 00:25:29,464 a very high level. 688 00:25:30,265 --> 00:25:32,278 So as far as what people in the 689 00:25:32,278 --> 00:25:34,516 community can do is you have to let 690 00:25:34,516 --> 00:25:36,294 your elected officials know 691 00:25:36,673 --> 00:25:38,991 that maybe you don't like the idea of 692 00:25:38,991 --> 00:25:41,320 license plate readers. Maybe you don't like the 693 00:25:41,320 --> 00:25:43,941 idea. And basically at a community level, you 694 00:25:43,941 --> 00:25:46,561 need to make your voices heard, and I 695 00:25:46,561 --> 00:25:48,070 mean, my feeling is we're in the police 696 00:25:48,070 --> 00:25:50,000 department. If people don't 697 00:25:50,388 --> 00:25:52,290 want us to have a tool and that 698 00:25:52,290 --> 00:25:55,302 limits our effectiveness. That is their choice. Right? 699 00:25:55,778 --> 00:25:57,467 And everything should just be transparent. 700 00:25:58,013 --> 00:26:00,714 I think I probably... My perspective is a 701 00:26:00,714 --> 00:26:03,177 little skewed because I work in 1 of 702 00:26:03,177 --> 00:26:03,836 the more 703 00:26:04,369 --> 00:26:04,869 restrictive 704 00:26:05,322 --> 00:26:06,196 agencies in the country. 705 00:26:06,927 --> 00:26:09,632 But I do travel around, and I will 706 00:26:09,632 --> 00:26:12,097 tell you there is more and more attention 707 00:26:12,097 --> 00:26:14,364 being paid to the privacy 708 00:26:14,742 --> 00:26:16,817 implications of these things. But it is going 709 00:26:16,817 --> 00:26:19,473 to vary from community to community, and 710 00:26:19,851 --> 00:26:22,006 my guess is a lot of that base 711 00:26:22,006 --> 00:26:24,574 is based in the politics of different communities. 712 00:26:25,212 --> 00:26:27,763 And then at the national level, everything is 713 00:26:27,763 --> 00:26:29,917 much more murky. But I will just say, 714 00:26:30,076 --> 00:26:31,671 I I was at the Fbi for 7 715 00:26:31,671 --> 00:26:33,444 years, the people there, 716 00:26:34,244 --> 00:26:35,865 spend a lot of time 717 00:26:36,484 --> 00:26:38,644 checking, you know, dot their eyes crossing their 718 00:26:38,644 --> 00:26:40,825 t's, asking for permission. There's 719 00:26:41,219 --> 00:26:44,172 a lot more worried about violating a rule 720 00:26:44,172 --> 00:26:46,566 or a policy or doing something inappropriate than 721 00:26:46,566 --> 00:26:49,280 they are at getting the new fancy shiny 722 00:26:49,280 --> 00:26:51,130 tool. And I know that puppies aren't gonna 723 00:26:51,130 --> 00:26:53,203 match up with people's perspectives. I'm just telling 724 00:26:53,203 --> 00:26:56,713 you that was my experience there is everything 725 00:26:56,713 --> 00:26:59,127 was very slow bureaucratic and 726 00:27:00,235 --> 00:27:00,712 cautious. 727 00:27:01,586 --> 00:27:03,494 So when I hear those stories, I'm not 728 00:27:03,494 --> 00:27:05,640 saying that none of that stuff ever happens 729 00:27:05,640 --> 00:27:07,721 that people see on the Internet. But that 730 00:27:07,721 --> 00:27:10,027 has not been my experience from the inside. 731 00:27:10,185 --> 00:27:10,663 So again, 732 00:27:11,298 --> 00:27:12,411 I love my privacy. 733 00:27:13,047 --> 00:27:15,450 I'm not so worried about the government, I'm 734 00:27:15,450 --> 00:27:18,569 just worried about collection across the board. And 735 00:27:18,569 --> 00:27:21,210 then I'm worried about how cyber criminals are 736 00:27:21,210 --> 00:27:22,464 going to use that because 737 00:27:22,904 --> 00:27:25,404 statistically, what's gonna happen to me is identity 738 00:27:25,464 --> 00:27:28,284 theft, getting my accounts taken over, ex, 739 00:27:28,744 --> 00:27:29,244 harassment. 740 00:27:29,865 --> 00:27:31,944 Like that is what is, you know, 741 00:27:32,598 --> 00:27:34,832 ruining people's lives day today. That is what 742 00:27:34,912 --> 00:27:36,826 I'm concerned about for my kids. 743 00:27:37,703 --> 00:27:40,973 So I try and strike that balance because 744 00:27:41,053 --> 00:27:42,744 I do have that perspective from both sides, 745 00:27:42,904 --> 00:27:45,304 there should be accountability for any sort of 746 00:27:45,304 --> 00:27:47,865 government surveillance. And then what I keep saying 747 00:27:47,865 --> 00:27:49,944 too is we need to constantly make the 748 00:27:49,944 --> 00:27:51,625 conversation around appropriate use. 749 00:27:52,199 --> 00:27:54,754 I will also say, like, on the electronic 750 00:27:54,754 --> 00:27:55,552 surveillance side, 751 00:27:56,111 --> 00:27:58,267 there's almost nothing I can do to get 752 00:27:58,267 --> 00:28:00,502 your private data that I don't need a 753 00:28:00,502 --> 00:28:03,313 judge to approve. Right? And again, that might 754 00:28:03,313 --> 00:28:04,911 be a little different at the federal level. 755 00:28:05,391 --> 00:28:07,069 But if I wanna, you know, 756 00:28:07,948 --> 00:28:11,559 collect any of your actual private data. Or 757 00:28:11,559 --> 00:28:13,494 if I wanna hide it a hidden microphone 758 00:28:13,552 --> 00:28:15,387 or do all those things, I'm going to 759 00:28:15,387 --> 00:28:16,663 need to get an approval from a judge. 760 00:28:16,902 --> 00:28:19,055 So a lot of the things people think 761 00:28:19,055 --> 00:28:20,411 that we can do willy nilly, 762 00:28:21,063 --> 00:28:24,825 are actually already protected by a level of 763 00:28:24,882 --> 00:28:26,871 authority or a court approval. At least in 764 00:28:26,871 --> 00:28:29,440 the Us. I know it varies vastly around 765 00:28:29,656 --> 00:28:31,901 right. I think people would be surprised about 766 00:28:31,901 --> 00:28:32,401 how 767 00:28:32,857 --> 00:28:35,247 restricted we are because that's not the narrative 768 00:28:35,247 --> 00:28:35,964 on the Internet. 769 00:28:37,174 --> 00:28:38,926 Alright. So let me let me dig a 770 00:28:38,926 --> 00:28:40,439 little deeper on that and push back a 771 00:28:40,439 --> 00:28:41,952 little bit. It... What I'm hearing is, I'm 772 00:28:41,952 --> 00:28:44,103 and I wanna understand where this is coming 773 00:28:44,103 --> 00:28:45,297 from. Is this... 774 00:28:46,669 --> 00:28:49,066 Because folks in law enforcement are trained to 775 00:28:49,066 --> 00:28:52,262 be rule followers, and therefore, they they they 776 00:28:52,262 --> 00:28:53,940 follow the rules that are there, and how... 777 00:28:54,180 --> 00:28:56,030 And look to their leaders to help them 778 00:28:56,030 --> 00:28:58,662 interpret those rules and go by? Because this 779 00:28:58,662 --> 00:29:00,018 happens a lot in law enforcement from what 780 00:29:00,097 --> 00:29:01,852 I've read. Someone says, hey, could we do 781 00:29:01,852 --> 00:29:03,128 this and it goes up the chain and 782 00:29:03,128 --> 00:29:04,976 some lawyer signs off of in like, oh, 783 00:29:05,215 --> 00:29:06,965 blair signed up. We're good. Let's do this. 784 00:29:07,601 --> 00:29:08,953 And I and I think to some extent, 785 00:29:09,033 --> 00:29:10,703 this is kind of what's don't snowed and 786 00:29:10,703 --> 00:29:12,868 exposed is and they figured out some kind 787 00:29:12,868 --> 00:29:16,533 of creative ways to follow the rules, and 788 00:29:16,613 --> 00:29:18,366 I'm doing your quotes that you can't see. 789 00:29:19,097 --> 00:29:19,836 But really 790 00:29:20,210 --> 00:29:22,594 broke the spirit of those rules. What what 791 00:29:22,594 --> 00:29:23,730 does your take on 792 00:29:24,183 --> 00:29:25,931 on on that? Is it is it... Is 793 00:29:25,931 --> 00:29:27,734 it the most people wanna make sure that 794 00:29:28,013 --> 00:29:29,528 their finding stuff that's gonna stand up in 795 00:29:29,528 --> 00:29:31,043 court that's gonna be ad miss, so they 796 00:29:31,043 --> 00:29:33,036 can get the bad guys, and they wanna 797 00:29:33,036 --> 00:29:35,029 make sure that some lawyers... Somewhere signed up 798 00:29:35,029 --> 00:29:36,246 on the policy or 799 00:29:36,718 --> 00:29:38,654 are there really people in 800 00:29:39,031 --> 00:29:40,546 the law enforcement who say, you know what? 801 00:29:40,786 --> 00:29:42,540 This is... This might be legal, but it's 802 00:29:42,540 --> 00:29:45,172 not right. Or this this this seems shady. 803 00:29:45,411 --> 00:29:48,138 With with so what's your take? Yeah. So 804 00:29:48,138 --> 00:29:50,212 we actually have these conversations quite a bit. 805 00:29:50,371 --> 00:29:53,083 And and to clarify, because of my role 806 00:29:53,083 --> 00:29:54,758 in my agency is a little bit more 807 00:29:54,758 --> 00:29:56,928 of a lead role. Right? Because I've been 808 00:29:56,928 --> 00:29:58,846 doing it for a long time. So I 809 00:29:58,846 --> 00:30:01,164 am part of a lot of these conversations 810 00:30:01,164 --> 00:30:05,214 with commanders, city leaders about surveillance. Right? Cool 811 00:30:05,413 --> 00:30:07,556 we have a lot of discussions about this. 812 00:30:08,112 --> 00:30:10,518 And I will say, I've definitely witnessed 813 00:30:10,891 --> 00:30:12,820 kind what you're talking about, which is 814 00:30:13,687 --> 00:30:16,077 I'll I'll give you an imaginary example that 815 00:30:16,077 --> 00:30:16,577 reflects 816 00:30:16,954 --> 00:30:19,105 similar situations that I've seen in real life. 817 00:30:19,823 --> 00:30:20,323 So 818 00:30:20,794 --> 00:30:23,981 we have our child exploitation unit. Right? And 819 00:30:23,981 --> 00:30:27,110 there is no unit and law enforcement that 820 00:30:27,327 --> 00:30:29,989 we can... You know, more so get universally 821 00:30:30,204 --> 00:30:33,223 behind. Right? Yeah And so I'm using that 822 00:30:33,223 --> 00:30:35,607 as an example because that is the example 823 00:30:35,607 --> 00:30:36,584 where everybody, 824 00:30:36,894 --> 00:30:39,604 in the community online, everyone agrees, like, yeah, 825 00:30:39,843 --> 00:30:41,756 We need to catch these predators type of 826 00:30:41,756 --> 00:30:41,995 deal. 827 00:30:43,111 --> 00:30:44,545 1 of the dangers of doing that kind 828 00:30:44,545 --> 00:30:45,514 of work is, 829 00:30:46,229 --> 00:30:48,851 1, the detectives get burned out so quickly 830 00:30:48,851 --> 00:30:50,360 because they have to see such horrible things. 831 00:30:50,916 --> 00:30:51,552 But 2, 832 00:30:52,284 --> 00:30:54,122 You always have to be careful every time, 833 00:30:54,522 --> 00:30:56,620 anytime you have an emotional investment. 834 00:30:57,159 --> 00:30:57,659 Now 835 00:30:58,197 --> 00:31:00,035 every time I meet a victim, I have 836 00:31:00,035 --> 00:31:02,595 some level of emotional investment. Right? Because they've 837 00:31:02,595 --> 00:31:04,978 been, you know, rates stabbed robbed all these 838 00:31:04,978 --> 00:31:07,361 horrible things, but there's no level of empathy 839 00:31:07,361 --> 00:31:09,028 that's gonna be deeper than, you know, when 840 00:31:09,028 --> 00:31:10,085 a child's harmed 841 00:31:10,554 --> 00:31:11,294 And so 842 00:31:11,673 --> 00:31:13,850 what you can see in those cases sometimes 843 00:31:14,149 --> 00:31:14,649 is 844 00:31:15,188 --> 00:31:16,247 detectives or officers. 845 00:31:16,785 --> 00:31:18,875 I don't often see them color outside the 846 00:31:18,875 --> 00:31:20,869 lines, but I could see them, like you 847 00:31:20,869 --> 00:31:23,262 said, like, technically, we can do this thing. 848 00:31:23,740 --> 00:31:25,176 And if we're ever gonna do it, it 849 00:31:25,176 --> 00:31:27,010 shouldn't we do it to protect this child. 850 00:31:27,424 --> 00:31:29,342 Like that type... That's... Yeah. Right. That's the... 851 00:31:29,582 --> 00:31:31,101 In and I think that's where people would 852 00:31:31,101 --> 00:31:32,539 start to be, like, oh, that can be 853 00:31:32,539 --> 00:31:33,338 a slippery slow. 854 00:31:34,057 --> 00:31:36,135 Now in my organization, we have so many 855 00:31:36,135 --> 00:31:37,106 checks and balances. 856 00:31:37,504 --> 00:31:38,004 So 857 00:31:39,015 --> 00:31:41,799 anytime anything is on the fence, it gets 858 00:31:41,799 --> 00:31:43,231 kicked up to us and those of us 859 00:31:43,231 --> 00:31:46,285 who have been doing this longer. And just 860 00:31:46,285 --> 00:31:47,825 as my offensive 861 00:31:48,205 --> 00:31:49,984 experience helps my privacy 862 00:31:50,845 --> 00:31:54,207 perspective vice versa. Right? So I'm usually the 863 00:31:54,207 --> 00:31:56,436 person in our agency who is bringing up 864 00:31:56,436 --> 00:31:59,542 the privacy concern, and we have those conversations 865 00:31:59,542 --> 00:32:02,422 about you know, yes, technically, we can do 866 00:32:02,422 --> 00:32:05,049 this, but should we do it? Yeah. And 867 00:32:05,049 --> 00:32:07,118 when people come into my squad and we 868 00:32:07,118 --> 00:32:08,724 train that up. Train them up. That's 1 869 00:32:08,724 --> 00:32:10,474 of the first things I try and teach 870 00:32:10,474 --> 00:32:13,656 them is it's not... The first question should 871 00:32:13,656 --> 00:32:15,342 not be how can I do This? The 872 00:32:15,342 --> 00:32:17,810 first question should be should. I do this. 873 00:32:18,526 --> 00:32:18,765 Now, 874 00:32:19,402 --> 00:32:22,052 I'm not gonna say that that is something 875 00:32:22,427 --> 00:32:22,927 universal 876 00:32:23,239 --> 00:32:24,912 through law enforcement that people are doing, but 877 00:32:24,912 --> 00:32:26,904 it is something we're trying to promote. And 878 00:32:26,904 --> 00:32:29,374 just like everything else. Right? Cultures are are 879 00:32:29,374 --> 00:32:30,011 slow to change. 880 00:32:30,664 --> 00:32:33,057 But I will say most groups I've worked 881 00:32:33,057 --> 00:32:33,935 with naturally, 882 00:32:34,493 --> 00:32:36,988 seem very professional, very responsible. 