The Tim Ferriss Show - Ep 48: Marc Goodman, FBI Futurist, on High-Tech Crime and How to Protect Yourself
Episode Date: December 9, 2014Marc Goodman has been Resident Futurist for the FBI and a senior adviser to Interpol. He is also author of the much anticipated Future Crimes. In this episode, we'll go deep in...to the digital underground to expose the alarming ways criminals, corporations, and even countries are using emerging technologies against you…and some simple steps you can take to decrease your vulnerability. To start, 3-D printers can produce AK-47s, bio-terrorists can download the recipe for Spanish flu, and cartels are using fleets of drones to ferry drugs across borders (all of which we touch on), but what else is waiting for you? What else is potentially targeting you right now? If you want to hear about current and future threats, and simple defensive steps you can take, this interview is for you. Show notes are available at www.fourhourworkweek.com (click "podcast")***If you enjoy the podcast, would you please consider leaving a short review on Apple Podcasts/iTunes? It takes less than 60 seconds, and it really makes a difference in helping to convince hard-to-get guests. I also love reading the reviews!For show notes and past guests, please visit tim.blog/podcast.Sign up for Tim’s email newsletter (“5-Bullet Friday”) at tim.blog/friday.For transcripts of episodes, go to tim.blog/transcripts.Interested in sponsoring the podcast? Visit tim.blog/sponsor and fill out the form.Discover Tim’s books: tim.blog/books.Follow Tim:Twitter: twitter.com/tferriss Instagram: instagram.com/timferrissFacebook: facebook.com/timferriss YouTube: youtube.com/timferrissPast guests on The Tim Ferriss Show include Jerry Seinfeld, Hugh Jackman, Dr. Jane Goodall, LeBron James, Kevin Hart, Doris Kearns Goodwin, Jamie Foxx, Matthew McConaughey, Esther Perel, Elizabeth Gilbert, Terry Crews, Sia, Yuval Noah Harari, Malcolm Gladwell, Madeleine Albright, Cheryl Strayed, Jim Collins, Mary Karr, Maria Popova, Sam Harris, Michael Phelps, Bob Iger, Edward Norton, Arnold Schwarzenegger, Neil Strauss, Ken Burns, Maria Sharapova, Marc Andreessen, Neil Gaiman, Neil de Grasse Tyson, Jocko Willink, Daniel Ek, Kelly Slater, Dr. Peter Attia, Seth Godin, Howard Marks, Dr. Brené Brown, Eric Schmidt, Michael Lewis, Joe Gebbia, Michael Pollan, Dr. Jordan Peterson, Vince Vaughn, Brian Koppelman, Ramit Sethi, Dax Shepard, Tony Robbins, Jim Dethmer, Dan Harris, Ray Dalio, Naval Ravikant, Vitalik Buterin, Elizabeth Lesser, Amanda Palmer, Katie Haun, Sir Richard Branson, Chuck Palahniuk, Arianna Huffington, Reid Hoffman, Bill Burr, Whitney Cummings, Rick Rubin, Dr. Vivek Murthy, Darren Aronofsky, and many more.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Transcript
Discussion (0)
optimal minimal at this altitude i can run flat out for a half mile before my hands start shaking
can i ask you a personal question now what is your appropriate time
i'm a cybernetic organism living tissue over metal endoskeleton
this episode is brought to you by ag1, the daily foundational nutritional supplement that
supports whole body health. I do get asked a lot what I would take if I could only take
one supplement, and the true answer is invariably AG1. It simply covers a ton of bases. I usually
drink it in the mornings and frequently take their travel packs with me on the road. So what is AG1?
AG1 is a science-driven formulation
of vitamins, probiotics, and whole food sourced nutrients. In a single scoop, AG1 gives you
support for the brain, gut, and immune system. So take ownership of your health and try AG1 today.
You will get a free one-year supply of vitamin D and five free AG1 travel packs with your first subscription purchase. So learn more, check it
out. Go to drinkag1.com slash Tim. That's drinkag1, the number one, drinkag1.com slash Tim.
Last time, drinkag1.com slash Tim. Check it out. This episode is brought to you by Five Bullet
Friday, my very own email newsletter. It's become one of
the most popular email newsletters in the world with millions of subscribers. And it's super,
super simple. It does not clog up your inbox. Every Friday, I send out five bullet points,
super short of the coolest things I've found that week, which sometimes includes apps, books,
documentaries, supplements, gadgets, new self experimentsexperiments, hacks, tricks, and all sorts of
weird stuff that I dig up from around the world. You guys, podcast listeners and book readers,
have asked me for something short and action-packed for a very long time. Because after all, the
podcast, the books, they can be quite long. And that's why I created Five Bullet Friday.
