Return to Video

vimeo.com/.../244383308

  • Not Synced
    Greetings Troublemakers... welcome to Trouble.
  • Not Synced
    My name is not important.
  • Not Synced
    At 10:30pm on October 29th, 1969,
  • Not Synced
    Charlie Kline, a student programer at UCLA,
  • Not Synced
    successfully sent the first digital message
  • Not Synced
    from one computer terminal to another via the DARPANET,
  • Not Synced
    a top-secret research project run by the US Department of Defense.
  • Not Synced
    The transmission of this single word, 'login'
  • Not Synced
    was a pivotal moment in human history,
  • Not Synced
    as it represents the official birth of the Internet.
  • Not Synced
    And it was from here that the first message was sent.
  • Not Synced
    A revolution began!
  • Not Synced
    In the nearly fifty years that have followed,
  • Not Synced
    this invention has thoroughly transformed our world
  • Not Synced
    and come to dominate virtually all aspects of our lives.
  • Not Synced
    It has restructured and rejuvenated capitalism,
  • Not Synced
    by revolutionizing finance and transforming the globe
  • Not Synced
    into a single interconnected marketplace.
  • Not Synced
    It has provided new methods of interacting with one another
  • Not Synced
    and helped shape the ways that we receive and process information.
  • Not Synced
    And it has provided a place for people to upload terabytes of videos of their cats.
  • Not Synced
    This is pinky... he's a male. He's available for adoption.
  • Not Synced
    He's pet of the week.
  • Not Synced
    The Internet has also become the central pillar of a new form of social control
  • Not Synced
    based around mass data collection and the construction of algorithms
  • Not Synced
    aimed at better predicting and manipulating human behavior.
  • Not Synced
    But while states and digital capitalists have used the Internet
  • Not Synced
    as a platform for mass surveillance and pacification,
  • Not Synced
    it has also been a site of subversion
  • Not Synced
    and created new possibilities for decentralized attacks on the dominant order.
  • Not Synced
    We've got a problem.
  • Not Synced
    What?
  • Not Synced
    Someone synched a RAT to one of my servers.
  • Not Synced
    A remote access tool – we're being hacked!
  • Not Synced
    On the front-lines of this war are hackers
  • Not Synced
    ... those who use curiosity, programming skills and problem solving
  • Not Synced
    to unlock closed systems and bend powerful forces to their will.
  • Not Synced
    Over the next thirty minutes,
  • Not Synced
    we'll share the voices of a number of these individuals
  • Not Synced
    as they share their experiences of defacing web sites,
  • Not Synced
    leaking emails, developing tools to thwart digital surveillance
  • Not Synced
    ... and making a whole lot of trouble.
  • Not Synced
    Hacking is one of those terms that I think has become a little bit nebulous.
  • Not Synced
    I would define it as using technology in a way that wasn't intended,
  • Not Synced
    by finding bugs and oversights in designs
  • Not Synced
    to make it produce results that were never supposed to happen.
  • Not Synced
    Creative subversion of technical systems.
  • Not Synced
    You take software and you modify it to get another result.
  • Not Synced
    For example, accessing information on a system that you shouldn't be able to access.
  • Not Synced
    Or making the system do something that it shouldn't be able to do
  • Not Synced
    – or that you shouldn't be able to make it do.
  • Not Synced
    There's a lot of different definitions of hacking, depending on who you ask.
  • Not Synced
    US criminal law defines computer hacking as unauthorized access
  • Not Synced
    to obtain information, transmitting destructive code, etc.
  • Not Synced
    I mean, they've basically expanded the definition
  • Not Synced
    in their ongoing efforts to criminalize everyday Internet activity.
  • Not Synced
    If you ask someone like Richard Stallman,
  • Not Synced
    he'll tell you that it's really just a creative solution to a problem.
  • Not Synced
    But hackers also do like to break into systems.
  • Not Synced
    There are all kinds of systems,
  • Not Synced
    and there's all kinds of access
  • Not Synced
    ... and all kinds of ways to gain access.
  • Not Synced
    Some hackers choose to fix and protect these systems.
  • Not Synced
    They work for the government, Microsoft etc.
  • Not Synced
    They call themselves White Hats.
  • Not Synced
    They're not even really hackers.
  • Not Synced
    They're seen in the hacking scene as sellouts.
  • Not Synced
    They do it for the paycheck... or maybe because of the flag.
  • Not Synced
    But there are those, of course, who don't don't it for employment.
