SAMY KAMKAR

Samy Kamkar (TW: @SAMYKAMKAR, SAMY.PL) is one of the most innovative computer hackers in the United States. He is best known for creating the fastest-spreading virus of all time, a MySpace worm named “Samy,” for which he was raided by the United States Secret Service. More recently, he created SkyJack, a custom drone that hacks into any nearby drones, allowing any operator to control a swarm of devices. He also discovered illicit mobile phone tracking by Apple iPhone, Google Android, and Microsoft Windows Phone mobile devices. His findings led to a series of class-action lawsuits against these companies and a privacy hearing on Capitol Hill.

Why is Samy in Wise? Once again, because feeling safe and enjoying your resources isn’t solely about offense. It’s important to have basic defenses in place. Life is a full-contact sport, and the black swans will come visiting sooner or later.

Spirit animal: Honey badger

BACK STORY

Samy was—perhaps surprisingly—one of my Obi-Wans for the “Dating Game” episode of The Tim Ferriss Experiment TV show. In 15 to 20 minutes, he demonstrated how he optimized and automated nearly all of his online dating in L.A. and other cities. Based on all of his data crunching, he told me shirtless pics and animals were “like crack.” I didn’t believe him, so we tested roughly a dozen of my preexisting profile pics alongside a new, shirtless pic of me with a kitten held over my shoulder. It was an embarrassing, ludicrous pic. Even Neil Strauss (here) didn’t want it to win. Alas, it did.

MUSIC FOR THE ZONE

To get in the zone, Samy likes to code to AudioMolly.com, The Glitch Mob, and Infected Mushroom. Based on his recommendation, I found some of my current favorites—Pegboard Nerds (“Blackout”) and David Starfire (Karuna)—on AudioMolly.

• What advice would you give to your 20-year-old self?

“Stop committing felonies.”

TOOLS OF A HACKER

I’ve often asked Samy, “How can I protect myself against people like you?” The tools below address more than 90% of the most common security threats. I currently use about half of them. This chapter can be dense, so feel free to skim and return to it as a reference, if needed.

If you do nothing else, here’s a 60-second precaution: Put tape or a cover over your laptop camera (and perhaps your phone) when you’re not using it. Samy explained to me how simple it is to hijack cameras. It’s terrifying. This could be used to surveil your house and determine when you’re not home. It could also be used to catch you playing patty cake with Captain Winky. Covering it is 60 seconds well spent.

Enter Samy

How to protect your data on your computer and mobile devices, in case your systems are ever stolen or in case you’re traveling abroad or across borders

• ► Use BitLocker on Windows or FileVault on OS X. Your data will be encrypted when the machine is off or suspended. Encrypt your hard drive using “full disk encryption” in order to keep your confidential data protected in case your machine is ever lost or stolen, preventing others from extracting data from your device without the password.
• ► You’ll Never Take Me Alive! is a free tool for Windows and OS X machines so that if the machine is ever disconnected from AC power or wired Ethernet while the screen is locked [TF: e.g., someone grabs your laptop out of a coffee shop and sprints off], the system will go into hibernate, preventing a laptop thief from accessing your encrypted data. This requires you to be using FileVault or BitLocker disk encryption.
• ► Use a PIN on your iOS or Android device to encrypt the data locally on the device. While a PIN may seem insecure, your data is typically well protected due to the mechanisms in place to prevent brute forcing of PIN codes onto your device, and the relatively secure (though not perfect) hardware implementations of security within iOS and Android. [TF: If on iPhone, I’d also recommend increasing your PIN from 4 to 8 characters. If someone is trying to brute-force crack your password, this takes the time required from roughly 4 to 5 days to 100+ days (iPhone: Settings → Touch ID & Passcode → Change Passcode)]
• ► Don’t ever use the same password twice! Differentiate your passwords enough that someone can’t guess a password for one site by knowing the password of another. I try to use long but “simple” passwords that are easy to remember like lyrics from a song relevant to the site. A long password, even if mostly English words, is typically stronger than a short password with random characters. For casual, non-technical people, I would suggest using a program like 1Password or LastPass (or KeePass, if you want open-source) to remember all of these. Personally, I use VeraCrypt (below), but it’s more involved. The difference between this and a tool like 1Password is that 1Password is built into the browser and if a vulnerability is found, the software itself has access to my passwords the next time I use it. It’s unlikely to happen, but there is a small risk.
• ► Consider using the free, cross-platform tool VeraCrypt. If you feel you might ever be compelled to reveal a password for your computer such as at a border crossing or by “rubber hose” cryptanalysis (being beaten by a rubber hose until you squeal), you can use “hidden volumes” to hide data with two passwords, providing you plausible deniability. Such hidden volumes are encrypted disks or directories that have one password that decrypts to show various files that you placed and are comfortable with revealing, while a secondary password can decrypt the same folder containing the actual, confidential data you’re protecting, with no way to prove whether there’s a single password or two passwords for the volume. I personally don’t use a second password for any of my encrypted drives…. or do I?