883 00:32:37,779 --> 00:32:40,570 But we always will have a bad apple 884 00:32:40,570 --> 00:32:42,803 here, a bad apple there, or... I mean, 885 00:32:42,962 --> 00:32:45,275 we've all... Everyone who's listening to this has 886 00:32:45,275 --> 00:32:48,554 worked with people. Right? And in any organization, 887 00:32:48,792 --> 00:32:50,062 you're gonna have some people who are bad 888 00:32:50,062 --> 00:32:52,921 at their job. Right? Like, it just... There's 889 00:32:52,921 --> 00:32:55,009 no getting around it. So 890 00:32:55,399 --> 00:32:58,451 I do occasionally find myself cleaning up messes 891 00:32:58,669 --> 00:33:01,301 where someone got a technology they shouldn't have 892 00:33:01,301 --> 00:33:02,838 been able to get or someone 893 00:33:03,375 --> 00:33:04,491 colored outside the lines. 894 00:33:05,224 --> 00:33:06,901 And my feeling on that is we just 895 00:33:06,901 --> 00:33:09,056 have to own it. Right? Here's what happened? 896 00:33:09,455 --> 00:33:11,611 Yes. This was this was a big mess 897 00:33:11,611 --> 00:33:14,027 up, and yes, there needs to be accountability. 898 00:33:14,579 --> 00:33:16,805 We own it, have the conversation, learn from 899 00:33:16,805 --> 00:33:17,759 it and move on. 900 00:33:18,395 --> 00:33:21,417 So it is it is definitely an issue, 901 00:33:21,576 --> 00:33:22,553 but I think 902 00:33:23,022 --> 00:33:24,851 overall, my feeling is we're going in a 903 00:33:24,851 --> 00:33:28,349 good direction. We definitely have much more accountability 904 00:33:28,349 --> 00:33:30,178 and constraints than we had 10 years ago. 905 00:33:32,495 --> 00:33:34,399 Yeah. And I... To me, it almost feels 906 00:33:34,399 --> 00:33:34,637 like... 907 00:33:35,509 --> 00:33:36,938 And I guess you've been around long, if 908 00:33:36,938 --> 00:33:37,969 you may have seen this Be curious to 909 00:33:37,969 --> 00:33:38,921 know if you notice the change. 910 00:33:39,654 --> 00:33:42,291 After 09:11, there was definitely this notion of 911 00:33:42,291 --> 00:33:45,088 never again. And I I think that our 912 00:33:45,088 --> 00:33:47,245 intelligence law enforcement, certainly federal level. 913 00:33:48,137 --> 00:33:50,043 Felt that they were... That they missed it. 914 00:33:50,360 --> 00:33:52,028 That this is something they possibly could have 915 00:33:52,028 --> 00:33:54,568 prevented or mitigated and they didn't. And so 916 00:33:54,647 --> 00:33:55,918 I I think that was a lot of 917 00:33:55,918 --> 00:33:57,005 egg on the face of 918 00:33:57,442 --> 00:33:58,953 of those agencies And I think a lot 919 00:33:58,953 --> 00:34:01,180 of them over rotated the fact, okay. I'm 920 00:34:01,180 --> 00:34:02,929 never gonna let anything bad happen again, and 921 00:34:03,327 --> 00:34:04,679 I'll do whatever to make that happen. And 922 00:34:04,758 --> 00:34:05,338 I think 923 00:34:06,282 --> 00:34:07,949 I... While I understand it, it it it 924 00:34:07,949 --> 00:34:09,775 feels like being parent and your parent, and 925 00:34:09,775 --> 00:34:11,203 and in the so you, you know, you 926 00:34:11,203 --> 00:34:12,393 don't want anything bad to ever having your 927 00:34:12,393 --> 00:34:14,238 kids. But that doesn't mean you lock them 928 00:34:14,238 --> 00:34:15,911 in a box and put and put a 929 00:34:15,911 --> 00:34:17,105 camera on them all day long, so nothing 930 00:34:17,105 --> 00:34:18,379 could ever happen to them. Right? I mean, 931 00:34:18,458 --> 00:34:20,608 there's Yeah. There's freedom issues around that. And 932 00:34:20,608 --> 00:34:23,014 there's there's... Quality of life issues are around 933 00:34:23,014 --> 00:34:25,088 that. And and I think that as as 934 00:34:25,088 --> 00:34:26,625 a people, we need to 935 00:34:27,082 --> 00:34:28,619 say, you know what's it's okay 936 00:34:29,236 --> 00:34:31,331 if you don't catch everybody because 937 00:34:31,644 --> 00:34:33,480 to catch everybody, you would have to make 938 00:34:33,480 --> 00:34:35,635 our lives miserable, and we don't... And that's 939 00:34:35,635 --> 00:34:37,790 all all life worth living. So so I 940 00:34:37,790 --> 00:34:39,387 will tell you on our side, 941 00:34:40,439 --> 00:34:42,994 it is like, there is no time in 942 00:34:42,994 --> 00:34:45,149 my career where it's felt okay to not 943 00:34:45,149 --> 00:34:45,947 catch someone. 944 00:34:46,426 --> 00:34:48,741 Like it that is... I appreciate, like, that 945 00:34:48,741 --> 00:34:50,671 sentiment, but the reality is, 946 00:34:51,628 --> 00:34:54,420 basically, you know, again, probably like a lot 947 00:34:54,420 --> 00:34:55,079 of other 948 00:34:55,536 --> 00:34:56,015 jobs. 949 00:34:56,653 --> 00:34:58,887 You tend to be held accountable when you 950 00:34:58,887 --> 00:35:02,017 mess up but you tend to not really 951 00:35:02,017 --> 00:35:04,255 get credit when you're successful, Like, it's our 952 00:35:04,255 --> 00:35:06,012 mistakes that mostly rise to the surface. 953 00:35:06,732 --> 00:35:08,822 And... But I I will add this. It 954 00:35:08,822 --> 00:35:10,249 is definitely a balance. 955 00:35:10,724 --> 00:35:13,603 And, you know, the kind of the similarity 956 00:35:13,737 --> 00:35:15,402 I would use or the metaphor would be, 957 00:35:16,529 --> 00:35:19,086 in the security world, 1 of our biggest 958 00:35:19,086 --> 00:35:22,703 obstacles is the balance between convenience and security 959 00:35:22,922 --> 00:35:26,211 because they're dia opposed. Right? Mh. And this 960 00:35:26,211 --> 00:35:28,361 is a almost the same deal. 961 00:35:29,317 --> 00:35:32,343 We could definitely protect everyone more if we 962 00:35:32,343 --> 00:35:35,695 have more tools, and more regulation and more 963 00:35:35,695 --> 00:35:37,755 all of these things. But again, I don't 964 00:35:37,755 --> 00:35:39,896 wanna live in that world either. So I 965 00:35:39,896 --> 00:35:41,614 think there definitely is a bounce there in 966 00:35:41,734 --> 00:35:43,963 then I think with the conversation is where 967 00:35:43,963 --> 00:35:45,873 should that balance be? Right? 968 00:35:46,509 --> 00:35:47,009 And 969 00:35:48,021 --> 00:35:49,349 I think there's a lot of work. Then 970 00:35:49,707 --> 00:35:51,137 still to do there. And then, you know, 971 00:35:51,296 --> 00:35:53,043 we have issues about, you know, a lot 972 00:35:53,043 --> 00:35:55,824 of historical in equity. We have all sorts 973 00:35:55,824 --> 00:35:57,492 of things we need to address and deal 974 00:35:57,492 --> 00:35:59,336 with And at the end of the day, 975 00:35:59,575 --> 00:36:01,245 we... I think the most important thing is 976 00:36:01,245 --> 00:36:02,995 we all just acknowledge wow. This is a 977 00:36:02,995 --> 00:36:04,507 really complex thing. 978 00:36:05,319 --> 00:36:07,317 Yeah. And then, I'll just throw and another 979 00:36:07,317 --> 00:36:09,155 thing that's really odd about working for the 980 00:36:09,155 --> 00:36:09,554 government. 981 00:36:10,354 --> 00:36:11,253 Your top 982 00:36:11,632 --> 00:36:12,532 level leaders 983 00:36:13,231 --> 00:36:14,370 rotate through constantly. 984 00:36:14,842 --> 00:36:17,302 And some of them have no experience in 985 00:36:17,302 --> 00:36:19,865 your job. Like, mh. It is the strangest 986 00:36:20,001 --> 00:36:22,302 thing to have decisions sent down to you 987 00:36:22,302 --> 00:36:24,866 from people, who have 0 experience. 988 00:36:25,664 --> 00:36:26,403 And so 989 00:36:27,340 --> 00:36:29,415 that to me, you know, I've I've been 990 00:36:29,415 --> 00:36:31,671 doing my job for over 25 years 991 00:36:32,144 --> 00:36:34,144 I've seen a lot of that. And, you 992 00:36:34,144 --> 00:36:35,905 know, oh, we have a new elected official. 993 00:36:36,065 --> 00:36:37,985 So now we're gonna do things a different 994 00:36:37,985 --> 00:36:39,184 way. And 995 00:36:39,585 --> 00:36:41,425 I always say at work, like, could we 996 00:36:41,425 --> 00:36:43,993 plea finish some things before we start new 997 00:36:43,993 --> 00:36:44,312 things, 998 00:36:44,870 --> 00:36:47,104 we could be much more fiscal responsible if 999 00:36:47,104 --> 00:36:49,192 we weren't chasing each new ease you know, 1000 00:36:49,589 --> 00:36:52,767 officials big idea. Right. So government definitely has 1001 00:36:52,767 --> 00:36:55,468 a lot of problems. But in my experience, 1002 00:36:56,358 --> 00:36:58,512 I I think are... We have bigger issues 1003 00:36:58,512 --> 00:37:02,181 with just being not having enough resources, 1004 00:37:02,659 --> 00:37:04,335 you know, not being good at our job, 1005 00:37:04,574 --> 00:37:05,871 being inefficient 1006 00:37:06,184 --> 00:37:07,965 and kinda of being chaotic. 1007 00:37:08,744 --> 00:37:09,805 Obviously, the bureaucracy. 1008 00:37:10,905 --> 00:37:12,985 And I think those day to day are 1009 00:37:12,985 --> 00:37:15,144 the issues I see that I think we 1010 00:37:15,144 --> 00:37:17,699 should work on. And I think the other 1011 00:37:17,699 --> 00:37:19,466 issues, like the big 1012 00:37:20,155 --> 00:37:22,744 ideological issues. We just need to keep having 1013 00:37:23,103 --> 00:37:24,853 conversations. And like I said, everyone in their 1014 00:37:24,853 --> 00:37:25,353 communities 1015 00:37:25,967 --> 00:37:28,434 share your thoughts on it. Right? Because again, 1016 00:37:28,593 --> 00:37:30,583 those elected officials are the ones who are 1017 00:37:30,583 --> 00:37:32,827 gonna give me my marching or. Right? They're 1018 00:37:32,827 --> 00:37:34,103 gonna tell me what I can do, what 1019 00:37:34,183 --> 00:37:35,858 I can't do all of these things. Right? 1020 00:37:36,177 --> 00:37:36,677 And 1021 00:37:37,055 --> 00:37:39,687 what people don't realize too is often behind 1022 00:37:39,687 --> 00:37:41,282 the scenes what they don't see is that 1023 00:37:41,282 --> 00:37:44,328 same elected official meeting with me saying, hey, 1024 00:37:45,205 --> 00:37:46,561 I kinda want you to go put all 1025 00:37:46,561 --> 00:37:48,417 these cameras out or do all these things 1026 00:37:48,475 --> 00:37:50,868 because, you know, the people in my community 1027 00:37:50,868 --> 00:37:51,825 are being targeted. 1028 00:37:52,238 --> 00:37:55,649 Right? And so there's definitely a juggling act 1029 00:37:55,649 --> 00:37:57,870 we do trying to strike that balance, and 1030 00:37:57,870 --> 00:38:00,348 we're not always successful. You know, sometimes, I 1031 00:38:00,348 --> 00:38:01,940 feel like maybe we're over reaching a little 1032 00:38:01,940 --> 00:38:04,088 bit. Sometimes I feel like we're under reaching 1033 00:38:04,088 --> 00:38:05,839 and just not effective. So 1034 00:38:06,476 --> 00:38:08,545 I like the idea of each community. 1035 00:38:08,878 --> 00:38:11,905 Figuring out and sharing what they're... What they 1036 00:38:11,905 --> 00:38:15,010 want. Right? Because not all communities are the 1037 00:38:15,010 --> 00:38:17,375 same. Maybe some communities are more comfortable in 1038 00:38:17,494 --> 00:38:18,630 you know, prioritize 1039 00:38:19,085 --> 00:38:20,199 safety over privacy. 1040 00:38:20,676 --> 00:38:22,427 You know, for me, I'm about 50 50. 1041 00:38:22,824 --> 00:38:25,154 You know? I I want a reasonable 1042 00:38:26,007 --> 00:38:28,809 amount of, of support from the government. I 1043 00:38:28,809 --> 00:38:30,401 don't want them in all the aspects of 1044 00:38:30,401 --> 00:38:33,109 my life. And generally, I think regulation and 1045 00:38:33,109 --> 00:38:35,122 things like that is not a very efficient 1046 00:38:35,353 --> 00:38:36,386 way to get things done. 1047 00:38:37,420 --> 00:38:38,691 But I think I I think you make 1048 00:38:38,691 --> 00:38:39,883 a good point. And I will call call 1049 00:38:39,883 --> 00:38:41,790 out that I... That that is why that 1050 00:38:41,790 --> 00:38:44,150 is why politics and voting matter because 1051 00:38:44,667 --> 00:38:46,440 as weird as it is, I can certainly 1052 00:38:46,497 --> 00:38:48,088 understand for your perspective or having a political 1053 00:38:48,088 --> 00:38:49,441 point to you may or may not have 1054 00:38:49,441 --> 00:38:52,226 any real experience in the job that they're 1055 00:38:52,226 --> 00:38:54,394 leading or in the organization that they're leading, 1056 00:38:55,994 --> 00:38:57,755 you can as a voter as a citizen, 1057 00:38:58,075 --> 00:38:59,595 make sure that the policy is set at 1058 00:38:59,595 --> 00:39:01,035 that... The policies are set at that level. 1059 00:39:01,275 --> 00:39:03,204 And so if you if you wanna change 1060 00:39:03,204 --> 00:39:05,193 policies, that is your avenue to do so. 1061 00:39:05,989 --> 00:39:07,977 And so I guess, maybe that's why they 1062 00:39:07,977 --> 00:39:08,852 set it up the way they do. Don't 1063 00:39:08,932 --> 00:39:09,170 I don't know. 1064 00:39:10,302 --> 00:39:11,440 Okay. We could fly, 1065 00:39:11,817 --> 00:39:13,891 on this kind stuff for hours. Absolutely. They 1066 00:39:13,891 --> 00:39:15,725 probably better done over several drinks at a 1067 00:39:15,725 --> 00:39:18,516 bar. So. Let's let's move on to some 1068 00:39:18,516 --> 00:39:20,687 more practical matters. If if I wanna do 1069 00:39:20,687 --> 00:39:22,284 a full dossier on somebody, and, you know, 1070 00:39:22,363 --> 00:39:23,481 okay. Fine. Let's say it's me. 1071 00:39:24,359 --> 00:39:26,435 Just just to see what's out there, and 1072 00:39:26,435 --> 00:39:28,511 maybe to make, you know, settle people's nerves 1073 00:39:28,511 --> 00:39:29,561 about the other I think of it. So 1074 00:39:29,561 --> 00:39:30,934 if I if I to a full dossier 1075 00:39:31,070 --> 00:39:32,419 myself. If I wanna find out what's out 1076 00:39:32,419 --> 00:39:34,030 there. What information 1077 00:39:34,563 --> 00:39:36,389 is most helpful as a starting point? Is 1078 00:39:36,389 --> 00:39:38,232 it my of email address? Is it my 1079 00:39:38,232 --> 00:39:40,619 full name? Is it my cell phone number, 1080 00:39:41,096 --> 00:39:43,960 social media handles? Maybe social security and would 1081 00:39:43,960 --> 00:39:45,573 them might be harder to get. What 1082 00:39:45,963 --> 00:39:47,946 what what information is is best at a 1083 00:39:47,946 --> 00:39:49,612 starting point which could be most revealing and 1084 00:39:49,612 --> 00:39:51,358 then kinda walk me through the progression of 1085 00:39:51,358 --> 00:39:53,182 how I would... How Would go about how 1086 00:39:53,182 --> 00:39:53,738 you would go about. 