  • Not Synced
    They don't do it for a paycheck,
  • Not Synced
    they do it for the love of solving complex puzzles.
  • Not Synced
    For the thrill of breaking into whatever artificial borders
  • Not Synced
    that these people decide to erect.
  • Not Synced
    Everything that's built can be broken.
  • Not Synced
    I don't think hacking has changed all that much in the last few years.
  • Not Synced
    What really has changed is the scope of things that can be affected by hacking.
  • Not Synced
    Before, in the 90's, most of it was just practical jokes
  • Not Synced
    because none of it had a lot of impact on real life.
  • Not Synced
    And in popular culture,
  • Not Synced
    you start to have hackers appear in movies, in television series,
  • Not Synced
    where there's this whole figure of these hackers that have these super powers.
  • Not Synced
    That can invade computer systems in any way, shape or form.
  • Not Synced
    There's a new virus in the database.
  • Not Synced
    What's happening?
  • Not Synced
    It's replicating... eating up memory.... uhh, what do I do?
  • Not Synced
    Type 'cookie' you idiot!
  • Not Synced
    Then it gets a lot more popularized.
  • Not Synced
    Since the dot-com boom at the end of the 90's,
  • Not Synced
    things now have a huge impact.
  • Not Synced
    And everything tends to be connected to the Internet,
  • Not Synced
    or some sort of network.
  • Not Synced
    As digital information networks have evolved,
  • Not Synced
    a lot of personal information is being stored.
  • Not Synced
    Y'know, big data corporations and industries are relying on computers
  • Not Synced
    ... so hackers have access to this kind of information
  • Not Synced
    that these big companies have as well.
  • Not Synced
    Hacking can be very simple and very complex.
  • Not Synced
    But most times hacking is very simple.
  • Not Synced
    By supplying input in a certain way,
  • Not Synced
    you're able to make the back-end system believe that what you're supplying
  • Not Synced
    is actually part of its own code.
  • Not Synced
    Which, in a lot of cases, can give you full access to that system.
  • Not Synced
    That's not just limited to computers or telecommunication systems.
  • Not Synced
    We can really kind of apply this idea to all kinds of technical systems.
  • Not Synced
    So, for example, something like social engineering
  • Not Synced
    is a human form of hacking.
  • Not Synced
    Y'know, you can pretend to be somebody that you're not
  • Not Synced
    and ask another person questions about themselves
  • Not Synced
    in order to get them to reveal private information.
  • Not Synced
    It's possible that there is software
  • Not Synced
    in theory that doesn't have vulnerabilities.
  • Not Synced
    But in practice, that's impossible to have.
  • Not Synced
    If an application or a system performs queries to a database based on your input,
  • Not Synced
    you could possibly alter your input to be able to then alter the database query,
  • Not Synced
    and possibly gain access to information that you shouldn't be able to.
  • Not Synced
    Mostly what an exploit does,
  • Not Synced
    it's a small tool that you run to get access to a special sector
  • Not Synced
    of the software you want to get.
  • Not Synced
    A lot of exploits and vulnerabilities are discussed publicly
  • Not Synced
    and being used in the wild.
  • Not Synced
    If you pay attention to lists like Full Disclosure or Security Focus,
  • Not Synced
    they'll tell you some of the latest tricks that are being used.
  • Not Synced
    Of course, those are the ones that are already publicly known,
  • Not Synced
    and that the vendors have already released patches for
  • Not Synced
    ... but a lot of companies don't always patch.
  • Not Synced
    They're not as on-top of it as they'd like to think that they are.
  • Not Synced
    For example, the Equifax hacks a couple of weeks ago
  • Not Synced
    was running outdated versions of Apache software.
  • Not Synced
    Most people don't really do updates regularly.
  • Not Synced
    So most people will actually get hacked by something very simple.
  • Not Synced
    Denial of service attacks
  • Not Synced
    ... basically coming up with ways to create an enormous amount
  • Not Synced
    of traffic to your server,
  • Not Synced
    to the point where it can't continue to provide those services.
  • Not Synced
    There's such a thing as Distributed Denial of Service attacks,
  • Not Synced
    where that traffic is coming from many places at the same time.
  • Not Synced
    The most serious techniques are what they call 'undisclosed vulnerabilities',
  • Not Synced
    what they call a 'zero day.'
  • Not Synced
    When someone discovers a vulnerability, and instead of reporting it
  • Not Synced
    – which is the White Hat way –
  • Not Synced
    they continue using it privately.