Detecting Malware or Software Behaving Badly on Your Computer

• ► A great amount of software will make outbound connections to the Internet, typically for legitimate purposes, though not necessarily. If you wish to prevent or at least learn when an application is doing this, you can use NetLimiter on Windows or Little Snitch on OS X to detect and decide to allow or block when a specific application is connecting out, and learn where it’s connecting to. You can use Wireshark for further analysis, mentioned below.
• ► You can use BlockBlock on OS X, which notifies you if a program is trying to install itself to run upon startup, even when it’s hiding itself in a nook or cranny of your system, and you have the clear option to block it if you wish. Some viruses or malware or simply annoying software will try to do this and you can decide if it should run at startup or not.
• ► Don’t plug in any USB device that you don’t trust! There are even e-cigarettes that charge over USB that carry malware. If you wish to charge something, it’s safer to use a USB charger/adapter [for a wall outlet] rather than your computer.

Anonymizing Yourself on the Internet

• ► Tor is a free, cross-platform software that allows you to browse the Internet anonymously and helps you defend against network surveillance. It will help change your IP address each time you use it as well as encrypt your network communication, however the last “hop” in the chain of Tor will always be able to see your unencrypted traffic, though [it will] not be able to detect your IP address. I would trust Tor over any VPN service as no Tor node knows both your IP and what you’re accessing, unlike a VPN, which could be compelled to share that data.
• ► When you take a picture with your smartphone, it’s typically recording your GPS coordinates and other data about the picture, such as device used, into the image. This is called EXIF data and is metadata that’s hidden in the image, and anyone can recover it if you send the image directly to them. You can disable storing location in phones on various platforms [See Settings, Systems Preferences, etc. For instance, on iPhone 6: Settings → Privacy → Location Services] or use free software after the fact to do this. Search for ‘EXIF removal tool’ and find a tool for your operating system or mobile platform to do this when you wish to hide your location from images.
• ► If you want to be particularly crafty, you can use a free app called LinkLiar on OS X to spoof or randomize your MAC address. A MAC address is a fixed, unique hardware identifier of the network device within your computer and never changes otherwise. I’ve also discovered that some large companies track MAC addresses to know the last place you’ve been, so it doesn’t hurt to adjust it every once in a while.

Accessing Interesting Data and Controlling the Websites You Visit

• ► If a website is delivering images, video, or audio to your computer, that means in most cases you can download it directly, even if the site attempts to stop you. In Chrome (similar tools exist in Firefox and Safari), you can go to View → Developer → Developer Tools, click on the Network tab, refresh the page, and see all content going across. You can then right-click any file, such as an image that the site wouldn’t otherwise let you download, and click Copy Link Address to get the direct URL. The Elements tab is also particularly useful. [TF: You can also use this to easily copy and paste good quotes that some sites like to prevent you from copy and pasting.]
• ► Using the same Developer Tools, if a site is ever trying to force you to sign up, fill out a form you don’t want to fill out, or otherwise cover the page with obtrusive windows or darkening the page, you can use the Elements tab in the Developer Tools (mentioned above), right-click on any element in the tab, and click Remove. Don’t worry, if you remove the wrong thing, you can simply refresh the page and try again! You are only affecting the page on your own computer, but this can be a useful tool to adjust a page to your liking.
• ► Google Reverse Image Search is a surprisingly useful tool if you’re ever trying to perform reconnaissance, or just learn where an image came from or where else it might be used on the Internet. Simply browse to Google Images and drag and drop the image onto the page.

Tools that Hackers Use

Though I’m not a lawyer, using these tools on a network and devices you have reign over, such as your home LAN, will likely not carry any consequence. The only way to understand the security and insecurity of your own network is to test the same tools attackers would use. I highly suggest those interested in learning use these—both the good guys and the bad guys are using these same exact tools!

• ► To learn about some of the starting tools a hacker, attacker, or someone just curious about security would use, I’d suggest looking at beginning tools such as Wireshark, Charles (web debugging proxy), NightHawk (ARP/ND spoofing and password sniffing), arpy (ARP spoofing), dsniff (password sniffing), and Kali Linux (penetration testing) and looking up tutorials on network intrusion, sniffing, and man-in-the-middling. Within a few minutes and with a tool like Wireshark, you can start seeing all the traffic going in and out of your computer, while tools like Nighthawk and arpy in conjunction with Wireshark can help you inspect and intercept all traffic on a network!
• ► To further dive into security, I’d suggest learning to program. It’s easier than you think! Learning to program allows you to learn how someone might engineer something and helps you think about how you can then reverse that and exploit it, as if you had created it yourself.