Hackers: the internet's immune system | Keren Elazari

1,006,791 views ・ 2014-06-10

TED


Please double-click on the English subtitles below to play the video.

00:12
Four years ago,
0
12869
1751
00:14
a security researcher,
1
14620
1802
00:16
or, as most people would call it, a hacker,
2
16422
4249
00:20
found a way to literally
3
20671
2167
00:22
make ATMs throw money at him.
4
22838
3203
00:26
His name was Barnaby Jack,
5
26041
3341
00:29
and this technique was later called "jackpotting"
6
29382
3659
00:33
in his honor.
7
33041
1909
00:34
I'm here today because I think
8
34950
1849
00:36
we actually need hackers.
9
36799
3051
00:39
Barnaby Jack
10
39850
1862
00:41
could have easily turned
11
41712
1487
00:43
into a career criminal or James Bond villain
12
43199
4198
00:47
with his knowledge,
13
47397
1496
00:48
but he chose to show the world
14
48893
2488
00:51
his research instead.
15
51381
2689
00:54
He believed that sometimes
16
54070
1853
00:55
you have to demo a threat
17
55923
2040
00:57
to spark a solution.
18
57963
2917
01:00
And I feel the same way.
19
60880
1930
01:02
That's why I'm here today.
20
62810
1850
01:04
We are often terrified and fascinated
21
64660
3278
01:07
by the power hackers now have.
22
67938
3461
01:11
They scare us.
23
71399
1732
01:13
But the choices they make
24
73131
1985
01:15
have dramatic outcomes
25
75116
2170
01:17
that influence us all.
26
77286
2988
01:20
So I am here today because I think we need hackers,
27
80274
3335
01:23
and in fact, they just might be
28
83609
3583
01:27
the immune system for the information age.
29
87192
4340
01:31
Sometimes they make us sick,
30
91532
2033
01:33
but they also find those hidden threats
31
93565
3355
01:36
in our world,
32
96920
1324
01:38
and they make us fix it.
33
98244
2845
01:41
I knew that I might get hacked
34
101089
2358
01:43
for giving this talk,
35
103447
2408
01:45
so let me save you the effort.
36
105855
2473
01:48
In true TED fashion,
37
108328
1834
01:50
here is my most embarrassing picture.
38
110162
3973
01:54
But it would be difficult for you to find me in it,
39
114135
2870
01:57
because I'm the one who looks like a boy
40
117005
3738
02:00
standing to the side.
41
120743
1805
02:02
I was such a nerd back then
42
122548
2382
02:04
that even the boys on the Dungeons and Dragons team
43
124930
2602
02:07
wouldn't let me join.
44
127532
2197
02:09
This is who I was,
45
129729
1985
02:11
but this is who I wanted to be:
46
131714
4115
02:15
Angelina Jolie.
47
135829
1898
02:17
She portrayed Acid Burn
48
137727
1555
02:19
in the '95 film "Hackers."
49
139282
2494
02:21
She was pretty and she could rollerblade,
50
141776
3178
02:24
but being a hacker, that made her powerful.
51
144954
4109
02:29
And I wanted to be just like her,
52
149063
2460
02:31
so I started spending a lot of time
53
151523
2366
02:33
on hacker chat rooms and online forums.
54
153889
2885
02:36
I remember one late night
55
156774
2333
02:39
I found a bit of PHP code.
56
159107
2261
02:41
I didn't really know what it did,
57
161368
1622
02:42
but I copy-pasted it
58
162990
1625
02:44
and used it anyway
59
164615
1714
02:46
to get into a password-protected site
60
166329
2473
02:48
like that.
61
168802
1804
02:50
Open Sesame.
62
170606
1403
02:52
It was a simple trick,
63
172009
1522
02:53
and I was just a script kiddie back then,
64
173531
3005
02:56
but to me, that trick,
65
176536
1438
02:57
it felt like this,
66
177974
2215
03:00
like I had discovered limitless potential
67
180189
2444
03:02
at my fingertips.
68
182633
1791
03:04
This is the rush of power that hackers feel.
69
184424
3309
03:07
It's geeks just like me
70
187733
2904
03:10
discovering they have access to superpower,
71
190637
3232
03:13
one that requires the skill and tenacity
72
193869
2627
03:16
of their intellect,
73
196496
1508
03:18
but thankfully no radioactive spiders.