  • Not Synced
    And they don't report it publicly,
  • Not Synced
    so that way for anyone to really adequately protect themselves against it.
  • Not Synced
    I think a useful way to think about this is
  • Not Synced
    that the Internet is a really hostile place.
  • Not Synced
    It was never designed with privacy or security in mind.
  • Not Synced
    State actors and corporations control the entire thing.
  • Not Synced
    And so when you talk about their ability to exploit it
  • Not Synced
    ... I mean, to me, so many of the basic services that we use
  • Not Synced
    on the Internet are exploitative
  • Not Synced
    without thinking about a hacker getting into it, or malware or something like that.
  • Not Synced
    State actors like the US government
  • Not Synced
    have the ability to observe all Internet traffic in real time,
  • Not Synced
    collect it and store it,
  • Not Synced
    and then use it later at their discretion.
  • Not Synced
    And they work very closely with the digital capitalists
  • Not Synced
    – facebook, google and all these other entities
  • Not Synced
    – who are already storing that information anyway.
  • Not Synced
    The Internet has long been a tool used by social movements
  • Not Synced
    of various political stripes,
  • Not Synced
    both as a means of disseminating information
  • Not Synced
    and a fertile ground for recruitment.
  • Not Synced
    Back in the 1990's, the anti-globalization movement
  • Not Synced
    arose alongside the open-media publishing platform, Indymedia,
  • Not Synced
    which allowed for the virtual coordination of many localized fronts
  • Not Synced
    in the global fight against neoliberal capitalism.
  • Not Synced
    I need 50,000 people.
  • Not Synced
    50,000? You're gonna have to give me some time.
  • Not Synced
    And drums.
  • Not Synced
    You want drums? OK, I can do that.
  • Not Synced
    And what about the Italians?
  • Not Synced
    The Italians? Man, they're stuck on the border.
  • Not Synced
    They're gonna be with you tomorrow.
  • Not Synced
    And the black bloc?
  • Not Synced
    The black bloc are already there.
  • Not Synced
    You're gonna see black and red like there ain't no tomorrow, kid.
  • Not Synced
    You just sit tight.
  • Not Synced
    These days, social media platforms like facebook
  • Not Synced
    have given rise to a new form of online activity known as 'clicktivism',
  • Not Synced
    in which likes, shares and the signing of online petitions
  • Not Synced
    have become a popular way for liberals and so-called 'progressives'
  • Not Synced
    to project an image of ostensible participation
  • Not Synced
    in campaigns centered around a variety of social justice-related issues,
  • Not Synced
    and often masking their lack of participation in real world struggles.
  • Not Synced
    Real change requires real action.
  • Not Synced
    That’s why I always share political articles on facebook, whenever I see them.
  • Not Synced
    But not everyone has been lulled into this comforting delusion
  • Not Synced
    of how social change works.
  • Not Synced
    On both sides of the political spectrum,
  • Not Synced
    groups and individuals have continued to use the Internet pragmatically,
  • Not Synced
    both to spread their ideologies and coordinate their IRL activities.
  • Not Synced
    Anonymous is a decentralized network of hackers and activists
  • Not Synced
    that exist in places like IRC and Twitter,
  • Not Synced
    and anyone is free to become Anonymous
  • Not Synced
    and start their own operations within the network.
  • Not Synced
    It's kinda similar to the black bloc tactic used as cover and collective identity.
  • Not Synced
    I'm doing ten years in the fence for computer hacking charges
  • Not Synced
    related to my involvement in Anonymous.
  • Not Synced
    I was hacking police departments, military contractors
  • Not Synced
    ... defacing their websites, releasing their emails and databases to the public.
  • Not Synced
    One of the bigger targets was a company known as Strategic Forecasting
  • Not Synced
    – Stratfor – which is a private intelligence firm
  • Not Synced
    made up of mostly former State Department and CIA agents.
  • Not Synced
    We took down their website.
  • Not Synced
    We went on donation sprees with all their clients' credit cards,
  • Not Synced
    and gave their email archives to Wikileaks.
  • Not Synced
    And Wikileaks pubished them,
  • Not Synced
    showed that they had been spying on activist groups
  • Not Synced
    on behalf of corporations like Dow Chemical.
  • Not Synced
    Groups like Anonymous got really really famous defacing websites.
  • Not Synced
    Other groups attacked police websites,
  • Not Synced
    getting all the data they have about current police members.
  • Not Synced
    There's also groups that were blocking huge institutions,
  • Not Synced
    like credit card companies or banks.