1087 00:39:54,389 --> 00:39:56,630 Saying, okay. I'm gonna I'm gonna do a 1088 00:39:56,630 --> 00:39:58,150 full thing on Kerry parker. What would I 1089 00:39:58,150 --> 00:39:58,309 do? 1090 00:39:59,429 --> 00:40:00,569 Yeah. So 1091 00:40:01,030 --> 00:40:02,389 a good way to think about this is. 1092 00:40:03,043 --> 00:40:05,908 Every time you create an account online. Every 1093 00:40:05,908 --> 00:40:06,885 time you 1094 00:40:07,261 --> 00:40:09,410 get an app. Every time you do anything 1095 00:40:09,410 --> 00:40:11,797 that involves the Internet, What does it usually 1096 00:40:11,797 --> 00:40:13,724 ask you for? And it's almost always gonna 1097 00:40:13,724 --> 00:40:15,317 ask you for an email address or a 1098 00:40:15,317 --> 00:40:15,875 phone number. 1099 00:40:16,512 --> 00:40:17,012 Therefore, 1100 00:40:17,708 --> 00:40:20,430 almost all online accounts in court content tied 1101 00:40:20,430 --> 00:40:22,202 to individuals are associated, 1102 00:40:22,975 --> 00:40:25,996 almost always with an email address. And because 1103 00:40:25,996 --> 00:40:28,318 email addresses tend to be unique, content Right? 1104 00:40:28,558 --> 00:40:30,153 Like, you don't have 10 people with the 1105 00:40:30,153 --> 00:40:32,865 same email addresses. The combination of that being 1106 00:40:32,865 --> 00:40:35,736 so ubiquitous and being a unique identifier almost 1107 00:40:35,736 --> 00:40:38,644 always makes that. I would say my favorite 1108 00:40:38,940 --> 00:40:41,805 lead like investigative lead or intelligence lead. 1109 00:40:42,362 --> 00:40:44,511 Now phone numbers are very important too because 1110 00:40:44,511 --> 00:40:46,856 every all the credit sector 1111 00:40:47,232 --> 00:40:49,539 on the tech side wants people in the 1112 00:40:49,539 --> 00:40:51,392 mobile ecosystem. So 1113 00:40:51,767 --> 00:40:55,052 almost every major social media platform is forcing 1114 00:40:55,124 --> 00:40:58,317 people into giving phone numbers. Because they want 1115 00:40:58,317 --> 00:40:59,912 to me on your mobile phone. They want 1116 00:40:59,912 --> 00:41:01,588 to me in your face every 30 seconds 1117 00:41:01,588 --> 00:41:04,574 all day long. Right? People So phone numbers 1118 00:41:04,951 --> 00:41:06,942 can be useful. 1 of the challenges with 1119 00:41:06,942 --> 00:41:10,684 phone numbers doing Os work is there in 1120 00:41:10,684 --> 00:41:13,493 so many different. Formats. Mh. So when you're 1121 00:41:13,493 --> 00:41:14,851 trying to search for them, it can be 1122 00:41:14,851 --> 00:41:16,449 pretty rough. And this is 1 of the 1123 00:41:16,449 --> 00:41:18,766 reasons I I prefer an email address because 1124 00:41:18,766 --> 00:41:21,259 sometimes they'll have parenthesis. Sometimes they'll of dots 1125 00:41:21,259 --> 00:41:21,998 and hyphen. 1126 00:41:22,697 --> 00:41:25,173 The plus or plus country code. Yeah. Exactly. 1127 00:41:25,413 --> 00:41:28,463 And then the other issue is of because 1128 00:41:28,463 --> 00:41:30,536 it's so easy to port numbers now and 1129 00:41:30,536 --> 00:41:33,170 people use V numbers, voice over Ip numbers 1130 00:41:33,170 --> 00:41:33,989 so often 1131 00:41:34,366 --> 00:41:36,475 that We get a lot of 1132 00:41:37,409 --> 00:41:39,320 misinformation when we search at phone numbers. Because 1133 00:41:39,320 --> 00:41:41,073 the phone number I have on my burner 1134 00:41:41,073 --> 00:41:43,622 app this year might have... Have been your 1135 00:41:43,622 --> 00:41:45,070 cell number last year. 1136 00:41:45,786 --> 00:41:48,092 So the numbers are a lot more dynamic. 1137 00:41:48,648 --> 00:41:51,590 Mh. And then, obviously, any sort of social 1138 00:41:51,590 --> 00:41:54,135 media lead. So usually might... If I your 1139 00:41:54,135 --> 00:41:55,664 email usually, that will get me to your 1140 00:41:55,664 --> 00:41:58,293 social media accounts, but obviously, 5 year Twitter, 1141 00:41:58,453 --> 00:41:59,807 Facebook, all of those things. 1142 00:42:00,524 --> 00:42:02,675 If you... As far as names, and that 1143 00:42:02,675 --> 00:42:04,784 could be a real name or a username, 1144 00:42:05,323 --> 00:42:08,119 they're only valuable from an offensive perspective if 1145 00:42:08,119 --> 00:42:10,677 they're unique. Right? So if you're Dan Smith, 1146 00:42:11,076 --> 00:42:13,083 like that does nothing me unless I can 1147 00:42:13,083 --> 00:42:14,672 narrow it down, like geographically. 1148 00:42:15,149 --> 00:42:17,533 Same. If you're sniper 22, 1149 00:42:17,851 --> 00:42:19,520 that's probably not gonna do a lot too 1150 00:42:19,520 --> 00:42:21,295 for for me. But if you have a 1151 00:42:21,295 --> 00:42:22,514 very unique username 1152 00:42:22,974 --> 00:42:26,414 or a unique real, and especially if I 1153 00:42:26,414 --> 00:42:29,219 get any kind of other filtering factors such 1154 00:42:29,219 --> 00:42:31,998 as your hometown. Then I'm gonna be pretty 1155 00:42:31,998 --> 00:42:34,459 much good to go. So typically, how we 1156 00:42:34,459 --> 00:42:36,523 do these things, we take whatever, we call 1157 00:42:36,523 --> 00:42:37,054 it seal 1158 00:42:37,734 --> 00:42:40,375 information. It is our lead. Right? Like, you... 1159 00:42:40,614 --> 00:42:43,094 Let's say you sent in an email threat 1160 00:42:43,094 --> 00:42:44,947 to a public official. They give me a 1161 00:42:44,947 --> 00:42:46,463 copy of the email. I'm gonna look at 1162 00:42:46,463 --> 00:42:48,797 the body of the text for any vernacular 1163 00:42:48,855 --> 00:42:51,088 that's interesting. But largely, the first thing I'm 1164 00:42:51,088 --> 00:42:52,603 going to do is I'm gonna search that 1165 00:42:52,603 --> 00:42:54,714 email address. I'm gonna see what its 1166 00:42:55,093 --> 00:42:57,411 reputation is? And that means how long has 1167 00:42:57,411 --> 00:42:59,009 it been seen on the Internet. Where has 1168 00:42:59,009 --> 00:43:00,607 it been used? Then I'm gonna find the 1169 00:43:00,607 --> 00:43:03,018 social media accounts. And then I'm gonna burst 1170 00:43:03,018 --> 00:43:06,848 image search, your profile photos. Right? Because what 1171 00:43:06,848 --> 00:43:09,401 is a profile photo? It's the photo everyone 1172 00:43:09,401 --> 00:43:11,815 uses on their accounts because it looks better 1173 00:43:11,815 --> 00:43:14,295 than they actually look in real life. Right? 1174 00:43:15,014 --> 00:43:17,335 So we have all those techniques, and then 1175 00:43:17,335 --> 00:43:19,583 that's called pivoting all So basically, I... If 1176 00:43:19,822 --> 00:43:22,208 Find 1 of your accounts, I'll collect other 1177 00:43:22,208 --> 00:43:24,833 leads off of that and pivot, search on 1178 00:43:24,833 --> 00:43:25,151 those. 1179 00:43:25,643 --> 00:43:28,339 And pretty soon. I've got a Dossier or 1180 00:43:28,339 --> 00:43:30,956 a report, listing all your accounts, your addresses, 1181 00:43:31,114 --> 00:43:33,748 your employer, your family members, all of those 1182 00:43:33,748 --> 00:43:35,982 things. And that would usually be referred to 1183 00:43:35,982 --> 00:43:38,376 as like a due diligence reports. Like, something 1184 00:43:38,376 --> 00:43:40,051 you would do when your background someone, 1185 00:43:40,862 --> 00:43:42,690 but often what we tell people to do 1186 00:43:42,690 --> 00:43:45,414 on the privacy side is, do your own 1187 00:43:45,709 --> 00:43:47,377 intelligence report on yourself. 1188 00:43:47,949 --> 00:43:50,269 I hop onto our site, use our tools, 1189 00:43:51,309 --> 00:43:53,250 start collecting all your exposures. 1190 00:43:54,349 --> 00:43:56,110 Absolutely make sure you store this in a 1191 00:43:56,110 --> 00:43:58,121 safe location. Don't put it in the cloud, 1192 00:43:58,360 --> 00:44:00,513 don't put it online. I like putting it 1193 00:44:00,513 --> 00:44:01,789 in a paper journal, and I could say, 1194 00:44:01,869 --> 00:44:03,782 okay. These 10 sites have my home address. 1195 00:44:03,942 --> 00:44:06,255 These 2 sites have my phone number. These 1196 00:44:06,255 --> 00:44:08,336 put 5 sites have my kids names. Right? 1197 00:44:08,574 --> 00:44:10,879 Mh. And then we would go through and 1198 00:44:10,879 --> 00:44:13,342 triage that. And then on our site, we 1199 00:44:13,342 --> 00:44:16,784 also have a full free guide on how 1200 00:44:16,784 --> 00:44:19,444 to request that your data be taken off 1201 00:44:19,505 --> 00:44:21,744 people search engines, and people search engines are 1202 00:44:21,744 --> 00:44:24,065 essentially sites populated by data brokers, 1203 00:44:25,117 --> 00:44:27,269 So we've got the top 200 data brokers. 1204 00:44:27,428 --> 00:44:28,942 We tell you how you can go out 1205 00:44:28,942 --> 00:44:31,571 and have your information removed or at least 1206 00:44:31,571 --> 00:44:31,890 try. 1207 00:44:32,448 --> 00:44:34,382 But I'll warn everyone. No 1 1208 00:44:35,014 --> 00:44:37,411 Well, definitely no 1 my age. Right? And 1209 00:44:37,491 --> 00:44:38,930 I started in the nineties, so you can 1210 00:44:38,930 --> 00:44:40,208 probably guess how will that. No 1 my 1211 00:44:40,208 --> 00:44:41,806 age is gonna clean all their information off 1212 00:44:41,806 --> 00:44:43,245 the Internet. It's just not possible. 1213 00:44:44,058 --> 00:44:46,213 But you can clean a lot of it, 1214 00:44:46,612 --> 00:44:48,287 and it's definitely the type of thing we 1215 00:44:48,287 --> 00:44:49,644 recommend people do themselves. 1216 00:44:50,202 --> 00:44:52,292 And it's also a good way. You know, 1217 00:44:52,371 --> 00:44:53,887 you talked about knowing both sides. 1218 00:44:54,445 --> 00:44:55,641 This is a way. If you do your 1219 00:44:55,641 --> 00:44:57,556 yourself assessment, you can use the tools off 1220 00:44:57,556 --> 00:45:00,347 our site, you can kinda try your hand 1221 00:45:00,347 --> 00:45:03,330 at doing a little o source intelligence while 1222 00:45:03,784 --> 00:45:05,850 improving your personal privacy and security, 1223 00:45:06,407 --> 00:45:08,870 because you're gonna basically figure out what your 1224 00:45:08,870 --> 00:45:11,519 fin exposure is. Right? Your tax surface. 1225 00:45:11,998 --> 00:45:13,914 And then we're gonna, you know, give you 1226 00:45:13,914 --> 00:45:16,787 some free documents and go buys and guides 1227 00:45:16,787 --> 00:45:17,825 to help you clean those up. 1228 00:45:18,956 --> 00:45:20,630 What are some ways the people over share? 1229 00:45:20,949 --> 00:45:22,622 I'm thinking particularly social media, but it may 1230 00:45:22,622 --> 00:45:24,454 happen other places too. You know, 1 of 1231 00:45:24,454 --> 00:45:26,701 the reasons that I always hate the idea 1232 00:45:26,701 --> 00:45:28,636 of the 3 security questions 1233 00:45:29,093 --> 00:45:31,644 you know, for account recovery is most of 1234 00:45:31,644 --> 00:45:33,239 that information you can probably find on somebody's 1235 00:45:33,318 --> 00:45:34,036 Facebook feed. 1236 00:45:34,688 --> 00:45:36,118 What town they grew up in? What was 1237 00:45:36,118 --> 00:45:38,342 their dog's name in high school? What was, 1238 00:45:38,421 --> 00:45:40,883 you know, what's their maiden name? You know, 1239 00:45:40,963 --> 00:45:42,630 what... You, a lot of that information, what 1240 00:45:42,630 --> 00:45:43,901 school do they go to an elementary school? 1241 00:45:44,234 --> 00:45:45,821 You know, some people over share a lot 1242 00:45:45,821 --> 00:45:47,250 of that stuff. And and I would think 1243 00:45:47,250 --> 00:45:48,360 that a lot of information, if you knew 1244 00:45:48,360 --> 00:45:49,313 what you were doing, you could find it. 1245 00:45:49,472 --> 00:45:51,321 So how do people trip up 1246 00:45:52,505 --> 00:45:54,413 in in the Os world and give away 1247 00:45:54,413 --> 00:45:56,082 too much information. What are some common ways 1248 00:45:56,082 --> 00:45:56,957 that people over share? 1249 00:45:58,229 --> 00:45:59,740 I think social media is at the top. 1250 00:45:59,993 --> 00:46:02,533 I mean, really everything you do on social 1251 00:46:02,533 --> 00:46:05,390 media is exposing you. Right? Unless you are 1252 00:46:05,390 --> 00:46:08,661 doing it under a... Fake identity like an 1253 00:46:08,661 --> 00:46:10,727 alias or we call those burner accounts or 1254 00:46:10,727 --> 00:46:13,269 puppet accounts. And even then you're still gonna 1255 00:46:13,269 --> 00:46:15,270 probably be connected to people in your lives 1256 00:46:15,270 --> 00:46:17,175 and those human connections are things that can 1257 00:46:17,175 --> 00:46:18,048 be exploited. 1258 00:46:18,603 --> 00:46:21,619 So 1 of the, you know, most prolific 1259 00:46:21,619 --> 00:46:24,096 cyber crimes obviously are things like for fishing 1260 00:46:24,096 --> 00:46:26,005 and things like that. And sometimes what people 1261 00:46:26,005 --> 00:46:27,221 don't realize is 1262 00:46:27,675 --> 00:46:30,434 the person who targets you, you have maybe 1263 00:46:30,633 --> 00:46:33,248 come into their cross hairs because they've already 1264 00:46:33,248 --> 00:46:35,309 victim someone else in your life and because 1265 00:46:35,309 --> 00:46:38,336 all of our interconnection are online, we like, 1266 00:46:38,495 --> 00:46:41,194 if someone in my group gets exposed, we're 1267 00:46:41,194 --> 00:46:44,290 all typically then attacked. Right? It's definitely a 1268 00:46:44,290 --> 00:46:46,132 a weakest link. Thing. 1269 00:46:46,769 --> 00:46:48,360 So I mean it's sort of a tough 1270 00:46:48,360 --> 00:46:50,907 question because the honest answer is all the 1271 00:46:50,907 --> 00:46:54,032 over sharing online is problematic from a defensive 1272 00:46:54,248 --> 00:46:54,748 perspective 1273 00:46:55,380 --> 00:46:57,300 the thing is, though, and I... I'm not 1274 00:46:57,300 --> 00:46:59,380 the guy who's around when I'm doing my, 1275 00:46:59,460 --> 00:47:01,140 you know, my keynote and my privacy events. 1276 00:47:01,380 --> 00:47:02,739 I'm not the guy who says, if you're 1277 00:47:02,739 --> 00:47:04,590 on the Internet, You're dumb. You need to 1278 00:47:04,590 --> 00:47:05,622 get off the internet. Right? 