74
198004
3561
03:21
But with great power
75
201565
1841
03:23
comes great responsibility,
76
203406
2304
03:25
and you all like to think that if we had such powers,
77
205710
3664
03:29
we would only use them for good.
78
209374
2279
03:31
But what if you could read your ex's emails,
79
211653
3347
03:35
or add a couple zeros to your bank account.
80
215000
3112
03:38
What would you do then?
81
218112
2020
03:40
Indeed, many hackers do not resist
82
220132
2237
03:42
those temptations,
83
222369
1988
03:44
and so they are responsible in one way or another
84
224357
3125
03:47
to billions of dollars lost each year
85
227482
2404
03:49
to fraud, malware or plain old identity theft,
86
229886
3261
03:53
which is a serious issue.
87
233147
1878
03:55
But there are other hackers,
88
235025
1985
03:57
hackers who just like to break things,
89
237010
2762
03:59
and it is precisely those hackers
90
239772
2708
04:02
that can find the weaker elements in our world
91
242480
3293
04:05
and make us fix it.
92
245773
1677
04:07
This is what happened last year
93
247450
1920
04:09
when another security researcher
94
249370
2009
04:11
called Kyle Lovett
95
251379
1565
04:12
discovered a gaping hole
96
252944
1557
04:14
in the design of certain wireless routers
97
254501
2960
04:17
like you might have in your home or office.
98
257461
2539
04:20
He learned that anyone could remotely connect
99
260000
2645
04:22
to these devices over the Internet
100
262645
2322
04:24
and download documents from hard drives
101
264967
2761
04:27
attached to those routers,
102
267728
2175
04:29
no password needed.
103
269903
1847
04:31
He reported it to the company, of course,
104
271750
2337
04:34
but they ignored his report.
105
274087
2314
04:36
Perhaps they thought universal access
106
276401
1864
04:38
was a feature, not a bug,
107
278265
2985
04:41
until two months ago
108
281250
1855
04:43
when a group of hackers used it
109
283105
1433
04:44
to get into people's files.
110
284538
2454
04:46
But they didn't steal anything.
111
286992
2401
04:49
They left a note:
112
289393
2017
04:51
Your router and your documents
113
291410
1878
04:53
can be accessed by anyone in the world.
114
293288
2159
04:55
Here's what you should do to fix it.
115
295447
2268
04:57
We hope we helped.
116
297715
2378
05:00
By getting into people's files like that,
117
300093
2530
05:02
yeah, they broke the law,
118
302623
1460
05:04
but they also forced that company
119
304083
2468
05:06
to fix their product.
120
306551
1981
05:08
Making vulnerabilities known to the public
121
308532
2168
05:10
is a practice called full disclosure
122
310700
2745
05:13
in the hacker community,
123
313445
1602
05:15
and it is controversial,
124
315047
2034
05:17
but it does make me think of how hackers
125
317081
2532
05:19
have an evolving effect on technologies we use
126
319613
2986
05:22
every day.
127
322599
1496
05:24
This is what Khalil did.
128
324095
2278
05:26
Khalil is a Palestinian hacker from the West Bank,
129
326373
2615
05:28
and he found a serious privacy flaw on Facebook
130
328988
4009
05:32
which he attempted to report
131
332997
1850
05:34
through the company's bug bounty program.
132
334847
2990
05:37
These are usually great arrangements for companies
133
337837
2657
05:40
to reward hackers disclosing vulnerabilities
134
340494
3177
05:43
they find in their code.
135
343671
1689
05:45
Unfortunately, due to some miscommunications,
136
345360
3550
05:48
his report was not acknowledged.
137
348910
3036
05:51
Frustrated with the exchange,
138
351946
1845
05:53
he took to use his own discovery
139
353791
3277
05:57
to post on Mark Zuckerberg's wall.
140
357068
3135
06:00
This got their attention, all right,
141
360203
2767
06:02
and they fixed the bug,
142
362970
3295
06:06
but because he hadn't reported it properly,
143
366265
2855
06:09
he was denied the bounty usually paid out
144
369120
2225
06:11
for such discoveries.
145
371345
2004
06:13
Thankfully for Khalil,
146
373349
1989
06:15
a group of hackers were watching out for him.
147
375338
2886
06:18
In fact, they raised more than 13,000 dollars
148
378224
3809
06:22
to reward him for this discovery,
149
382033
2078
06:24
raising a vital discussion in the technology industry
150
384111
3200
06:27
about how we come up with incentives
151
387311
3059
06:30
for hackers to do the right thing.