  • Not Synced
    If they block their transactions, they lose money.
  • Not Synced
    So there's a bunch of stuff you can do with hacking.
  • Not Synced
    Anonymous, they were really famous for
  • Not Synced
    really getting that kind of popular participation in a hacking movement
  • Not Synced
    that really didn't mean you had to be an expert to use it.
  • Not Synced
    You could download a piece of software,
  • Not Synced
    and you could just run it on your computer
  • Not Synced
    and you would enter in the target URL
  • Not Synced
    and you could begin to participate in what was effectively like a virtual sit-in.
  • Not Synced
    Now as far as Anonymous, or hacktivists in general
  • Not Synced
    playing a role in revolutionary movements...
  • Not Synced
    Anonymous was very active during Occupy Wall Street and the Arab Spring.
  • Not Synced
    In general, an overall revolutionary strategy
  • Not Synced
    benefits from a diversity of tactics.
  • Not Synced
    Multiple attacks converging from all angles,
  • Not Synced
    including street protests, to smashed windows, to hacked websites.
  • Not Synced
    So Anonymous, y'know, revealing scandalous personal information
  • Not Synced
    on individuals associated with a company that is the current target of protests
  • Not Synced
    – timed well, it could be very effective.
  • Not Synced
    It's a really interesting concept to me.
  • Not Synced
    And a lot of people who are members of Anonymous
  • Not Synced
    use tools that I work on every day.
  • Not Synced
    And I hope they will use them for good.
  • Not Synced
    I think the unifying idea is just using anonymity to achieve some end.
  • Not Synced
    And doing it with other people.
  • Not Synced
    And I think that that speaks to some of their internal contradictions too,
  • Not Synced
    because they're not unified by a political ideology.
  • Not Synced
    Members of Anonymous fight with each other about that.
  • Not Synced
    And I think when you have no political ideology motivating work like that
  • Not Synced
    – work that has the potential to impact the whole globe, and has before
  • Not Synced
    - it can be really dangerous.
  • Not Synced
    We of Anonymous declare total fucking war on antifa,
  • Not Synced
    and all who support their criminal and violent actions
  • Not Synced
    towards innocent civilians.
  • Not Synced
    I've seen Anonymous operations go after people
  • Not Synced
    in a kind of y'know, right-wing, Pizzagate-type style.
  • Not Synced
    You know... I mean it originated on 4Chan.
  • Not Synced
    Historically, the hacker community has been very inclusive.
  • Not Synced
    When everything started,
  • Not Synced
    nobody really knew who was on the other side of the line.
  • Not Synced
    Everyone was just green text on a black background.
  • Not Synced
    With that said, there is a lot of sexism in tech generally,
  • Not Synced
    and I'd say that the people who are recruited from places
  • Not Synced
    like Reddit and 4Chan are like, y'know,
  • Not Synced
    your typical tech bros.
  • Not Synced
    Every community on the Internet,
  • Not Synced
    and every sub-community within those sites,
  • Not Synced
    whether it's 4Chan or Reddit or whatever,
  • Not Synced
    has a dog in the fight in gamergate.
  • Not Synced
    Gamergate and 4Chan, and the origins of the alt-right,
  • Not Synced
    I think are one of the most obvious confirmations
  • Not Synced
    of something that many of us who are radicals already knew
  • Not Synced
    ... which is that toxic masculinity, misogyny, whatever you wanna call it,
  • Not Synced
    is an incredibly dangerous and violent force.
  • Not Synced
    And it never ends there.
  • Not Synced
    Beyond the origins in 4Chan,
  • Not Synced
    I don't really know exactly where a lot of these young men came from.
  • Not Synced
    I imagine that it's probably not any more interesting
  • Not Synced
    than they are a result of late-capitalist alienation.
  • Not Synced
    But I think that they started out with, y'know,
  • Not Synced
    just like your garden variety misogyny.
  • Not Synced
    And then actual literal fascists went to their forums
  • Not Synced
    and whispered fascist poison into the ears of these impressionable men.
  • Not Synced
    And because they already were prone to violence and bigotry,
  • Not Synced
    then it was just the natural conclusion.
  • Not Synced
    Doxxing is the practice of exposing information about your opponent
  • Not Synced
    that they'd rather have kept secret.
  • Not Synced
    Typically, doxxing happens from information
  • Not Synced
    that is already somehow readily available
  • Not Synced
    ... maybe just a little bit hidden.