1279 00:47:06,416 --> 00:47:06,916 So 1280 00:47:07,686 --> 00:47:09,670 I acknowledge... Like, because I'm a middle of 1281 00:47:09,670 --> 00:47:11,893 the road guy. I mean, honestly, once you 1282 00:47:11,893 --> 00:47:13,818 have kids, your ability, d to be private 1283 00:47:13,818 --> 00:47:16,615 as. Right. Shy anyway. Right. Right. Because you 1284 00:47:16,615 --> 00:47:19,012 got all the, you know, soccer leagues and 1285 00:47:19,012 --> 00:47:22,063 pot legs and and other parents could But 1286 00:47:22,063 --> 00:47:23,438 what I would say is 1287 00:47:24,769 --> 00:47:27,954 having your accounts is fine, but so few 1288 00:47:27,954 --> 00:47:29,920 of us go through and check all the 1289 00:47:30,039 --> 00:47:32,984 privacy and security settings. Mh. And the nice 1290 00:47:32,984 --> 00:47:34,576 thing is, in the last 10 years, the 1291 00:47:34,576 --> 00:47:37,203 privacy and security settings have become much more 1292 00:47:37,203 --> 00:47:37,601 intuitive, 1293 00:47:38,172 --> 00:47:39,602 but we still have to check them because 1294 00:47:39,602 --> 00:47:41,985 we all know every time Microsoft doesn't update 1295 00:47:41,985 --> 00:47:45,638 or Meta doesn't update. Like, magically boxes get 1296 00:47:45,638 --> 00:47:47,329 unchecked. Right? Yeah We 1297 00:47:47,798 --> 00:47:50,029 check all those. So I don't think it's 1298 00:47:50,029 --> 00:47:52,578 generally a problem to have social media and 1299 00:47:52,578 --> 00:47:54,570 things like that. Social media is definitely your 1300 00:47:54,570 --> 00:47:56,641 probably your biggest exposure for most people. 1301 00:47:57,213 --> 00:48:00,235 If you go in and lock it down 1302 00:48:00,235 --> 00:48:02,884 so that you are controlling who can see 1303 00:48:02,940 --> 00:48:03,179 what? 1304 00:48:04,148 --> 00:48:05,656 We don't. I will tell you on the 1305 00:48:05,656 --> 00:48:06,632 offensive side 1306 00:48:07,005 --> 00:48:08,911 because, right, I'm a good guy. We don't 1307 00:48:08,911 --> 00:48:11,688 hack people. We're not cracking code. We're not 1308 00:48:11,688 --> 00:48:13,849 doing any of that stuff. So if it's 1309 00:48:13,849 --> 00:48:17,349 private, it's private. Right? Mh. And I I 1310 00:48:17,349 --> 00:48:18,940 have people that come to me for training 1311 00:48:18,940 --> 00:48:20,468 and and they're, like, tell... How to get 1312 00:48:20,468 --> 00:48:21,983 to all the stuff that's private and the 1313 00:48:21,983 --> 00:48:23,976 first thing I say is, if it's private, 1314 00:48:24,136 --> 00:48:26,289 even if we could get to it, legally 1315 00:48:26,289 --> 00:48:28,681 we can't get to. Right? So unless we 1316 00:48:28,681 --> 00:48:30,855 get owns warrant or a subpoena or something 1317 00:48:30,855 --> 00:48:31,894 like that from a court. 1318 00:48:32,534 --> 00:48:34,775 It doesn't matter that, you know, figuring out 1319 00:48:34,775 --> 00:48:36,934 the technique because we are not hackers, 1320 00:48:37,349 --> 00:48:39,750 Right? We are not breaking into people's account. 1321 00:48:40,070 --> 00:48:42,550 What we are is very, very good at 1322 00:48:42,550 --> 00:48:44,329 finding the stuff that is 1323 00:48:44,710 --> 00:48:45,109 public. 1324 00:48:45,761 --> 00:48:48,299 So right. Your best move on the defensive 1325 00:48:48,299 --> 00:48:51,076 side is make as much not public as 1326 00:48:51,076 --> 00:48:51,472 possible. 1327 00:48:51,948 --> 00:48:55,239 Right? So checking settings, I often say, you 1328 00:48:55,239 --> 00:48:56,440 know, when I'm talking to groups. 1329 00:48:57,799 --> 00:48:59,639 If you do just a few things, you 1330 00:48:59,639 --> 00:49:02,233 can mitigate 98 percent of your privacy and 1331 00:49:02,450 --> 00:49:04,921 security exposures. So 1 thing is checking all 1332 00:49:04,921 --> 00:49:07,631 your accounts and device settings, Just checking them 1333 00:49:07,631 --> 00:49:09,146 and making logical choices, 1334 00:49:09,719 --> 00:49:11,318 do it periodically as you said because they 1335 00:49:11,318 --> 00:49:14,434 change. Yes. And then as you know, using 1336 00:49:14,434 --> 00:49:17,231 a password manager and having unique long past 1337 00:49:17,231 --> 00:49:18,590 phrases on all your accounts. 1338 00:49:19,242 --> 00:49:21,544 Eliminates another, like, 50 percent of all attacks. 1339 00:49:21,703 --> 00:49:23,687 And then if you have multi factor authentication. 1340 00:49:23,925 --> 00:49:26,148 If you do all 3 of those things, 1341 00:49:26,639 --> 00:49:28,228 And then the fourth 1 I always tack 1342 00:49:28,228 --> 00:49:30,215 on to is listening to your gut. 1343 00:49:30,850 --> 00:49:32,304 So anything that 1344 00:49:32,678 --> 00:49:35,644 communication that is urgent, is almost certainly fishing 1345 00:49:35,644 --> 00:49:36,525 or a scam. Right? 1346 00:49:37,164 --> 00:49:38,445 If you do those 4 things, 1347 00:49:39,005 --> 00:49:41,105 check your settings on accounts and devices 1348 00:49:41,499 --> 00:49:45,175 password manager, all new, long, unique passcode on 1349 00:49:45,175 --> 00:49:45,654 your accounts. 1350 00:49:46,453 --> 00:49:48,051 Mfa on every account that takes it and 1351 00:49:48,051 --> 00:49:51,014 listen to your gut. Your 98 percent bulletproof 1352 00:49:51,014 --> 00:49:53,639 on the Internet. So, you know, because a 1353 00:49:53,639 --> 00:49:55,070 lot of the groups I talked to you 1354 00:49:55,070 --> 00:49:55,570 aren't 1355 00:49:56,279 --> 00:49:59,148 like, technically advanced folks. Right? They're from the 1356 00:49:59,148 --> 00:50:01,857 insurance industry or accountants or those different things. 1357 00:50:02,494 --> 00:50:03,863 That's what I always like to leave them 1358 00:50:03,863 --> 00:50:05,692 with, and that's the same advice I give 1359 00:50:05,692 --> 00:50:07,919 my mother lots, the same advice I give 1360 00:50:07,919 --> 00:50:10,066 friends who don't work in this industry. If 1361 00:50:10,066 --> 00:50:11,418 you do those 4 things, you don't have 1362 00:50:11,418 --> 00:50:13,428 to overcome them locate it. Because what I 1363 00:50:13,428 --> 00:50:14,327 found is, 1364 00:50:14,706 --> 00:50:16,704 you know, if you try to do extreme 1365 00:50:16,704 --> 00:50:18,402 privacy like Michael 1366 00:50:19,340 --> 00:50:19,740 Biz patel. 1367 00:50:20,713 --> 00:50:22,631 1, you're probably gonna fail. 2, you're gonna 1368 00:50:22,631 --> 00:50:23,530 be super frustrated. 1369 00:50:24,229 --> 00:50:27,677 3, he works on that every single. Day. 1370 00:50:27,915 --> 00:50:31,248 It is a lifestyle. So I think setting 1371 00:50:31,248 --> 00:50:33,098 reasonable goals and reasonable 1372 00:50:33,630 --> 00:50:34,844 expectations in 1373 00:50:35,313 --> 00:50:37,788 in the metaphor I was used is I 1374 00:50:37,788 --> 00:50:40,183 love hiking. Right? That's my favorite personal hobby. 1375 00:50:40,423 --> 00:50:42,339 I know, again, weird to talk about private 1376 00:50:42,339 --> 00:50:44,988 things in the public space, but for context, 1377 00:50:45,228 --> 00:50:47,701 I love hiking. So where I typically hike 1378 00:50:47,701 --> 00:50:49,695 his bear country, and I have friends who 1379 00:50:49,695 --> 00:50:51,871 carry, like 40 fours is in their belt 1380 00:50:52,024 --> 00:50:53,379 and that always makes me laugh a little 1381 00:50:53,379 --> 00:50:56,168 bit because even in law enforcement, most people 1382 00:50:56,168 --> 00:50:58,160 can't hit shoot very well under heavy stress. 1383 00:50:58,558 --> 00:51:00,730 Nobody's gonna... Hit a bear when it's running 1384 00:51:00,809 --> 00:51:03,369 Adam unless they train all the time. So 1385 00:51:03,369 --> 00:51:04,670 my rule of thumb is 1386 00:51:05,050 --> 00:51:06,969 hike in a group. Don't be the slowest 1387 00:51:06,969 --> 00:51:09,005 runner. Right? So cyber 1388 00:51:09,304 --> 00:51:10,105 is the same. 1389 00:51:10,744 --> 00:51:13,864 It's not about being completely bulletproof. It's about 1390 00:51:13,864 --> 00:51:16,585 just being better protected than everyone else. 1391 00:51:17,717 --> 00:51:19,071 Well, I... And the other thing I wanna 1392 00:51:19,071 --> 00:51:19,868 a call back to you that you said 1393 00:51:19,868 --> 00:51:21,142 that I think is it's important that I 1394 00:51:21,142 --> 00:51:22,757 like to call attention to do is that 1395 00:51:22,974 --> 00:51:25,523 privacy and security are we things not me 1396 00:51:25,523 --> 00:51:27,613 things. They we... That your security and your 1397 00:51:27,613 --> 00:51:29,871 privacy overlap mine. If you 1398 00:51:30,730 --> 00:51:32,967 if you mess up, then you you make 1399 00:51:32,967 --> 00:51:35,045 me vulnerable. But by the same token, if 1400 00:51:35,045 --> 00:51:37,522 if If you do better, you make things 1401 00:51:37,522 --> 00:51:38,156 better for me too, 1402 00:51:38,949 --> 00:51:41,011 and in vice versa. So it's important that 1403 00:51:41,090 --> 00:51:42,597 I think that even if you don't worry 1404 00:51:42,597 --> 00:51:45,161 about yourself, It's important to understand that everybody 1405 00:51:45,161 --> 00:51:47,555 in your social graph is also affected by 1406 00:51:47,555 --> 00:51:48,512 what you do or don't do. 1407 00:51:49,710 --> 00:51:51,785 It and it does spread like in a... 1408 00:51:51,959 --> 00:51:54,672 Good way. Right? Like we Right. Like, my 1409 00:51:54,672 --> 00:51:57,785 oldest is in college now. And for her, 1410 00:51:58,264 --> 00:51:59,994 the things she used to I at me 1411 00:52:00,114 --> 00:52:01,383 or every once in a while, I'll see, 1412 00:52:01,463 --> 00:52:04,081 like, kinda pop up, just some things she 1413 00:52:04,081 --> 00:52:06,223 picked up, Like, when she was in, you 1414 00:52:06,223 --> 00:52:08,047 know, a sophomore in high school, while she 1415 00:52:08,047 --> 00:52:10,238 could... Or cared about was getting to Netflix 1416 00:52:10,297 --> 00:52:13,573 without dad's firewall blocking her. But now, I 1417 00:52:13,573 --> 00:52:15,970 see her interacting, like, with her friends and 1418 00:52:15,970 --> 00:52:17,983 helping people with their password managers and all 1419 00:52:17,983 --> 00:52:19,820 of those things. So I think even if 1420 00:52:19,820 --> 00:52:21,040 you don't see it in the moment 1421 00:52:21,419 --> 00:52:23,736 by walking the walk in our friend groups 1422 00:52:23,736 --> 00:52:24,795 and family groups 1423 00:52:25,108 --> 00:52:28,290 like we are infecting those around us with 1424 00:52:28,290 --> 00:52:29,881 good digital hygiene habits. 1425 00:52:30,677 --> 00:52:30,915 Right. 1426 00:52:32,202 --> 00:52:33,948 Okay. So we we talked about social media 1427 00:52:33,948 --> 00:52:35,773 and things that we actually kinda actively do. 1428 00:52:35,931 --> 00:52:37,518 But there's another area of that I wanna 1429 00:52:37,518 --> 00:52:38,787 make sure we talk about, and that's something 1430 00:52:38,787 --> 00:52:40,136 big... I think a lot of people don't... 1431 00:52:40,628 --> 00:52:42,137 I have a good grasp on. That is 1432 00:52:42,137 --> 00:52:44,441 public records like government public records. 1433 00:52:44,997 --> 00:52:46,506 This is the reason why if you're get 1434 00:52:46,506 --> 00:52:47,936 in a car accident, All of a sudden 1435 00:52:47,936 --> 00:52:49,781 you're getting all these you know, email some 1436 00:52:49,781 --> 00:52:52,331 lawyers wanting to represent you or, yeah, you 1437 00:52:52,331 --> 00:52:54,642 know, when you get divorced or buy a 1438 00:52:54,642 --> 00:52:56,157 new house, you get all these things for 1439 00:52:56,316 --> 00:52:57,922 He lock, And, you know, it... There are 1440 00:52:57,922 --> 00:52:59,854 public records that expose you. So 1441 00:53:00,309 --> 00:53:02,139 in in the old days though, when I 1442 00:53:02,139 --> 00:53:03,490 say old days, I mean, like, you know, 1443 00:53:03,650 --> 00:53:04,854 because when we were young, You know, maybe 1444 00:53:04,854 --> 00:53:06,280 were 20, 30 years ago, you would have 1445 00:53:06,280 --> 00:53:08,024 to to get a public record, they were 1446 00:53:08,024 --> 00:53:09,847 public, but you'd have to, like, physically walk 1447 00:53:09,847 --> 00:53:12,005 down to the county courthouse when file a 1448 00:53:12,005 --> 00:53:13,755 form, wait a few minutes, maybe for lucky 1449 00:53:13,755 --> 00:53:15,345 and get and get a copy of something 1450 00:53:15,345 --> 00:53:16,936 and and maybe Pay fee. Or, you know, 1451 00:53:17,015 --> 00:53:19,242 maybe you could actually maybe even back then 1452 00:53:19,242 --> 00:53:21,569 you could send a mail. You something through 1453 00:53:21,569 --> 00:53:23,563 snail mail to to get a record. But 1454 00:53:23,563 --> 00:53:24,918 today, they're all online. And a lot of 1455 00:53:24,918 --> 00:53:27,470 times they're all free. What is the implication 1456 00:53:27,470 --> 00:53:28,826 to our privacy for that? 1457 00:53:29,478 --> 00:53:31,547 Like, what kind of public records maybe we 1458 00:53:31,547 --> 00:53:33,536 not thinking about that the where we could 1459 00:53:33,536 --> 00:53:34,332 be exposed. 1460 00:53:34,809 --> 00:53:36,400 The that are freely available? Your voting record, 1461 00:53:36,480 --> 00:53:39,281 for example, property taxes? There's so many things 1462 00:53:39,281 --> 00:53:42,093 that are online. Help us understand what that 1463 00:53:42,311 --> 00:53:44,485 that attack service looks like. And then 1464 00:53:45,181 --> 00:53:46,695 should we... Do we make a mistake? Like, 1465 00:53:47,189 --> 00:53:48,387 is it a bad thing to have all 1466 00:53:48,387 --> 00:53:50,145 this personal stuff that available show? We be 1467 00:53:50,145 --> 00:53:52,302 rate limiting people, so they're not being scraped 1468 00:53:52,302 --> 00:53:53,820 or, you know, I don't know what other 1469 00:53:53,820 --> 00:53:54,460 defenses is against this? 1470 00:53:55,275 --> 00:53:57,355 Yeah. I've I have strong feelings about this. 1471 00:53:57,515 --> 00:53:58,015 So, 1472 00:53:58,394 --> 00:54:00,474 I actually spend a lot of time in 1473 00:54:00,474 --> 00:54:01,295 my days 1474 00:54:01,755 --> 00:54:05,275 responding to things like, Fo. Right? Because. My 1475 00:54:05,275 --> 00:54:07,842 state that I'm in has a a pretty 1476 00:54:08,137 --> 00:54:09,330 overly broad, 1477 00:54:10,125 --> 00:54:11,579 fo and public disclosure 1478 00:54:11,954 --> 00:54:12,272 law. 1479 00:54:12,844 --> 00:54:15,228 And so we basically give everything. So anyone 1480 00:54:15,228 --> 00:54:18,192 can basically request anything they want from my 1481 00:54:18,248 --> 00:54:20,156 agency and we red reject almost nothing. 