152
390370
2590
06:32
But I think there's a greater story here still.
153
392960
3020
06:35
Even companies founded by hackers,
154
395980
2935
06:38
like Facebook was,
155
398915
2387
06:41
still have a complicated relationship
156
401302
2583
06:43
when it comes to hackers.
157
403885
1804
06:45
And so for more conservative organizations,
158
405689
2831
06:48
it is going to take time and adapting
159
408520
3518
06:52
in order to embrace hacker culture
160
412038
2582
06:54
and the creative chaos that it brings with it.
161
414620
3121
06:57
But I think it's worth the effort,
162
417741
2442
07:00
because the alternative,
163
420183
1980
07:02
to blindly fight all hackers,
164
422163
3830
07:05
is to go against the power you cannot control
165
425993
2588
07:08
at the cost of stifling innovation
166
428581
3301
07:11
and regulating knowledge.
167
431882
2194
07:14
These are things that will come back and bite you.
168
434076
4294
07:18
It is even more true
169
438370
1478
07:19
if we go after hackers
170
439848
2079
07:21
that are willing to risk their own freedom
171
441927
3037
07:24
for ideals like the freedom of the web,
172
444964
2903
07:27
especially in times like this, like today even,
173
447867
4063
07:31
as governments and corporates
174
451930
2620
07:34
fight to control the Internet.
175
454550
3226
07:37
I find it astounding
176
457776
2324
07:40
that someone from the shadowy corners of cyberspace
177
460100
3013
07:43
can become its voice of opposition,
178
463113
2815
07:45
its last line of defense even,
179
465928
2642
07:48
perhaps someone like Anonymous,
180
468570
3417
07:51
the leading brand of global hacktivism.
181
471987
3853
07:55
This universal hacker movement
182
475840
2260
07:58
needs no introduction today,
183
478100
1606
07:59
but six years ago
184
479706
2103
08:01
they were not much more than an Internet subculture
185
481809
3429
08:05
dedicated to sharing silly pictures of funny cats
186
485238
2919
08:08
and Internet trolling campaigns.
187
488157
3430
08:11
Their moment of transformation was in early 2008
188
491587
4842
08:16
when the Church of Scientology
189
496429
1650
08:18
attempted to remove certain leaked videos
190
498079
3067
08:21
from appearing on certain websites.
191
501146
4403
08:25
This is when Anonymous was forged
192
505549
2440
08:27
out of the seemingly random collection
193
507989
2631
08:30
of Internet dwellers.
194
510620
1743
08:32
It turns out,
195
512363
2454
08:34
the Internet doesn't like it
196
514817
1329
08:36
when you try to remove things from it,
197
516146
2623
08:38
and it will react with cyberattacks
198
518769
2970
08:41
and elaborate pranks
199
521739
2101
08:43
and with a series of organized protests
200
523840
2649
08:46
all around the world,
201
526489
1345
08:47
from my hometown of Tel Aviv
202
527834
1988
08:49
to Adelaide, Australia.
203
529822
2244
08:52
This proved that Anonymous and this idea
204
532066
3130
08:55
can rally the masses from the keyboards
205
535196
3083
08:58
to the streets,
206
538279
1576
08:59
and it laid the foundations
207
539855
1947
09:01
for dozens of future operations
208
541802
2218
09:04
against perceived injustices
209
544020
1940
09:05
to their online and offline world.
210
545960
3356
09:09
Since then, they've gone after many targets.
211
549316
2025
09:11
They've uncovered corruption, abuse.
212
551341
2789
09:14
They've hacked popes and politicians,
213
554130
2820
09:16
and I think their effect is larger
214
556950
1677
09:18
than simple denial of service attacks
215
558627
2797
09:21
that take down websites
216
561424
1376
09:22
or even leak sensitive documents.
217
562800
3638
09:26
I think that, like Robin Hood,
218
566438
3042
09:29
they are in the business of redistribution,
219
569480
3900
09:33
but what they are after isn't your money.
220
573380
2732
09:36
It's not your documents. It's your attention.
221
576112
4730
09:40
They grab the spotlight for causes they support,
222
580842
4540
09:45
forcing us to take note,
223
585382
2631
09:48
acting as a global magnifying glass
224
588013
2465
09:50
for issues that we are not as aware of
225
590478
2144
09:52
but perhaps we should be.
