本字幕由TME AI技术生成

Hello

Again

欢迎来到happy hour 英文小酒馆

关注公众号露露的英文小酒馆

加入我们的酒馆社群

邂逅更精彩更广阔的世界

Welcome back to geek time advanced

This is brad hiluuuu

Hi brad

So in the early episode

We talked about the basics of hacking

And now we're going to move into the advanced hacking

We're going to talk about hacking people or social engineering as it's called how do you hack people again

You're freaking ill are we in danger being hacked

Not hacked isn't like a computer

Oh Okay

Basicwhat what sociengengineeris all about about is convincing people that you belong in a place

Or you basically playing on people's good nature

Oh

I like tricking people

Okay

Can you give us an example

So like if i was wanting to hack a company

Um it might take me a long time to try to hack a company from outside of the company okay

But if i wanted to get in much easier

If i could get inside of the company

I could do it

And so what social enggenerery is h i'm a new employee

Oh

I'm a new employee or i'm from this office

Or trying to convince them that i work for them or coming in

And saying that i'm an it guy who's been hired to come in and look at the server

And you i tried to drop someone's name

Who works in the office

And said

Oh

Papal stephs called me

And

And said that i need to go

Look at this particular server

Oh Wow

I think i'm really in danger of being hacked

Because if you walked in

And you say you're the the it guy

You're going to fix the computers

Are going to check the program

I mean as long as you don't look two suspicious out definitely let you in

I'll be like i don't know anything about computers

It just get on with your work

One of the things that uh they is like for example

They might uit outside of a company with a camera take pictures of people who are walking in and out of the company taking pictures of their like ideas and things like that and so they can try to replicate a person's id well

Or if they know which it company goes there

They can try to replicate their uniform

Or their is and so makes kes even look even more professional

And all of these is just for the purpose of getting into the companies

That they can install some programs

Or that they can sort of like hack into their system from within it

But that is still company right

That's mostly company

What about our personal computers

How do we leve to the real method one

Those are some different ways that people might go into a company

And actually like breaking into a company

But if we wanted like talk about like real hacking methods

We're talking about the actual technology and computers

There are some different ways that hackers typically would run

And one of the first things that hackers need to do is get information about the company

And one of the things that they might do to get information about the company is things like hahastred ed

再看dumpster diving

You mean the real dumpster diving go through their rubbish

Yep go through the rubbish now a company typically nowadays they don't throw away data as much

Though actually like shred data or send it out to another company for it to be i'm destroyed

But in the past was fairly common for companies just to throw out paperwork into the trash

And so people would jump into the trash

And actually rumbit h through it

You know if you eever seen the movie hackers

You know one of the original movie is about hackers

Yet

There's a scene

Where they actually are dumster diving

They're jumping into a dumster to go through like paperwork

Sounds like a lot of hard work and dirty work

As well well

Typically they wouldn't throw away like food

People who work for a company like true

It's like business a rubbish

That's ort of corporrurubbh ok and apart from do we have like any techniques

Any message

That are more high tach right ted going through their rubbish

So one of the things that isn't just necessarily going to hit companies

But it can hit anyone really is things like fishing

Or you know like like h spoofing right fishing is when they send you an email

And they say there's been like a strange logan on your bank account

Please click on this clk

I never trust those i'm very like

I am really really careful

Not to click on any of really weird external

Where and then they're spoofing woris like they try to minunc a website

And if you click on anything on that website

It or insult something on your computer

The fake websites of example taobao

It looks like taobao

But it actually taobao

So if you key in any information

Then they can basically access your password

If you didn't type tao

But you typed in toa

You know

Then it would be like

Maybe going into different websites

Yeah

What companies will try to do

Now is i'll try to get all the alternative spelling of their website site and so of people mistyped

It actually gets redirected to to their website

Dang antifishing

Basically one of the reasons for this was actually a website called untied

And that comes es united ted

United airlines

Had united up com and someone who was making fun of the company

Bought the phrase untied which is united just flipping the t and the eyye

Ah and so

But yeah was like it wasn't a hacking siby by any means

But it was sight that people used to take their grievances about the company

But that's like one of the first times where that type of thing came out

And like i think that's where that kind of

Hey y

We can make websites to mimic

That really like

And we can use those wea way to

To hack

To hack

Oh

And what about cracking coats

Ppascocoat s it always looks like something that hackers would do

And then you see them run some sort of algorithm

Run some as program

And then immediately they got your pasass code

How likely is that it really depends on how long your pass code is so if you have any pasass code

That's 是是less than like six or seven characters

They can probably get your code in about two

Three Four

Five minutes

Something like that by running an broote force code right

Because it's

There's twenty six letters

You know ten numbers

And they basbasically take the hash code which is basically just the bits

And they try to find out what it is based on the algorithm

嗯

And if they do that

Then it's

It's easy

But the longer past code is the longer it takes they have to break it by brute force