1482 00:54:21,049 --> 00:54:24,346 And that can be very problematic right? Because 1483 00:54:24,565 --> 00:54:26,403 if you're 1 of our customers, and in 1484 00:54:26,403 --> 00:54:28,101 my case, that might mean you're a victim 1485 00:54:28,161 --> 00:54:28,880 or a witness. 1486 00:54:29,534 --> 00:54:32,004 We're gonna just give away your details. Right? 1487 00:54:32,243 --> 00:54:34,473 So you're the the witness of a shooting. 1488 00:54:34,633 --> 00:54:36,679 You haven't done anything wrong, but we collected 1489 00:54:36,878 --> 00:54:39,185 your personal information so we can contact you 1490 00:54:39,185 --> 00:54:40,617 interview and, you know, have you as a 1491 00:54:40,617 --> 00:54:41,412 witness in court. 1492 00:54:42,765 --> 00:54:44,529 I think 1 of the all the high 1493 00:54:44,529 --> 00:54:46,856 level issues that has caused 1494 00:54:47,230 --> 00:54:48,763 a disparity in 1495 00:54:49,851 --> 00:54:50,351 transparency, 1496 00:54:50,979 --> 00:54:54,034 versus privacy is that years ago most government 1497 00:54:54,332 --> 00:54:58,004 agencies decided transparency was the most important thing. 1498 00:54:58,643 --> 00:54:59,974 So their idea was 1499 00:55:00,411 --> 00:55:02,237 everyone should be able to see everything because 1500 00:55:02,237 --> 00:55:04,007 that's transparency and accountability. 1501 00:55:04,777 --> 00:55:06,070 Well, those laws 1502 00:55:06,682 --> 00:55:08,769 were meant so that we could hold 1503 00:55:09,079 --> 00:55:10,835 are top level officials accountable. 1504 00:55:11,393 --> 00:55:13,309 It... They were not meant so that your 1505 00:55:13,309 --> 00:55:16,182 neighbor could dig into your police report and 1506 00:55:16,182 --> 00:55:18,827 see your details And so what I found 1507 00:55:18,827 --> 00:55:21,135 is and this is anecdotal, but in my 1508 00:55:21,135 --> 00:55:24,000 experience, most of the requests we get are 1509 00:55:24,000 --> 00:55:27,118 not about holding top level government to... Know, 1510 00:55:27,277 --> 00:55:29,426 the most powerful people accountable. 1511 00:55:30,063 --> 00:55:32,848 It's a lot of, like, little petty I'm 1512 00:55:32,848 --> 00:55:34,773 digging into your stuff and I'm, you you 1513 00:55:34,773 --> 00:55:36,444 know, pulling up your voter records I'm pulling 1514 00:55:36,444 --> 00:55:38,592 up all this. Voter records are a huge 1515 00:55:38,592 --> 00:55:40,580 issue because in a lot of states, they 1516 00:55:40,580 --> 00:55:42,988 either sell them, or you can go download 1517 00:55:42,988 --> 00:55:43,628 them for free, 1518 00:55:44,187 --> 00:55:47,324 and you're required to provide your a true 1519 00:55:47,783 --> 00:55:49,941 residential address or you're committing a crime when 1520 00:55:49,941 --> 00:55:52,186 you register or to vote which means you 1521 00:55:52,186 --> 00:55:53,640 can basically find 1522 00:55:54,014 --> 00:55:56,556 anyone's home address in any of those states 1523 00:55:56,556 --> 00:55:57,986 if they have a unique name at all. 1524 00:55:58,718 --> 00:56:00,634 And a lot of states are now starting 1525 00:56:00,634 --> 00:56:02,550 to also share things like dates of birth, 1526 00:56:02,789 --> 00:56:05,663 and, which is a credential. Right? There's a 1527 00:56:05,663 --> 00:56:07,100 lot of things where you give that up, 1528 00:56:07,593 --> 00:56:09,821 to verify that you are who you say 1529 00:56:09,821 --> 00:56:12,447 you are. So... Right. It is a huge 1530 00:56:12,447 --> 00:56:14,755 problem. The difference between now and 20 years 1531 00:56:14,755 --> 00:56:16,847 ago is it's just all more accessible 1532 00:56:17,237 --> 00:56:20,257 online. And so again, I'll repeat the earlier 1533 00:56:20,257 --> 00:56:22,006 piece. I think as government, we need to 1534 00:56:22,006 --> 00:56:24,334 collect last, but also, we need 1535 00:56:25,044 --> 00:56:29,439 drastic changes in our Pd fo laws so 1536 00:56:29,439 --> 00:56:32,096 that we're still able to hold the powerful 1537 00:56:32,156 --> 00:56:33,035 people accountable, 1538 00:56:33,449 --> 00:56:35,438 But we're not making it easy to mine 1539 00:56:35,438 --> 00:56:38,245 the data of just the general citizens. 1540 00:56:38,621 --> 00:56:40,530 Right? It it wasn't meant to be that, 1541 00:56:40,690 --> 00:56:41,883 but that's how it's being used. 1542 00:56:42,934 --> 00:56:43,173 Wow. 1543 00:56:44,131 --> 00:56:46,707 Okay. So you kinda of made the 1544 00:56:47,324 --> 00:56:49,320 the thought that there's there's so much data 1545 00:56:49,320 --> 00:56:50,917 out there, and it it it could be 1546 00:56:50,917 --> 00:56:52,056 hard to get through, but 1547 00:56:52,368 --> 00:56:53,479 we've got tools for that now. I mean, 1548 00:56:53,558 --> 00:56:54,931 we've got computers. We've got Ai 1549 00:56:55,939 --> 00:56:57,606 for for that now. So where we used 1550 00:56:57,606 --> 00:56:59,272 to have these massive haystack stacks and there 1551 00:56:59,272 --> 00:57:01,271 might be some needles in there somewhere, and 1552 00:57:01,271 --> 00:57:03,016 I and I've heard arguments that 1 of 1553 00:57:03,016 --> 00:57:05,078 the downsides to mass surveillance that we collect 1554 00:57:05,078 --> 00:57:07,061 so much data that we actually lose the 1555 00:57:07,061 --> 00:57:08,727 good stuff instead of focusing 1556 00:57:09,297 --> 00:57:11,759 criminals, for example, are focusing on, you know, 1557 00:57:11,997 --> 00:57:13,744 trying to smartly gather the data. If we 1558 00:57:13,744 --> 00:57:15,253 just hoover up everything. All of a sudden, 1559 00:57:15,332 --> 00:57:17,054 we've got too much to sift through on, 1560 00:57:17,494 --> 00:57:18,773 I'm not sure how much that argument is 1561 00:57:18,773 --> 00:57:21,170 gonna gotta gonna be around much longer, because 1562 00:57:21,170 --> 00:57:23,328 we actually had the compute power and things 1563 00:57:23,328 --> 00:57:25,726 like Ai that is really good about sift 1564 00:57:25,726 --> 00:57:27,735 through data and finding patterns and things. 1565 00:57:28,531 --> 00:57:30,760 So how much of the kind of work 1566 00:57:30,760 --> 00:57:31,658 that you do 1567 00:57:32,671 --> 00:57:34,683 can be automated today or 1568 00:57:35,155 --> 00:57:37,635 in the very near future such that attacks 1569 00:57:37,635 --> 00:57:39,235 by fishers and things like that could be 1570 00:57:39,235 --> 00:57:39,954 much more automated. 1571 00:57:41,394 --> 00:57:42,535 Yeah. So 1572 00:57:42,849 --> 00:57:44,289 first of all, Just wanna say you're absolutely 1573 00:57:44,289 --> 00:57:46,289 right. Like, on the government side, especially the 1574 00:57:46,289 --> 00:57:48,690 law enforcement side, we should be using a 1575 00:57:48,690 --> 00:57:52,481 scalpel, not a hatch it. So I absolutely 1576 00:57:52,538 --> 00:57:55,003 agree. We should be collecting only what we 1577 00:57:55,003 --> 00:57:58,581 need, not collecting hoover up everything. That is 1578 00:57:58,581 --> 00:58:00,900 definitely part of... The problem because also it's 1579 00:58:00,900 --> 00:58:03,280 just super inefficient. You're exactly right on that. 1580 00:58:03,518 --> 00:58:06,454 Right? Now now I'm creating just massive number 1581 00:58:06,454 --> 00:58:08,175 of haystack stacks I have to dig through 1582 00:58:08,294 --> 00:58:08,373 through. 1583 00:58:09,249 --> 00:58:10,921 Ai is interesting. Like, 1584 00:58:11,717 --> 00:58:13,548 I am not a big believer in Ai. 1585 00:58:13,787 --> 00:58:15,539 I think most of the things touted as 1586 00:58:15,698 --> 00:58:17,543 Ai true You know, we've got the large 1587 00:58:17,543 --> 00:58:19,692 language models, But I think it is a 1588 00:58:19,692 --> 00:58:20,590 lot of marketing 1589 00:58:21,045 --> 00:58:22,818 around a lot of this stuff. I think 1590 00:58:23,035 --> 00:58:24,885 most of these are not fully. Baked. I 1591 00:58:24,885 --> 00:58:27,045 think we're, you know, still some years away 1592 00:58:27,045 --> 00:58:28,005 from them being useful. 1593 00:58:28,644 --> 00:58:31,364 I see some people talking about using Ai 1594 00:58:31,364 --> 00:58:34,256 for open source intelligence work. I haven't been 1595 00:58:34,256 --> 00:58:37,052 impressed by any of it. And I think 1596 00:58:37,052 --> 00:58:38,111 1 of the 1597 00:58:38,490 --> 00:58:41,211 unintended consequences of Ai is going to be 1598 00:58:41,211 --> 00:58:44,655 massive data pollution on the Internet because we 1599 00:58:44,712 --> 00:58:47,850 already have an over on overwhelming issue with 1600 00:58:48,541 --> 00:58:49,200 misinformation and 1601 00:58:49,812 --> 00:58:52,139 disinformation. Yeah. And now it's just becoming 1602 00:58:52,989 --> 00:58:56,610 exponentially easier to create massive amounts of content 1603 00:58:57,467 --> 00:59:01,320 with no accountability, no sourcing, you no, quality 1604 00:59:01,538 --> 00:59:01,858 control, 1605 00:59:02,416 --> 00:59:04,899 and so We all know that currently, like, 1606 00:59:04,978 --> 00:59:07,442 your results on the Internet, you know, sometimes 1607 00:59:07,442 --> 00:59:09,453 they're just trash. Right? They're just 1608 00:59:09,827 --> 00:59:11,997 obviously wrong. Yeah. And 1609 00:59:12,784 --> 00:59:15,011 Personally, you know, as someone who searches on 1610 00:59:15,091 --> 00:59:16,761 Google and places every single day. 1611 00:59:17,557 --> 00:59:19,387 I have felt over the last couple years, 1612 00:59:19,784 --> 00:59:21,398 my results are just getting 1613 00:59:21,708 --> 00:59:22,685 more and more 1614 00:59:24,092 --> 00:59:27,510 less specific, less focus, more water down, more 1615 00:59:27,510 --> 00:59:27,987 garbage, 1616 00:59:28,543 --> 00:59:29,043 and 1617 00:59:29,354 --> 00:59:30,014 I'm getting 1618 00:59:30,393 --> 00:59:32,471 exactly the opposite of what I want, which 1619 00:59:32,471 --> 00:59:34,629 is I wanna be working with that scalpel. 1620 00:59:34,869 --> 00:59:36,727 I wanna get just a little bit of 1621 00:59:36,946 --> 00:59:38,225 information I want. 1622 00:59:38,879 --> 00:59:39,379 So 1623 00:59:39,837 --> 00:59:43,451 it I think Ai has limited usefulness 1624 00:59:44,148 --> 00:59:46,623 on the offensive side of work on the 1625 00:59:46,623 --> 00:59:48,220 intelligence gathering currently. 1626 00:59:49,030 --> 00:59:51,199 I'm keeping an eye on it. I'm more 1627 00:59:51,255 --> 00:59:53,241 concerned about it from a cyber crime perspective 1628 00:59:53,241 --> 00:59:55,306 because I am seeing it being used by 1629 00:59:55,306 --> 00:59:56,577 cyber and campaigns. 1630 00:59:57,307 --> 00:59:59,375 Because now you can use... You know, maybe 1631 00:59:59,454 --> 01:00:00,829 I don't even speak your language. 1632 01:00:01,681 --> 01:00:03,351 And, you know, 2 years ago, what I 1633 01:00:03,351 --> 01:00:05,260 would have done is go on some criminal. 1634 01:00:05,434 --> 01:00:07,668 Forum and pay someone 10 dollars a bitcoin 1635 01:00:07,668 --> 01:00:10,619 to write that ransom email. But now I 1636 01:00:10,619 --> 01:00:12,453 can just use Ai. It will Yeah. Help 1637 01:00:12,453 --> 01:00:14,229 me with the code for the ransom. 1638 01:00:14,606 --> 01:00:17,650 It will right than ransom where. When I 1639 01:00:17,650 --> 01:00:19,721 do keynote, that's 1 of the demos I 1640 01:00:19,721 --> 01:00:21,952 do is I have the... Now the Ai 1641 01:00:21,952 --> 01:00:23,799 writes up, a ransom note that we're going 1642 01:00:23,799 --> 01:00:26,109 win to send because we walk our audience 1643 01:00:26,109 --> 01:00:28,181 through how we do a massive phishing campaign. 1644 01:00:28,818 --> 01:00:29,318 So 1645 01:00:29,695 --> 01:00:32,731 the this... Ai is just building on what 1646 01:00:32,731 --> 01:00:34,879 we were already seeing in the crime as 1647 01:00:34,879 --> 01:00:35,617 a service 1648 01:00:36,071 --> 01:00:38,457 industry. Right? Because I I think you probably 1649 01:00:38,457 --> 01:00:40,542 talked about that on here for where... Oh, 1650 01:00:40,701 --> 01:00:42,615 yeah. You don't even need technical skills now. 1651 01:00:42,775 --> 01:00:43,971 And this has been true for a while. 1652 01:00:44,449 --> 01:00:47,239 You can use bitcoin or crypto and buy 1653 01:00:47,239 --> 01:00:48,730 just about every or 1654 01:00:49,484 --> 01:00:52,448 skill and tool in part of a cyber 1655 01:00:52,583 --> 01:00:55,047 crime campaign pain. And now Ai just makes 1656 01:00:55,047 --> 01:00:55,523 it easier. 1657 01:00:56,573 --> 01:00:58,247 Gotta wrap this up unfortunately. So... But let's 1658 01:00:58,247 --> 01:01:00,081 wrap this up as practical advice. We've already 1659 01:01:00,081 --> 01:01:01,675 talked about some things some of the top... 1660 01:01:01,914 --> 01:01:03,429 You gave your top 4 choices for things 1661 01:01:03,429 --> 01:01:05,274 that you tell people to do. Let's let's 1662 01:01:05,274 --> 01:01:06,859 talk about a few more things. For example, 1663 01:01:07,255 --> 01:01:07,993 can you 1664 01:01:08,682 --> 01:01:11,139 delete or limit access to all the data 1665 01:01:11,139 --> 01:01:12,899 that's already out there? You've got a list 1666 01:01:12,899 --> 01:01:14,726 or a great list for data removal tool. 1667 01:01:15,680 --> 01:01:17,268 On your site, were you actually given it's... 1668 01:01:17,507 --> 01:01:19,334 There's a lot of sites. Like, literally, I 1669 01:01:19,334 --> 01:01:20,287 think multiple dozen. 