  • Not Synced
    If someone is doing their activism under a pseudonym,
  • Not Synced
    attackers will search for any connection
  • Not Synced
    to their real physical persona and put that information online.
  • Not Synced
    And then whoever the target is,
  • Not Synced
    all the people who wanna go after that target
  • Not Synced
    will work collectively to terrorize them.
  • Not Synced
    The result of it can be, y'know, something like
  • Not Synced
    getting 50 pizzas delivered to your house
  • Not Synced
    ... or it can be a SWAT team showing up in response to a fake bomb threat.
  • Not Synced
    Protection against this is best done by
  • Not Synced
    compartmentalization of your online activities.
  • Not Synced
    So keep your activist activities and your regular activities separate.
  • Not Synced
    Use different email accounts when you sign up for services.
  • Not Synced
    Doxxing's also been used by hacker collectives
  • Not Synced
    to expose lists of police officers, members of fascist organizations...
  • Not Synced
    A lot of people were doxxed after the Charlottesville rally
  • Not Synced
    out of just public open-source knowledge,
  • Not Synced
    and had to back-track on their beliefs
  • Not Synced
    and actually had to go out in public and offer apologies.
  • Not Synced
    In June of 2010, a malicious computer worm
  • Not Synced
    called the Stuxnet virus was first discovered
  • Not Synced
    by a small Belorussian software company, VBA32.
  • Not Synced
    It was soon shared with cyber-security experts
  • Not Synced
    at Kaspersky Labs, in Moscow,
  • Not Synced
    and Symantec in Silicon Valley,
  • Not Synced
    who quickly realized that it was unlike any virus ever seen before.
  • Not Synced
    Far from your run-of-the mill malware,
  • Not Synced
    Stuxnet was a sophisticated weapon,
  • Not Synced
    comprised of millions of lines of code
  • Not Synced
    and believed to have been jointly developed by the cyber-warfare divisions
  • Not Synced
    of the American and Israeli military.
  • Not Synced
    Its target was the Natanz nuclear enrichment facility, in Iran.
  • Not Synced
    For Natanz, it was a CIA-led operation.
  • Not Synced
    So we had to have agency sign-off.
  • Not Synced
    Someone from the agency stood behind the operator and the analyst
  • Not Synced
    and gave the order to launch every attack.
  • Not Synced
    For months, the virus had lain hidden
  • Not Synced
    within the plant's Programmable Logic Controllers,
  • Not Synced
    machines that are commonly used to regulate and control
  • Not Synced
    a wide variety of industrial processes.
  • Not Synced
    Running commands that were completely untraceable to workers in the plant,
  • Not Synced
    Stuxnet targeted centrifuges for sabotage,
  • Not Synced
    causing them to explode, seemingly without cause.
  • Not Synced
    The virus was only discovered due to an error in an upgrade patch,
  • Not Synced
    which allowed it to jump out of the secured military facility
  • Not Synced
    and onto the world wide web
  • Not Synced
    …. otherwise we would have never even known it existed.
  • Not Synced
    The Israelis took our code for the delivery system and changed it.
  • Not Synced
    Then, on their own, without our agreement
  • Not Synced
    they just fucked up the code.
  • Not Synced
    Instead of hiding, the code started shutting down computers
  • Not Synced
    ... so naturally people noticed.
  • Not Synced
    Because they were in a hurry, they opened Pandora's Box.
  • Not Synced
    They let it out and it spread all over the world.
  • Not Synced
    The Stuxnet virus set an important historical precedent,
  • Not Synced
    as it heralded the beginnings of a dangerous new chapter in modern warfare.
  • Not Synced
    Still in its relative infancy, state-led cyber military campaigns
  • Not Synced
    are now being conducted under conditions of total secrecy,
  • Not Synced
    shrouded from public scrutiny, or even knowledge.
  • Not Synced
    And given the widespread incorporation of digital systems
  • Not Synced
    into all aspects of industrial civilization,
  • Not Synced
    from electrical grids to emergency management systems
  • Not Synced
    and even missile launch sites,
  • Not Synced
    the potential consequences of these types of attacks
  • Not Synced
    could lead to truly catastrophic loss of life.
  • Not Synced
    And while states have been the first to reach this stage
  • Not Synced
    in the development of offensive cyber warfare,
  • Not Synced
    corporations and other sub-state actors are already charting their own courses
  • Not Synced
    in the militarization of digital systems.
Title:
vimeo.com/.../244383308
Video Language:
English
Duration:
34:06

English subtitles

Revisions Compare revisions