226
592622
2109
09:54
They have been called many names
227
594731
1853
09:56
from criminals to terrorists,
228
596584
1771
09:58
and I cannot justify their illegal means,
229
598355
3446
10:01
but the ideas they fight for
230
601801
2141
10:03
are ones that matter to us all.
231
603942
4026
10:07
The reality is,
232
607968
1983
10:09
hackers can do a lot more than break things.
233
609951
2805
10:12
They can bring people together.
234
612756
2473
10:15
And if the Internet doesn't like it
235
615229
2323
10:17
when you try to remove things from it,
236
617552
2647
10:20
just watch what happens
237
620199
901
10:21
when you try to shut the Internet down.
238
621100
2829
10:23
This took place in Egypt in January 2011,
239
623929
4592
10:28
and as President Hosni Mubarak
240
628521
3216
10:31
attempted a desperate move
241
631737
2054
10:33
to quash the rising revolution on the streets of Cairo,
242
633791
3842
10:37
he sent his personal troops
243
637633
1870
10:39
down to Egypt's Internet service providers
244
639503
3643
10:43
and had them physically kill the switch
245
643146
2471
10:45
on the country's connection to the world overnight.
246
645617
4245
10:49
For a government to do a thing like that
247
649862
1615
10:51
was unprecedented,
248
651477
1719
10:53
and for hackers, it made it personal.
249
653196
3464
10:56
Hackers like the Telecomix group
250
656660
2088
10:58
were already active on the ground,
251
658748
1873
11:00
helping Egyptians bypass censorship
252
660621
2818
11:03
using clever workarounds like Morse code
253
663439
2490
11:05
and ham radio.
254
665929
2028
11:07
It was high season for low tech,
255
667957
2129
11:10
which the government couldn't block,
256
670086
2564
11:12
but when the Net went completely down,
257
672650
3242
11:15
Telecomix brought in the big guns.
258
675892
2938
11:18
They found European service providers
259
678830
2171
11:21
that still had 20-year-old
260
681001
2309
11:23
analog dial-up access infrastructure.
261
683310
2580
11:25
They opened up 300 of those lines
262
685890
3402
11:29
for Egyptians to use,
263
689292
2474
11:31
serving slow but sweet Internet connection
264
691766
2837
11:34
for Egyptians.
265
694603
1401
11:36
This worked.
266
696004
1295
11:37
It worked so well, in fact,
267
697299
1793
11:39
one guy even used it to download an episode
268
699092
2280
11:41
of "How I Met Your Mother."
269
701372
4338
11:45
But while Egypt's future is still uncertain,
270
705710
3921
11:49
when the same thing happened in Syria
271
709631
2653
11:52
just one year later,
272
712284
1520
11:53
Telecomix were prepared with those Internet lines,
273
713804
3735
11:57
and Anonymous,
274
717539
1169
11:58
they were perhaps the first international group
275
718708
2246
12:00
to officially denounce the actions
276
720954
1704
12:02
of the Syrian military
277
722658
1913
12:04
by defacing their website.
278
724571
2804
12:07
But with this sort of power,
279
727375
3492
12:10
it really depends on where you stand,
280
730867
2346
12:13
because one man's hero
281
733213
3509
12:16
can be another's villain,
282
736722
2247
12:18
and so the Syrian Electronic Army
283
738969
2398
12:21
is a pro-Assad group of hackers
284
741367
2471
12:23
who support his contentious regime.
285
743838
2665
12:26
They've taken down multiple high-profile targets
286
746503
2682
12:29
in the past few years,
287
749185
1635
12:30
including the Associated Press's Twitter account,
288
750820
3383
12:34
in which they posted a message
289
754203
3016
12:37
about an attack on the White House
290
757219
2156
12:39
injuring President Obama.
291
759375
3263
12:42
This tweet was fake, of course,
292
762638
2145
12:44
but the resulting drop in the Dow Jones index
293
764783
2939
12:47
that day was most certainly not,
294
767722
3377
12:51
and a lot of people lost a lot of money.
295
771099
3262
12:54
This sort of thing is happening all over the world right now.
296
774361
3906
12:58
In conflicts from the Crimean Peninsula
297
778267
2947
13:01
to Latin America,
298
781214
2362
13:03
from Europe to the United States,
299
783576
2304
13:05
hackers are a force for social,
300
785880
3057
13:08
political and military influence.
301
788937
3766
13:12
As individuals or in groups,
302
792703
2251
13:14
volunteers or military conflicts,
303
794954
2640
13:17
there are hackers everywhere.