1670 01:01:21,098 --> 01:01:22,452 Websites that you tell us to go to 1671 01:01:22,452 --> 01:01:24,046 it. But you do say, of course, that 1672 01:01:24,046 --> 01:01:25,879 there's also maybe these dozen are actually the 1673 01:01:25,879 --> 01:01:27,233 top ones and some of those scroll down. 1674 01:01:27,711 --> 01:01:28,211 So 1675 01:01:28,525 --> 01:01:29,485 how do we know where to go it? 1676 01:01:29,644 --> 01:01:30,925 And then some people to look at that 1677 01:01:30,925 --> 01:01:32,204 and say, well, why don't I just go 1678 01:01:32,204 --> 01:01:33,805 to, like, delete me or in Cog or 1679 01:01:33,805 --> 01:01:34,765 some of these other ones that are offering 1680 01:01:34,765 --> 01:01:36,285 to do it for me. Yeah. Cost money, 1681 01:01:36,445 --> 01:01:38,460 but I don't wanna do it. What Should 1682 01:01:38,619 --> 01:01:39,820 I just pay someone else to do these 1683 01:01:39,820 --> 01:01:39,980 things? 1684 01:01:40,699 --> 01:01:42,780 Yeah. That's a good question. So I get 1685 01:01:42,780 --> 01:01:45,500 asked about life lock all the time, delete 1686 01:01:45,500 --> 01:01:47,505 me all of that? So a few years 1687 01:01:47,505 --> 01:01:49,094 ago, I tested some of these. I actually 1688 01:01:49,094 --> 01:01:51,237 put signed up, paid for and went through 1689 01:01:51,237 --> 01:01:53,246 some of those so that I could speak 1690 01:01:53,539 --> 01:01:55,500 confidently and from a place of knowledge 1691 01:01:56,018 --> 01:01:58,411 about them. And I'll tell you. So these 1692 01:01:58,411 --> 01:02:00,564 services all work the same. You have to 1693 01:02:00,564 --> 01:02:02,239 give them a bunch of your personal information, 1694 01:02:02,558 --> 01:02:04,313 and they say they're gonna scour the Internet. 1695 01:02:04,472 --> 01:02:06,959 Now everyone says also dark net, Ai, and 1696 01:02:06,959 --> 01:02:08,633 they throw out all those buzz words. And 1697 01:02:08,633 --> 01:02:10,307 they're gonna protect you and some of them 1698 01:02:10,307 --> 01:02:12,380 will off I say they'll freeze your credit 1699 01:02:12,380 --> 01:02:14,789 and identity management. All these things. They they 1700 01:02:14,789 --> 01:02:15,670 all make big promises. 1701 01:02:16,309 --> 01:02:18,329 But they all collect a bunch of personal 1702 01:02:18,390 --> 01:02:20,949 information, and then they have scripts and automated 1703 01:02:20,949 --> 01:02:23,324 services that go out, search for it, all 1704 01:02:23,524 --> 01:02:25,221 and then they auto generate 1705 01:02:25,759 --> 01:02:28,472 basically, emails and letters that get sent to 1706 01:02:28,472 --> 01:02:31,027 the data brokers requesting that your data be 1707 01:02:31,027 --> 01:02:31,266 removed. 1708 01:02:32,159 --> 01:02:34,148 They sell this for, like, 200 dollars. 1709 01:02:34,944 --> 01:02:36,240 And so my first 1710 01:02:36,775 --> 01:02:38,605 thing I wanna share on this is, you 1711 01:02:38,605 --> 01:02:39,105 cannot... 1712 01:02:40,055 --> 01:02:42,695 Clean up your privacy effectively for 200 dollars. 1713 01:02:43,335 --> 01:02:45,494 Right? You are absolutely getting what you paid 1714 01:02:45,494 --> 01:02:47,574 for. So the reality is this. So when 1715 01:02:47,735 --> 01:02:49,745 I tested this out, sure, you know, I 1716 01:02:49,745 --> 01:02:50,935 used 1 of these services. 1717 01:02:51,490 --> 01:02:54,132 It removed my information from about a dozen 1718 01:02:54,187 --> 01:02:57,378 different data broker sites. You And in full 1719 01:02:57,378 --> 01:02:59,683 disclosure, I done a little cleanup before that 1720 01:02:59,683 --> 01:03:01,829 myself, so I didn't have a huge amount 1721 01:03:01,829 --> 01:03:04,294 out there. And then if you keep paying 1722 01:03:04,294 --> 01:03:06,139 the money each year, they will... You know, 1723 01:03:06,298 --> 01:03:08,135 look again because what happens is the data 1724 01:03:08,135 --> 01:03:11,009 brokers tend to basically buy new blocks of 1725 01:03:11,009 --> 01:03:13,404 data. Right. And then it just circulates to 1726 01:03:13,404 --> 01:03:15,181 the time. Right. So 1727 01:03:15,893 --> 01:03:17,089 my big takeaway was this. 1728 01:03:17,806 --> 01:03:19,161 1, I had to send them a huge 1729 01:03:19,161 --> 01:03:22,349 amount of personal information. 2, they only remove 1730 01:03:22,349 --> 01:03:24,036 just a little bit of low hanging. Fruit. 1731 01:03:24,275 --> 01:03:25,782 So it was better than nothing, 1732 01:03:26,416 --> 01:03:28,558 but it was not super effective. 1733 01:03:29,113 --> 01:03:30,565 It definitely did not 1734 01:03:30,874 --> 01:03:32,632 wipe all my stuff off the Internet. It 1735 01:03:32,632 --> 01:03:34,231 just did the low hanging fruit. 1736 01:03:34,950 --> 01:03:37,048 My big concern with this is 1737 01:03:37,667 --> 01:03:39,825 what happens when those companies get breached. 1738 01:03:40,478 --> 01:03:42,153 Because you're giving them... 1739 01:03:42,712 --> 01:03:44,546 Like, could... In order for them to search 1740 01:03:44,546 --> 01:03:46,780 for all your exposed info, you have to 1741 01:03:46,780 --> 01:03:49,332 send them your info. And so any of 1742 01:03:49,332 --> 01:03:51,338 it all. Yeah. The Irony. And also when 1743 01:03:51,338 --> 01:03:52,849 you start to look at, you know, some 1744 01:03:52,849 --> 01:03:55,156 of the business dealings, parent companies, all of 1745 01:03:55,156 --> 01:03:57,715 that. Yeah. Yeah. So we... The in our 1746 01:03:57,715 --> 01:03:59,962 business, we advise all of our clients 1747 01:04:00,415 --> 01:04:03,670 against this. We think you should handle your 1748 01:04:03,670 --> 01:04:06,075 own privacy because it's your privacy. 1749 01:04:06,544 --> 01:04:08,858 Right? Why would you trust a third party, 1750 01:04:09,018 --> 01:04:11,333 and I'm telling you anyone for 200 dollars 1751 01:04:11,333 --> 01:04:13,248 cannot do a good job at this. And 1752 01:04:13,248 --> 01:04:15,733 for 200 dollars, how... Much effort are they 1753 01:04:15,733 --> 01:04:18,676 putting into protecting your data. Right? So you 1754 01:04:18,676 --> 01:04:20,210 get what you pay for. So 1755 01:04:20,584 --> 01:04:23,208 let me give you my quick kind of 1756 01:04:23,208 --> 01:04:24,083 8 steps. 1757 01:04:24,814 --> 01:04:26,666 If you want to this weekend, 1758 01:04:27,119 --> 01:04:28,948 start tackling this and how I recommend is, 1759 01:04:29,107 --> 01:04:30,856 like, don't try and do it all in 1760 01:04:30,856 --> 01:04:32,765 a day, spend a couple hours this Sunday, 1761 01:04:33,003 --> 01:04:34,687 Spend a couple hours the next Saturday. But 1762 01:04:34,687 --> 01:04:36,433 this is basically it. Right? 1763 01:04:37,545 --> 01:04:39,449 Start a privacy journal, as I mentioned before. 1764 01:04:39,767 --> 01:04:42,878 Number 2, freeze your credit, but That mitigate 1765 01:04:42,878 --> 01:04:45,181 about 95 percent of identity theft in the 1766 01:04:45,420 --> 01:04:47,405 Us, you are allowed to freeze your credit 1767 01:04:47,405 --> 01:04:49,391 by law. This law changed a few years 1768 01:04:49,391 --> 01:04:50,979 ago. You do not have to pay for 1769 01:04:50,979 --> 01:04:51,138 it. 1770 01:04:52,027 --> 01:04:54,570 We have instructions on this in our privacy 1771 01:04:54,570 --> 01:04:55,921 guide on the site. So you can just 1772 01:04:55,921 --> 01:04:57,273 download it and follow our steps. 1773 01:04:57,988 --> 01:05:00,309 Do self assessment. Log on to our site, 1774 01:05:00,468 --> 01:05:02,617 use our dashboard, search for all of your 1775 01:05:02,617 --> 01:05:05,403 exposures, Put those in your privacy journal. K? 1776 01:05:05,960 --> 01:05:07,893 Now you're gonna go through all your devices 1777 01:05:08,030 --> 01:05:09,637 and just double check all, your settings. 1778 01:05:10,275 --> 01:05:12,903 You're going to get a good password manager. 1779 01:05:13,381 --> 01:05:15,373 I recommend bit warden. That's what I use 1780 01:05:15,373 --> 01:05:17,284 for me and my family. It's open source. 1781 01:05:17,523 --> 01:05:20,175 It's affordable for but pay for your password 1782 01:05:20,175 --> 01:05:20,655 manager, 1783 01:05:21,135 --> 01:05:23,454 like, we wanna move away from free tools, 1784 01:05:23,855 --> 01:05:24,974 especially when they're for security. 1785 01:05:25,535 --> 01:05:26,735 And then you're going to go through all 1786 01:05:26,735 --> 01:05:29,148 your accounts, update them with a good unique 1787 01:05:29,148 --> 01:05:30,986 strong passwords. And then the last step is 1788 01:05:31,465 --> 01:05:33,223 Mfa. You can use Auth, You can use 1789 01:05:33,303 --> 01:05:33,543 Google 1790 01:05:34,182 --> 01:05:34,421 Authenticator. 1791 01:05:35,140 --> 01:05:37,302 And then gonna stop using free apps and 1792 01:05:37,302 --> 01:05:37,802 services. 1793 01:05:38,651 --> 01:05:40,556 And then my... Again, my number 1 thing 1794 01:05:40,556 --> 01:05:40,794 is, 1795 01:05:41,588 --> 01:05:42,858 and this is what I always talk to 1796 01:05:42,858 --> 01:05:45,108 my... They're Daughters about growing up is, I 1797 01:05:45,108 --> 01:05:46,466 was like, you know you're walking down the 1798 01:05:46,466 --> 01:05:46,706 street, 1799 01:05:47,425 --> 01:05:49,023 and you walk past them dude, and the 1800 01:05:49,023 --> 01:05:50,302 hairs go up on the back your and 1801 01:05:50,302 --> 01:05:51,580 neck or the dog g. 1802 01:05:52,313 --> 01:05:55,333 Listen to that. That means something. So my 1803 01:05:55,333 --> 01:05:57,081 number 1 thing is when you get that 1804 01:05:57,081 --> 01:05:58,512 email and when you get that text, and 1805 01:05:58,512 --> 01:06:00,125 it has any sense of 1806 01:06:00,499 --> 01:06:00,999 urgency 1807 01:06:02,103 --> 01:06:03,318 please please please 1808 01:06:03,849 --> 01:06:06,549 stop for 30 seconds in pause and thank 1809 01:06:06,549 --> 01:06:07,605 is this odd 1810 01:06:07,978 --> 01:06:09,984 because it's almost o always going to be 1811 01:06:09,984 --> 01:06:11,764 a scam if it is, 1812 01:06:12,065 --> 01:06:12,224 you know, 1813 01:06:13,025 --> 01:06:14,944 instill a sense of urgency or it wants 1814 01:06:14,944 --> 01:06:16,319 you to click on something or oh and 1815 01:06:16,319 --> 01:06:17,354 something. So 1816 01:06:17,832 --> 01:06:19,743 in my day to day cyber crime, job, 1817 01:06:19,981 --> 01:06:23,405 both doing investigations and mitigation. Fishing is still 1818 01:06:23,405 --> 01:06:25,728 the number 1 and it it causes the 1819 01:06:25,728 --> 01:06:26,466 most ransom. 1820 01:06:27,237 --> 01:06:29,781 That causes more damage than just about any 1821 01:06:29,781 --> 01:06:31,847 other form of cyber crime. I do see 1822 01:06:31,847 --> 01:06:33,616 a lot of like, sex ex as well, 1823 01:06:33,695 --> 01:06:34,972 you know, I send you the email. 1824 01:06:35,769 --> 01:06:38,880 Hey, Carrie. I hacked your computer. To prove 1825 01:06:38,880 --> 01:06:40,337 it here's for your passwords. 1826 01:06:40,714 --> 01:06:42,403 I can see all the porn even looking 1827 01:06:42,403 --> 01:06:43,673 at, and I'm gonna send it to your 1828 01:06:43,673 --> 01:06:44,864 family on Facebook. 1829 01:06:45,340 --> 01:06:47,087 And the reality is I just pulled your 1830 01:06:47,087 --> 01:06:48,833 passwords out of breach data, and didn't hack 1831 01:06:48,833 --> 01:06:51,190 your computer. It's a... It's... I'm bluff looking 1832 01:06:51,468 --> 01:06:53,937 So... But that sex distortion scam we see 1833 01:06:53,937 --> 01:06:55,132 happening all the time. And then of course, 1834 01:06:55,211 --> 01:06:56,247 we're still seeing a lot of... 1835 01:06:57,123 --> 01:06:58,477 And this is 1 of my... This makes 1836 01:06:58,477 --> 01:06:59,353 me so angry. 1837 01:07:00,324 --> 01:07:01,221 Tax un vulnerable 1838 01:07:01,596 --> 01:07:04,062 populations. You know, people call grandma, little Johnny's 1839 01:07:04,062 --> 01:07:05,812 in a Mexican prison send us gift parts. 1840 01:07:05,971 --> 01:07:07,028 We still have 1841 01:07:07,658 --> 01:07:10,050 older victims every single day going into best 1842 01:07:10,050 --> 01:07:11,805 buy to get gift cards because of those 1843 01:07:11,805 --> 01:07:14,516 type of scams. So... But that... That's pretty 1844 01:07:14,516 --> 01:07:17,482 much it. Everyone listening to this can take 1845 01:07:17,482 --> 01:07:19,155 control of their own privacy and security. It 1846 01:07:19,155 --> 01:07:20,590 just takes some work. And what I just 1847 01:07:20,590 --> 01:07:23,140 wanna promise you is it's worth it. Right? 1848 01:07:23,697 --> 01:07:24,197 You 1849 01:07:24,669 --> 01:07:26,742 at the end of doing your own privacy 1850 01:07:26,742 --> 01:07:27,560 cleanup will 1851 01:07:28,017 --> 01:07:28,517 understand 1852 01:07:29,133 --> 01:07:31,445 what situation you're in? How exposed am I? 1853 01:07:31,605 --> 01:07:32,902 What is my threat model 1854 01:07:33,213 --> 01:07:36,083 Like, you will feel more comfortable and safe 1855 01:07:36,083 --> 01:07:38,394 if you do it yourself. Don't pay me 1856 01:07:38,394 --> 01:07:40,067 to do it. Don't pay someone else to 1857 01:07:40,067 --> 01:07:41,835 do it. Just do it yourself, and and 1858 01:07:41,835 --> 01:07:43,987 we've got all the free guides to, walk 1859 01:07:43,987 --> 01:07:45,819 you through it. So you'll have everything you 1860 01:07:45,819 --> 01:07:47,652 need. Well, I will get all those links 1861 01:07:47,652 --> 01:07:48,688 to put up a show notes for for 1862 01:07:48,688 --> 01:07:50,122 the audience, so they will definitely have access 1863 01:07:50,122 --> 01:07:50,735 to those immediately 1864 01:07:51,252 --> 01:07:53,161 Great. 