And so if you have a really long password that includes letters

Numbers and special characters

It becomes much much more difficult to break

And so the brute force method is something that could take nuthers depending upon how difficult

Your password is they usually need to install like a program mean or plug in at least

There's like

Like if you in my sevous trety program

We use a special operating system

Which is a linux based operating system

And within that it comes with a lot of those types of programmes

Already so that way you don't have to do it yourself

But there's different ways you can do it right

You can buy like several computers

You can buy like computer bank to run like different sets

I see

And so if you know some information about the person for example like their family name

Their birth daate their things like this

You can actually type that information into the search parameter and make it a little bit easier

So if you know someone's dogs name is max for example

So might put that into their password i see

And so they can put those key words in so the more information you get the easier

It is to crack someone's pasass code

Anything else other than that there's different things like botght networks

Where people will they'll basically have a computer

They'll get into a computer and slalave it

And they'll have that computer actually running processes for them

No Yes

I know bought network is what we call like zombie network

Ah ah in chinese

We use the word zombie okay

So that is basically like a virus

They might use a virus to install the program on your computer um

And some people do this for like bitcoin mining and stuff

Like that

Where they make your computer run the process for the bitcoin mining

But other hackers will use this as a way to build a network for different attacks or for brute force hacking um

I say all right

That's a lot of technicicy

But if you basase it on all these tv shows and movies and stories

It seems like some governments

Especially like us government

And if they get hacked in to by some really amazing hackers

And they can't beat them

They can't beat these hackers

They will try to invite them

To join the government

That they will recruit them is that an actual thing or is that just in the movie

That's an tututhing

There's a lot of times

Where a hacker has finfinally been caught and instead of being put in prison

They will tell them you can go to jail or you can work for us and basbasically work as inhave you seen the movie catch me

If you can with a leenard caat yeah right

He was doing something

He wasn't hacking

But he was making checks right

And he was actually asked to help them in their task force

And it's the basically the same type of thing just with hacking right

When a hacker is caught

They are given an alternative either go to jail and stay in gison for five ten twenty years or work for us and do some years

And this is uh like some hackers are maybe try ying

They try to entice them to come in through will hire you will either they'll try to trip them to come in in this method or actually wanting them to okay in the previous episode was also mentioned that hackers

Sometimes they do it out of curiosity

But they are also like anonymous

They are trying to that say promote more transparency to make sure that companies don't hide information from the general public

So it sounds like they almost see themselves some hackers at least see themselves as cybrier

Vigilltis do you think that is a fair set of assumption

It's probably one of the main reasons

Why a lot of people start to get into how when they're younger

They have that feeling

That they

They want to help the eling it

You know the right just one

But obviously that means sometimes challenging authority

Challenging the government

So would you actually say that hackers are in some way anarchists

They are in some way they're definitely for a governing body of some sort

And you can see that when they come together

But it's for a government

That's spare and just h so they basically want to keep the government

Let's say they want to keep the government more transparent or at least urge them to be so

But obviously some hackers they also do it for the money

Yeah

There's always going to be the bad people

And they end hacking

Because they

They want to make money

They wanna get revenge for something um

They use it for and a fious means

And you'll see that with just about anything

That's true in the end

I just want to ask for us average people like i really wouldn't all myself tax savy for people like me

I still use internet

I use all of these devices

Same as any other people

Everyday are we in any danger of actually being hacked aside from getting fishing emails and things

Like that there's probably not going to be any person

Who is going out their way to attack you in particular is it

Because i'm not interesting enough

That's not important

Well Yeah

If you're aceo of a company

They're definitely gna be gunning for you

But you're aceo of a company

You have control of the company

You have access

You have money

Day right

Well um

And so if you've done something bad anonymis is going to come for it

But

But for average joe

Yeah

Probably won't be the target

Yeah

After your average person

The hacker isn't going to target a person

Unless

I'm for revenge

Yeah

For revenge again

You'll see this with like people who have broken up right

Someone might be like well that person broke up with me

Why did they do that

Oh

Be garorging and eggs was a gruum go and get some scriris

And use it to attack them

Or something like that

Yeah

Don't mess was hackers again

Yeah

Ah i've been sometimes where a hacker has like gone after someone not really because who they were they just gone after someone

And like they couldn't get in

And they just decide that

But i'm gonna get in

And they just don't stop until they get whatever they want

And so it's sometimes as they say it

It's just for the laws

And that was one of those things

That anonymous kind of said right at the beginning when people are getting into it

Sometimes they just did it for the laws so basically for us every show unless you hold specific information dda a probprobably don't have anything to worry

Or if you have an an x was aa ruruch right who happened to be a hacker

Right all right

Thank you brad for coming into this studio

And for thers of you who have just listen to the show

If you have anything to add anything to ask

If leave a comment in the comment section was you next time

Bye

Ia good day

今天的节目你喜欢吗

赶快联系小助手加入酒馆社群吧

小助手的微信号是luluxjg three

我们在酒馆等你