304
797594
2641
13:20
They come from all walks of life,
305
800235
2095
13:22
ethnicities, ideologies and genders, I might add.
306
802330
4924
13:27
They are now shaping the world's stage.
307
807254
3799
13:31
Hackers represent an exceptional force for change
308
811053
2845
13:33
in the 21st century.
309
813898
2164
13:36
This is because access to information
310
816062
2537
13:38
is a critical currency of power,
311
818599
3313
13:41
one which governments would like to control,
312
821912
2966
13:44
a thing they attempt to do by setting up
313
824878
2461
13:47
all-you-can-eat surveillance programs,
314
827339
3660
13:50
a thing they need hackers for, by the way.
315
830999
2738
13:53
And so the establishment has long had
316
833737
2647
13:56
a love-hate relationship when it comes to hackers,
317
836384
3707
14:00
because the same people who demonize hacking
318
840091
2758
14:02
also utilize it at large.
319
842849
5082
14:07
Two years ago,
320
847931
1248
14:09
I saw General Keith Alexander.
321
849179
2773
14:11
He's the NSA director and U.S. cyber commander,
322
851952
4218
14:16
but instead of his four star general uniform,
323
856170
3708
14:19
he was wearing jeans and a t-shirt.
324
859878
2296
14:22
This was at DEF CON,
325
862174
1744
14:23
the world's largest hacker conference.
326
863918
3105
14:27
Perhaps like me, General Alexander
327
867023
1927
14:28
didn't see 12,000 criminals that day in Vegas.
328
868950
3820
14:32
I think he saw untapped potential.
329
872770
3111
14:35
In fact, he was there to give a hiring pitch.
330
875881
3373
14:39
"In this room right here," he said,
331
879254
2640
14:41
"is the talent our nation needs."
332
881894
2390
14:44
Well, hackers in the back row replied,
333
884284
3380
14:47
"Then stop arresting us."
334
887664
2126
14:49
(Applause)
335
889790
3434
14:53
Indeed, for years,
336
893224
2579
14:55
hackers have been on the wrong side of the fence,
337
895803
2816
14:58
but in light of what we know now,
338
898619
2908
15:01
who is more watchful of our online world?
339
901527
4273
15:05
The rules of the game are not that clear anymore,
340
905800
3006
15:08
but hackers are perhaps the only ones
341
908806
3412
15:12
still capable of challenging overreaching governments
342
912218
3883
15:16
and data-hoarding corporates
343
916101
2215
15:18
on their own playing field.
344
918316
2478
15:20
To me, that represents hope.
345
920794
3120
15:23
For the past three decades,
346
923914
1324
15:25
hackers have done a lot of things,
347
925238
1551
15:26
but they have also impacted civil liberties,
348
926789
3217
15:30
innovation and Internet freedom,
349
930006
2370
15:32
so I think it's time we take a good look
350
932376
2929
15:35
at how we choose to portray them,
351
935305
2130
15:37
because if we keep expecting them to be the bad guys,
352
937435
3584
15:41
how can they be the heroes too?
353
941019
3470
15:44
My years in the hacker world
354
944489
2011
15:46
have made me realize
355
946500
1642
15:48
both the problem and the beauty about hackers:
356
948142
5733
15:53
They just can't see something broken in the world
357
953875
3158
15:57
and leave it be.
358
957033
1647
15:58
They are compelled
359
958680
1680
16:00
to either exploit it or try and change it,
360
960360
3530
16:03
and so they find the vulnerable aspects
361
963890
3916
16:07
in our rapidly changing world.
362
967806
2134
16:09
They make us, they force us to fix things
363
969940
4342
16:14
or demand something better,
364
974282
1719
16:16
and I think we need them
365
976001
1994
16:17
to do just that,
366
977995
2206
16:20
because after all, it is not information
367
980201
3269
16:23
that wants to be free, it's us.
368
983470
3105
16:26
Thank you very much.
369
986575
3362
16:29
Thank you. (Applause)
370
989937
2358
16:32
Hack the planet!
371
992295
1885
About this website

This site will introduce you to YouTube videos that are useful for learning English. You will see English lessons taught by top-notch teachers from around the world. Double-click on the English subtitles displayed on each video page to play the video from there. The subtitles scroll in sync with the video playback. If you have any comments or requests, please contact us using this contact form.

https://forms.gle/WvT1wiN1qDtmnspy7