2 particular questions that that I wanna 1865 01:07:53,161 --> 01:07:55,627 ask. First of all, I like to... You 1866 01:07:55,627 --> 01:07:57,297 talked about alias basically We didn't call it 1867 01:07:57,297 --> 01:07:59,705 that, but you'd because... Well, you implied actually 1868 01:07:59,705 --> 01:08:01,063 though it's a good thing. If you've got 1869 01:08:01,462 --> 01:08:03,138 unique email. Most people probably only have 1 1870 01:08:03,138 --> 01:08:03,457 or 2, 1871 01:08:04,255 --> 01:08:06,411 unless they've taken steps. Most people probably have 1872 01:08:06,411 --> 01:08:08,736 1 phone number. Now, it's mobile number, and 1873 01:08:08,736 --> 01:08:09,771 it's and you never change it because you 1874 01:08:09,771 --> 01:08:11,283 ported it everywhere, and it it follows you 1875 01:08:11,283 --> 01:08:13,273 for life, like a social security number. So 1876 01:08:13,273 --> 01:08:14,706 a lot of the things that I've often 1877 01:08:14,706 --> 01:08:16,797 had recommended our Alias. You getting 1878 01:08:17,189 --> 01:08:19,430 throw away numbers, will not throw. Your second 1879 01:08:19,430 --> 01:08:20,789 numbers, our third numbers are at least, so 1880 01:08:20,789 --> 01:08:21,530 you can kinda 1881 01:08:22,390 --> 01:08:22,890 diversify 1882 01:08:23,350 --> 01:08:25,770 your phone number identity as well as using 1883 01:08:25,829 --> 01:08:26,550 email aliases. 1884 01:08:27,523 --> 01:08:28,400 So curious about that. 1885 01:08:29,118 --> 01:08:30,555 1 thing in particular I'm worried about now, 1886 01:08:30,715 --> 01:08:32,949 especially with Ai is I like to buy 1887 01:08:32,949 --> 01:08:34,466 no buy domain names. 1888 01:08:35,037 --> 01:08:36,466 That I could do catch all email addresses 1889 01:08:36,466 --> 01:08:37,735 that I just make up on the fly. 1890 01:08:38,052 --> 01:08:39,481 I'm just... I'm waiting for the day though 1891 01:08:39,481 --> 01:08:40,195 when someone figured out, 1892 01:08:41,068 --> 01:08:42,258 what if we just... What, this is a 1893 01:08:42,258 --> 01:08:44,340 weird domain name so What if all the 1894 01:08:44,340 --> 01:08:45,932 addresses at this domain name or the same 1895 01:08:45,932 --> 01:08:47,923 person? Is is that gonna bite me at 1896 01:08:47,923 --> 01:08:48,322 some point? 1897 01:08:49,277 --> 01:08:51,268 I mean, anything we do that has a 1898 01:08:51,268 --> 01:08:51,666 pattern? 1899 01:08:52,079 --> 01:08:53,911 And can be tied back to anything that 1900 01:08:53,911 --> 01:08:56,698 is officially associated with us whether it be 1901 01:08:56,698 --> 01:08:59,486 financially tied or online or anything else could 1902 01:08:59,486 --> 01:09:00,463 be an exposure 1903 01:09:01,094 --> 01:09:02,690 But let me let me take a step 1904 01:09:02,690 --> 01:09:04,047 back and give you just, I guess, a 1905 01:09:04,047 --> 01:09:04,925 little advice. 1906 01:09:05,722 --> 01:09:06,222 So 1907 01:09:06,600 --> 01:09:09,487 for emails, I use simple login. Which is 1908 01:09:09,487 --> 01:09:12,030 owned by proton. Right? I know you probably 1909 01:09:12,030 --> 01:09:14,017 have a lot of proton users. Yeah. I'm 1910 01:09:14,017 --> 01:09:16,640 a big proton fan, Swiss privacy loss so 1911 01:09:16,640 --> 01:09:17,832 much better than the Us, 1912 01:09:18,484 --> 01:09:21,028 we have vetted them. They've been independently audited. 1913 01:09:21,187 --> 01:09:21,687 So 1914 01:09:22,141 --> 01:09:24,765 simple login was a third party company that 1915 01:09:24,765 --> 01:09:27,010 they acquired a couple years ago. And it 1916 01:09:27,010 --> 01:09:30,289 basically allows me to create an unlimited number 1917 01:09:30,289 --> 01:09:33,170 of temporary burner addresses that just forward to 1918 01:09:33,170 --> 01:09:35,729 my real email address. And the tactic there 1919 01:09:35,729 --> 01:09:38,305 is so many places get breached. Even if 1920 01:09:38,305 --> 01:09:40,145 they don't intentionally misuse your email, 1921 01:09:40,944 --> 01:09:43,744 so much better to use that burner email. 1922 01:09:44,078 --> 01:09:46,646 That just forwards through because now when Jason's 1923 01:09:46,782 --> 01:09:49,010 online hunting you and he finds that burner 1924 01:09:49,010 --> 01:09:51,810 email, it's not associated with anything else so... 1925 01:09:51,970 --> 01:09:53,166 There's nowhere way for it to go... For 1926 01:09:53,166 --> 01:09:55,078 him to go with it. Right? That's that's 1927 01:09:55,078 --> 01:09:57,550 not useful as an investigative lead. So if 1928 01:09:57,709 --> 01:09:58,880 I'm am hunting you 1929 01:09:59,319 --> 01:10:00,298 using aliases, 1930 01:10:00,677 --> 01:10:03,634 whether it be email addresses, or I use 1931 01:10:03,634 --> 01:10:06,030 my pseudo for extra phone numbers, 1932 01:10:06,762 --> 01:10:08,513 so. If I if I need to sign 1933 01:10:08,513 --> 01:10:10,025 up for anything, and they want a phone 1934 01:10:10,025 --> 01:10:10,344 number. 1935 01:10:11,060 --> 01:10:12,810 And and, literally, if you had ask me 1936 01:10:12,810 --> 01:10:14,641 for a phone number prior to doing this 1937 01:10:14,641 --> 01:10:16,569 interview, I would have given you. A V 1938 01:10:16,569 --> 01:10:18,167 number. I would've have given you a burn 1939 01:10:18,167 --> 01:10:20,885 number because it's not that I don't trust 1940 01:10:20,885 --> 01:10:23,921 you, but there's no reason in most cases 1941 01:10:23,921 --> 01:10:27,452 to give anyone my actual cell phone number. 1942 01:10:28,011 --> 01:10:30,009 Because once you have that, there's a lot 1943 01:10:30,009 --> 01:10:31,607 you could do with it. Right? Like, you 1944 01:10:31,607 --> 01:10:33,364 could sim swap it, you could, you know, 1945 01:10:33,859 --> 01:10:37,761 that is, a your true cellular phone number 1946 01:10:37,761 --> 01:10:39,594 is pretty valuable, so we try not to 1947 01:10:39,594 --> 01:10:41,506 give that out as much as possible. 1948 01:10:42,063 --> 01:10:44,698 And then you know, I like to have 1949 01:10:44,698 --> 01:10:45,968 most of my... I do have a couple 1950 01:10:45,968 --> 01:10:48,030 of personal social media accounts. For example, I 1951 01:10:48,030 --> 01:10:49,720 play on a sports team, and they 1952 01:10:50,092 --> 01:10:52,898 absolutely well, only schedule things on Facebook. 1953 01:10:53,297 --> 01:10:55,694 So I do have a Facebook account. It's 1954 01:10:55,694 --> 01:10:58,272 not my name has no photos has no 1955 01:10:58,411 --> 01:10:59,449 association with me. 1956 01:10:59,945 --> 01:11:02,585 But I choose... And I know that's a 1957 01:11:02,585 --> 01:11:05,064 little bit of exposure. But again, that's... I'm 1958 01:11:05,064 --> 01:11:06,265 not the guy who says don't be on 1959 01:11:06,265 --> 01:11:08,756 the Internet. I'm saying, all just be smart 1960 01:11:08,756 --> 01:11:10,511 about it and find that balance. And for 1961 01:11:10,511 --> 01:11:11,149 that balance, 1962 01:11:11,707 --> 01:11:13,542 I choose to have a couple social media 1963 01:11:13,542 --> 01:11:16,253 accounts and just not just check the settings 1964 01:11:16,253 --> 01:11:17,370 and don't over share on them. 1965 01:11:18,104 --> 01:11:19,385 1 more question and and when... 1966 01:11:20,185 --> 01:11:21,465 It's back to kinda what we're talking about 1967 01:11:21,465 --> 01:11:23,064 before, and some the irony of trying to 1968 01:11:23,064 --> 01:11:25,145 protect your identity. When you go to some 1969 01:11:25,145 --> 01:11:26,829 of these sites, And even some of these 1970 01:11:26,829 --> 01:11:28,574 sites, if you were go directly to, let's 1971 01:11:28,574 --> 01:11:30,556 say, Facebook. I gotta close my account, I 1972 01:11:30,556 --> 01:11:31,509 want you to get rid of my all 1973 01:11:31,509 --> 01:11:31,825 my stuff. 1974 01:11:32,539 --> 01:11:33,903 A lot of times, I'll say, well, we 1975 01:11:33,903 --> 01:11:35,096 really need to make sure that you are 1976 01:11:35,096 --> 01:11:36,608 who say are before we do this. So 1977 01:11:36,608 --> 01:11:39,471 upload a photo Id or upload a picture 1978 01:11:39,471 --> 01:11:40,289 of your passport. 1979 01:11:40,919 --> 01:11:43,393 Or, you know, in the process of verifying 1980 01:11:43,393 --> 01:11:45,069 that you are who you say you are 1981 01:11:45,069 --> 01:11:46,746 and that the information that you want to 1982 01:11:46,746 --> 01:11:48,682 have removed, it is accurate, 1983 01:11:49,554 --> 01:11:51,635 they ask you to basically kinda give up 1984 01:11:51,635 --> 01:11:53,154 a lot of information yourself. Is that is 1985 01:11:53,154 --> 01:11:54,515 that just part of the deal like, should 1986 01:11:54,515 --> 01:11:55,255 you hesitate 1987 01:11:55,635 --> 01:11:56,675 when you're going to into on of these 1988 01:11:56,675 --> 01:11:59,006 sites that want all this information to ironically 1989 01:11:59,006 --> 01:12:01,154 remove your data. Is that just par for 1990 01:12:01,154 --> 01:12:01,471 the course? 1991 01:12:02,426 --> 01:12:05,051 Yeah. So you should definitely hesitate. 1992 01:12:05,704 --> 01:12:07,619 That is something for me, like, if on 1993 01:12:07,619 --> 01:12:09,535 my personal burner accounts if I got those, 1994 01:12:09,854 --> 01:12:11,850 I would just walk away. Be like, well, 1995 01:12:12,329 --> 01:12:14,659 no. I'm good. Like, I'll just click that 1996 01:12:14,659 --> 01:12:16,500 account out? I'm just done with your platform, 1997 01:12:17,380 --> 01:12:18,900 especially with places like meta? 1998 01:12:20,020 --> 01:12:21,619 I mean, why do you think they're asking, 1999 01:12:21,953 --> 01:12:25,056 for a face shot or a government Id. 2000 01:12:25,216 --> 01:12:28,636 Right? Obviously, it's for facial recognition, and I 2001 01:12:28,795 --> 01:12:30,680 I do not trust that that is all 2002 01:12:30,958 --> 01:12:33,183 just to verify me. Right? They wanna get 2003 01:12:33,183 --> 01:12:35,488 us in their data database because that data 2004 01:12:35,488 --> 01:12:36,362 is so valuable. 2005 01:12:36,760 --> 01:12:37,260 And 2006 01:12:37,634 --> 01:12:39,675 especially Meta has really been pushing facial record 2007 01:12:39,873 --> 01:12:42,181 condition for a long time. Right? Ever since 2008 01:12:42,181 --> 01:12:43,774 tagging people in photos began. 2009 01:12:44,570 --> 01:12:47,037 So I don't trust that. I don't like 2010 01:12:47,037 --> 01:12:47,537 that 2011 01:12:47,849 --> 01:12:49,448 Now I will give you a little pro 2012 01:12:49,448 --> 01:12:49,688 tip. 2013 01:12:50,407 --> 01:12:53,044 1 thing I do, which probably most people 2014 01:12:53,044 --> 01:12:54,802 don't do is sometimes I go in and 2015 01:12:54,802 --> 01:12:57,199 actually dig through the terms of service. 2016 01:12:57,774 --> 01:12:59,762 And if you start digging through, especially on 2017 01:12:59,762 --> 01:13:02,307 meta, like, if they ask you for your 2018 01:13:02,307 --> 01:13:05,329 government Id, to me, that is a huge 2019 01:13:05,329 --> 01:13:07,578 over reach. Right? Like, they don't have the 2020 01:13:07,578 --> 01:13:09,336 authority for that. And I guess their argument 2021 01:13:09,336 --> 01:13:10,694 would be like, well, you don't have to 2022 01:13:10,694 --> 01:13:12,212 give it to us, but we also don't 2023 01:13:12,212 --> 01:13:13,570 have to let you back into your account. 2024 01:13:14,064 --> 01:13:15,337 But if you look at their terms of 2025 01:13:15,337 --> 01:13:18,362 service, they'll accept a government Id or 2 2026 01:13:18,362 --> 01:13:21,068 forms of secondary Id and secondary Id can 2027 01:13:21,068 --> 01:13:21,226 be. 2028 01:13:22,196 --> 01:13:24,497 Mail, like mail that's been open to an 2029 01:13:24,497 --> 01:13:27,435 address, Mh. A gym card, you know, some 2030 01:13:27,435 --> 01:13:29,657 of those things. So once we start getting 2031 01:13:29,657 --> 01:13:31,736 into non government meant Ids, 2032 01:13:32,133 --> 01:13:33,959 then it becomes a little bit easier to 2033 01:13:33,959 --> 01:13:34,459 provide 2034 01:13:34,912 --> 01:13:37,373 verification for something that may be in an 2035 01:13:37,373 --> 01:13:38,247 alternate name. 2036 01:13:38,820 --> 01:13:40,820 Right? And so you can get a little 2037 01:13:40,820 --> 01:13:42,899 bit creative there. More often than not when 2038 01:13:42,899 --> 01:13:45,140 these situations come up, I just walk away 2039 01:13:45,140 --> 01:13:45,939 from that account. 2040 01:13:46,513 --> 01:13:48,426 Now if it has your personal data on 2041 01:13:48,426 --> 01:13:50,815 it, and they're not allowing you to close 2042 01:13:50,815 --> 01:13:53,046 it, I've not run into that scenario. 2043 01:13:54,097 --> 01:13:56,171 But typically, what I would do is if 2044 01:13:56,171 --> 01:13:58,644 they lock me out is just put in 2045 01:13:58,644 --> 01:14:01,036 and and just hound them about getting the 2046 01:14:01,036 --> 01:14:01,834 account deleted. 2047 01:14:02,552 --> 01:14:03,052 But 2048 01:14:03,524 --> 01:14:05,676 mean, my perspective is maybe not the best 2049 01:14:05,676 --> 01:14:07,826 because I don't really have any social media 2050 01:14:07,826 --> 01:14:09,282 accounts where I post personal 2051 01:14:09,898 --> 01:14:10,136 details. 2052 01:14:10,948 --> 01:14:12,300 So the data I have on there. So 2053 01:14:12,458 --> 01:14:14,049 I guess, I'm kind of addressing it up 2054 01:14:14,049 --> 01:14:15,560 upfront by just being careful what I give 2055 01:14:15,560 --> 01:14:16,514 them in the first place. 2056 01:14:17,389 --> 01:14:18,502 Yeah. I actually struggle with some of that 2057 01:14:18,502 --> 01:14:19,377 to too because a lot of the advice 2058 01:14:19,457 --> 01:14:20,625 I give to other people people's hard. I 2059 01:14:20,743 --> 01:14:22,415 can't check it because I haven't done it 2060 01:14:22,415 --> 01:14:23,927 or I'd stopped doing a long time ago. 2061 01:14:24,246 --> 01:14:26,076 So sometimes have to set up dummy accounts 2062 01:14:26,076 --> 01:14:27,747 or find people I know that do do 2063 01:14:27,747 --> 01:14:29,593 it and Can't Yeah. I know that are 2064 01:14:29,593 --> 01:14:30,468 willing to help me look at their stuff. 2065 01:14:30,627 --> 01:14:32,777 And III should throw out just a little 2066 01:14:32,777 --> 01:14:33,890 bit of warning to your audience. 2067 01:14:34,607 --> 01:14:37,649 Absolutely, we should not lead... Social media accounts 2068 01:14:37,649 --> 01:14:39,562 follow. So we should not walk away from 2069 01:14:39,562 --> 01:14:42,193 them and not close them because we do 2070 01:14:42,193 --> 01:14:44,345 see a lot of crime that's generated of 2071 01:14:44,345 --> 01:14:45,655 these carrie abandon 2072 01:14:46,189 --> 01:14:49,609 Facebook account 5 years ago. I figure out 2073 01:14:49,609 --> 01:14:51,756 his old password through breach data. I get 2074 01:14:51,756 --> 01:14:53,760 control of his account. And now I contact 2075 01:14:53,760 --> 01:14:55,430 all his family and friends and start doing 2076 01:14:55,430 --> 01:14:57,421 a bunch of social engineering campaigns. We see 2077 01:14:57,421 --> 01:14:59,569 a lot of social engineering that are from 2078 01:14:59,569 --> 01:15:01,899 compromised accounts. Mh. So definitely... 2079 01:15:02,530 --> 01:15:04,930 And there is there are sites like a 2080 01:15:04,930 --> 01:15:07,489 account killer and some different sites that will 2081 01:15:07,489 --> 01:15:09,170 help you that. Help you shut down your 2082 01:15:09,170 --> 01:15:09,409 accounts. 2083 01:15:10,530 --> 01:15:11,649 As far as domains, 2084 01:15:12,463 --> 01:15:14,135 I do all my hosting through a company 2085 01:15:14,135 --> 01:15:17,742 called host matters because they're twice as expensive 2086 01:15:17,878 --> 01:15:20,689 as, like a Godaddy or named cheap, but 2087 01:15:21,238 --> 01:15:23,387 you can buy it with privacy dot com 2088 01:15:23,387 --> 01:15:25,934 cards, which are masked credit cards. So you 2089 01:15:25,934 --> 01:15:27,605 don't have to give them any of your 2090 01:15:27,605 --> 01:15:28,481 real information. 2091 01:15:29,371 --> 01:15:31,598 But you are paying them. They're getting paid. 2092 01:15:32,076 --> 01:15:34,542 And they have real people there. And by 2093 01:15:34,542 --> 01:15:36,625 that, what I mean is, you're gonna pay 2094 01:15:36,625 --> 01:15:39,010 with your privacy dot com masked credit card, 2095 01:15:39,170 --> 01:15:40,760 which for people are not familiar. It's basically 2096 01:15:40,760 --> 01:15:43,305 a private version of, like, Paypal almost. Mh. 2097 01:15:43,543 --> 01:15:44,043 And 2098 01:15:44,514 --> 01:15:47,074 they're gonna do a fraud alert, but if 2099 01:15:47,074 --> 01:15:48,594 you contact their customer service, 2100 01:15:49,154 --> 01:15:51,554 usually within 5 minutes a real person is 2101 01:15:51,554 --> 01:15:53,238 on the phone with me, and they... And 2102 01:15:53,238 --> 01:15:55,404 you tell them you're a privacy ent. 2103 01:15:56,174 --> 01:15:58,555 That's why you're using privacy dot com, and 2104 01:15:58,555 --> 01:16:00,141 they will approve it and push it through. 2105 01:16:00,380 --> 01:16:02,306 Phone And I've been using them for a 2106 01:16:02,306 --> 01:16:05,094 few years. It cost twice as much as 2107 01:16:05,094 --> 01:16:07,005 those other companies, but they don't sell our 2108 01:16:07,005 --> 01:16:08,996 data, and it wouldn't even matter if they 2109 01:16:08,996 --> 01:16:10,842 did. Because I don't have to give them 2110 01:16:10,842 --> 01:16:12,114 a real name. I don't have to get... 2111 01:16:12,354 --> 01:16:14,922 The credit card I gave them expired 2 2112 01:16:15,139 --> 01:16:16,832 hours after they used it 2113 01:16:17,145 --> 01:16:19,381 that's the beauty of those masked credit cards. 2114 01:16:19,701 --> 01:16:21,858 So that's my pro tip for domains host 2115 01:16:21,858 --> 01:16:23,775 matters. I don't own stock or anything. 2116 01:16:24,189 --> 01:16:24,587 I'm just... 2117 01:16:25,305 --> 01:16:27,059 I love when I can talk to a 2118 01:16:27,059 --> 01:16:28,016 real person, 2119 01:16:28,734 --> 01:16:31,046 and we have enough of our clients that 2120 01:16:31,046 --> 01:16:32,402 do business there. If you just say or 2121 01:16:32,402 --> 01:16:34,250 privacy and enthusiasts, they'll take care of you. 2122 01:16:34,649 --> 01:16:36,084 And this is this is a big message 2123 01:16:36,084 --> 01:16:36,562 to everyone. 2124 01:16:37,359 --> 01:16:39,752 I have started paying more than I used 2125 01:16:39,752 --> 01:16:41,426 to have to pay for things to get 2126 01:16:41,426 --> 01:16:42,340 the to privacy 2127 01:16:42,955 --> 01:16:43,455 respecting 2128 01:16:43,832 --> 01:16:46,622 version of it. Yeah. I think we've all 2129 01:16:46,622 --> 01:16:48,614 been sold into this idea of everything should 2130 01:16:48,614 --> 01:16:49,651 be cheaper free. 2131 01:16:50,224 --> 01:16:52,296 And that is at the cost of our 2132 01:16:52,296 --> 01:16:54,448 privacy. So if you wanna be a private 2133 01:16:54,448 --> 01:16:56,841 person, you have to be willing to pay 2134 01:16:56,841 --> 01:16:57,739 for your services. 2135 01:16:59,168 --> 01:17:02,122 Yep. Yep. Sad but true. Yep. Alright, Jason. 2136 01:17:02,282 --> 01:17:03,421 We could talk for 2137 01:17:04,198 --> 01:17:06,992 going on forever. Yeah. Absolutely. And and again, 2138 01:17:07,152 --> 01:17:08,604 again, we'll have to find sometime time to 2139 01:17:08,604 --> 01:17:09,965 do it over beer or someday. But Yeah. 2140 01:17:10,524 --> 01:17:10,685 Okay. 2141 01:17:11,324 --> 01:17:13,005 1 last question before we go, And this 2142 01:17:13,005 --> 01:17:15,085 is a softball. What what other their if 2143 01:17:15,085 --> 01:17:16,845 what other stuff can we find at Intel 2144 01:17:16,845 --> 01:17:18,451 tech. I know he, he wrote the book 2145 01:17:18,451 --> 01:17:19,644 called extreme privacy. 2146 01:17:20,519 --> 01:17:22,746 There are now Pdfs that you can subscribe 2147 01:17:22,746 --> 01:17:24,019 to you which I have done that you 2148 01:17:24,019 --> 01:17:26,262 could for different platforms. Nick and it says 2149 01:17:26,262 --> 01:17:28,576 extreme, but I assume that you you could 2150 01:17:28,576 --> 01:17:29,692 learn a lot for them. You'd if you're 2151 01:17:29,692 --> 01:17:31,287 not going full tilt Michael Basil. 2152 01:17:32,085 --> 01:17:34,398 Yeah. So for the extreme privacy book, it 2153 01:17:34,398 --> 01:17:36,646 really is extreme. It's not most people. There's 2154 01:17:36,646 --> 01:17:38,720 probably about a third that is basics, and 2155 01:17:38,720 --> 01:17:40,554 then in a third that's intermediate and the 2156 01:17:40,554 --> 01:17:43,506 third that is crazy, like, becoming a digital 2157 01:17:43,506 --> 01:17:45,180 no and wandering the lands. 2158 01:17:45,755 --> 01:17:47,832 So that is probably on the scope of 2159 01:17:47,832 --> 01:17:49,749 most people, but now we also have these 2160 01:17:49,749 --> 01:17:52,225 smaller digital guidance. So when you go to 2161 01:17:52,225 --> 01:17:52,625 a site, 2162 01:17:53,279 --> 01:17:55,113 what most people are just going to need 2163 01:17:55,113 --> 01:17:56,788 and want is the free stuff. So if 2164 01:17:56,788 --> 01:17:58,783 you go into our resources tab in our 2165 01:17:58,783 --> 01:18:00,554 tools tab, all the free stuff I... Talked 2166 01:18:00,554 --> 01:18:02,071 about is there. So go take all of 2167 01:18:02,071 --> 01:18:04,067 our free stuff. No pressure to get anything 2168 01:18:04,067 --> 01:18:05,823 else. But if you decide you wanna take 2169 01:18:05,823 --> 01:18:07,578 it to the next level, we have guides 2170 01:18:07,578 --> 01:18:08,557 on firewalls 2171 01:18:09,095 --> 01:18:11,590 and We have guides on privacy. We have 2172 01:18:11,590 --> 01:18:14,729 guides on building out your own privacy based 2173 01:18:15,029 --> 01:18:17,750 phone. Right? Mh. So there's all sorts of 2174 01:18:17,750 --> 01:18:19,197 stuff. Then on my side of the house, 2175 01:18:19,515 --> 01:18:21,902 we have online training for open source intelligence. 2176 01:18:22,140 --> 01:18:24,208 I train at Black hat every year. We 2177 01:18:24,208 --> 01:18:27,170 do private events. We do keynote, privacy... Security, 2178 01:18:27,329 --> 01:18:29,510 we do all sorts of consulting. So 2179 01:18:29,810 --> 01:18:31,729 we have a lot of different roles there. 2180 01:18:32,289 --> 01:18:34,929 And... But mostly in the privacy security or 2181 01:18:35,010 --> 01:18:36,149 Open source intelligence 2182 01:18:36,545 --> 01:18:36,784 fields. 2183 01:18:37,824 --> 01:18:39,185 Wonderful. Well I'll put links to the show 2184 01:18:39,185 --> 01:18:41,025 notes, as I said, Jason, thank you so 2185 01:18:41,025 --> 01:18:42,625 much for coming the show. That we'll definitely 2186 01:18:42,625 --> 01:18:43,744 have to bring you back in the future. 2187 01:18:44,225 --> 01:18:45,104 Absolutely. Thanks, Kurt. 2188 01:18:51,261 --> 01:18:53,176 I really enjoyed that to interview did too. 2189 01:18:53,336 --> 01:18:55,385 That was a lot of fun, very, very 2190 01:18:55,503 --> 01:18:56,003 interesting 2191 01:18:56,536 --> 01:18:56,933 and 2192 01:18:57,409 --> 01:18:58,918 brought out a lot of things that I 2193 01:18:58,918 --> 01:18:59,951 don't think a lot of us think about. 2194 01:19:00,269 --> 01:19:03,310 So just Fyi, I've been going through their 2195 01:19:03,939 --> 01:19:06,659 data removal guide. And, there are links in 2196 01:19:06,659 --> 01:19:08,340 the shown notes. You're welcome to, obviously, go 2197 01:19:08,340 --> 01:19:10,100 look at that yourself, as well as links 2198 01:19:10,100 --> 01:19:12,020 to many of the other tools and, 2199 01:19:12,833 --> 01:19:15,139 and stuff that we talked about today, all 2200 01:19:15,139 --> 01:19:16,887 today show notes. But I am going through 2201 01:19:16,887 --> 01:19:17,921 the process of, 2202 01:19:19,034 --> 01:19:21,419 requesting that my data be deleted or in 2203 01:19:21,419 --> 01:19:22,158 some cases 2204 01:19:22,548 --> 01:19:24,861 suppressed, and I'll explain that when the time 2205 01:19:24,861 --> 01:19:27,572 comes. Using the documents that these guys have 2206 01:19:27,572 --> 01:19:29,487 put out, which are very, very helpful. I'm 2207 01:19:29,487 --> 01:19:30,922 taking a whole bunch of notes that I'm 2208 01:19:30,922 --> 01:19:33,011 going to be talking about that, I might 2209 01:19:33,011 --> 01:19:34,608 even make that like, a whole episode, because 2210 01:19:34,608 --> 01:19:36,203 it's a... I'm just shocked at the... 2211 01:19:37,002 --> 01:19:39,816 The things that I'm finding and the weird 2212 01:19:40,448 --> 01:19:43,239 aspects to how all of these things work. 2213 01:19:43,957 --> 01:19:44,994 It will be a tip of the week 2214 01:19:44,994 --> 01:19:46,670 for sure, but it's gonna be a big 2215 01:19:46,670 --> 01:19:49,381 1. So we'll see End I might have 2216 01:19:49,541 --> 01:19:52,100 having to dedicate a whole kinda episode to 2217 01:19:52,100 --> 01:19:52,974 this. We will see. 2218 01:19:54,007 --> 01:19:55,676 But know that that is coming. So you're 2219 01:19:55,676 --> 01:19:56,708 welcome to look at it now, but if 2220 01:19:56,708 --> 01:19:57,820 you want me to kind of blaze the 2221 01:19:57,820 --> 01:19:58,297 trail for you, 2222 01:19:59,028 --> 01:20:01,421 stay tuned because I will be giving you 2223 01:20:01,421 --> 01:20:04,291 my experiences on this and and give you 2224 01:20:04,291 --> 01:20:06,125 some tips and tricks for things that I 2225 01:20:06,125 --> 01:20:07,640 found along the way that may help you 2226 01:20:07,640 --> 01:20:09,653 out. If and when, you decide to do 2227 01:20:09,653 --> 01:20:11,091 this for yourself. And I think you should, 2228 01:20:11,171 --> 01:20:11,650 by the way, 2229 01:20:12,368 --> 01:20:14,287 if for as kind of painful and weird 2230 01:20:14,287 --> 01:20:15,485 as this process has been, 2231 01:20:16,534 --> 01:20:19,475 it was very enlighten, and I I... After 2232 01:20:19,475 --> 01:20:22,336 having done it, I will agree with Jason 2233 01:20:22,336 --> 01:20:24,323 that it it's something you shouldn't pay someone 2234 01:20:24,323 --> 01:20:26,267 else to do. You should do it yourself 2235 01:20:26,402 --> 01:20:28,148 and paste yourself and spread it out every 2236 01:20:28,148 --> 01:20:30,291 time. So, anyway, I will give you my 2237 01:20:30,291 --> 01:20:31,957 take on that and maybe my advice on 2238 01:20:31,957 --> 01:20:33,148 how to go about doing that and a... 2239 01:20:33,957 --> 01:20:36,501 Future show, not too long from now. 2240 01:20:37,534 --> 01:20:39,045 Patrons on Thursday we'll get some really fun 2241 01:20:39,045 --> 01:20:40,714 bonus content with with Jason. 2242 01:20:41,986 --> 01:20:42,884 I ask him 2243 01:20:43,274 --> 01:20:45,985 So How do pronounce Michael Be or basil. 2244 01:20:46,225 --> 01:20:47,660 How do you pronounce that last name? And 2245 01:20:47,660 --> 01:20:49,277 his answer was 2246 01:20:50,133 --> 01:20:51,112 surprising and 2247 01:20:51,569 --> 01:20:51,967 hilarious. 2248 01:20:52,859 --> 01:20:54,397 We also talk about using 2249 01:20:55,094 --> 01:20:57,728 disinformation to mask your own data, 2250 01:20:58,287 --> 01:21:00,122 throwing out some of that cha. The sm 2251 01:21:00,122 --> 01:21:01,081 interesting takes on that. 2252 01:21:01,734 --> 01:21:03,652 You will find out why you actually are 2253 01:21:03,652 --> 01:21:05,969 more likely to have your information exposed by 2254 01:21:05,969 --> 01:21:08,286 4 request than your elected officials. And then 2255 01:21:08,446 --> 01:21:09,899 I had to ask him, you know, since 2256 01:21:09,899 --> 01:21:11,577 they take care of some of these high 2257 01:21:11,577 --> 01:21:13,734 profile clients. When you go through the looking 2258 01:21:13,734 --> 01:21:15,412 glass 1? What does it like when you 2259 01:21:15,412 --> 01:21:17,581 try to take, you know, the stream measures 2260 01:21:17,581 --> 01:21:19,994 to to scrub people's information 2261 01:21:20,531 --> 01:21:22,682 from the Internet. So all very interesting stuff, 2262 01:21:22,762 --> 01:21:24,118 and that will be coming for the patrons 2263 01:21:24,118 --> 01:21:26,850 as usual, on the Thursday bonus podcast. 2264 01:21:27,729 --> 01:21:29,570 Next week, we'll have a new show. Again, 2265 01:21:29,729 --> 01:21:31,970 I will definitely cover the the cloud strike, 2266 01:21:33,409 --> 01:21:33,729 debacle, 2267 01:21:34,384 --> 01:21:35,821 And maybe I'll be ready to talk about 2268 01:21:35,821 --> 01:21:38,535 the data deletion project that I'm on, but 2269 01:21:38,615 --> 01:21:40,052 I've not next week, it will be sent. 2270 01:21:40,451 --> 01:21:41,968 That'll do it this week. Take care of 2271 01:21:41,968 --> 01:21:43,326 everybody stay safe out there. 2272 01:21:43,979 --> 01:21:45,408 And until next week as always, 2273 01:21:46,123 --> 01:21:47,552 don't get caught with your draw down.