It's become one of my favorite things I do every week. It's free. It's always going to be free. And you can
learn more at Tim.blog forward slash Friday. That's Tim.blog forward slash Friday. I get asked
a lot how I meet guests for the podcast, some of the most amazing people I've ever interacted with.
And little known fact, I've met probably 25% of them because they first subscribed to Five Bullet
Friday. So you'll be in good
company. It's a lot of fun. Five bullet Friday is only available if you subscribe via email. I do
not publish the content on the blog or anywhere else. Also, if I'm doing small in-person meetups,
offering early access to startups, beta testing, special deals, or anything else that's very
limited, I share it first with five Bullet Friday subscribers. So check it out.
Tim.blog forward slash Friday.
If you listen to this podcast, it's very likely that you'd dig it a lot. And you can, of course, easily subscribe any time.
So easy peasy.
Again, that's Tim.blog forward slash Friday.
And thanks for checking it out.
If the spirit moves you.
As always, you can subscribe to this podcast on iTunes, and you can find all of the links and
resources from this episode, as well as every other episode by going to fourhourworkweek.com
forward slash podcast, spell it all out. Or you can go to fourhourworkweek.com and just
click on podcast feedback. If you have feedback, I would love your thoughts,
anything at all, who you'd like to see on this show. Ping me on Twitter at T Ferris, that's twitter.com forward slash T F E R R I S S,
or on Facebook at facebook.com forward slash Tim Ferris with two R's and two S's.
Hello, ladies and germs. This is Tim Ferris and welcome to another episode of the Tim Ferris show.
For those of you new to the program, this is where I try to deconstruct excellence. I talk to people who
are the best in the world at what they do and try to distill or extract the tools and tips and
resources that you can use. And this episode is a very unusual one, a very fun one, a very useful
one. I hope the episode guest is Mark Goodman. Mark Goodman
has been a resident futurist with the FBI and worked as a senior advisor to Interpol.
Specifically, he's considered one of the world's leading authorities on global security. And in
this episode, we'll go very deep into the digital underground to expose the many ways that criminals,
corporations, countries, organized crime, and the list goes on,
are using emerging technologies against you, and some of the simple steps that you can take to
decrease your vulnerability. Sure, 3D printers can produce AK-47s, bioterrorists can now download
the recipe for Spanish flu, and cartels are using fleets of drones to ferry drugs across borders,
all of which we'll touch on. But what else is waiting for you? What else is potentially targeting you right now? We'll dig
into it all. And this is not from a paranoid nutjob. And I think it's important to underscore
this. This is from a very pragmatic, real-life-oriented problem solver who has been
hired by people like the FBI and Interpol. This is an informed insider. And he will describe the Wild West that is the internet. And in that Wild West,
ignorance is no excuse for being defenseless. If you want to hear about current and future
threats and simple defensive steps you can take, then this interview is for you.
So without further ado, please meet Mark Goodman.
Hello, ladies and gentlemen, boys and girls. This is Tim Ferriss, and welcome to another episode of The Tim Ferriss Show. I am so excited I can barely enunciate properly because I have Mark Goodman
on the show. And I'll give a quick bio for Mark, and you'll very quickly realize why I'm excited
to have him on.
And this is pretty much directly from the bio, but he has spent a career in law enforcement in many different capacities.
That includes work as a futurist for the FBI, who knew they had such a thing, senior advisor
to Interpol, and also on the street as a police officer.
He's the founder of the Future Crimes Institute and the chair for policy, law, and ethics at Singularity University, where I've had some involvement often at NASA Ames.
And he's continued to investigate the often terrifying intersection of science or technology and crime and uncovering all sorts of different nascent threats and combating the darker sides of technology, which I think don't get as much sort of radio
time perhaps as all of the promise that we hear about and the benefits of Moore's Law.
He is also the author of the forthcoming Future Crimes, and the subtitle pretty much tells you
a lot of what you need to know. Everything is connected, everyone is vulnerable,
and what we can do about it. So Mark, thank you so much for being on the show.
Thank you, Tim.
It's an honor to be here with you.
And I am thrilled to have you on because I wanted to grab you as quickly as I could,
because I think that you are going to be getting interviewed a lot in the upcoming
months because many people are completely unaware of, I think, the threats that are not only, in some cases, ubiquitous now or at least upcoming, but soon will be right at our doorsteps.
And just as some background for people who are listening, because I've had a lot of public exposure since the unexpected success of the first book. I've really come to
realize this in a very personal way. And I've had people try to hack my sites, hack my phone,
impersonate different people in my life to get information from other people. It's been a real
fast education in cloak and dagger stuff. But I wanted to make sure I gave a very brief overview. But is there anything from your background or bio that I missed that I should share with folks?
One thing you didn't mention is the fact that I'm a huge fan of Tim Ferriss. I really love the
four hour work week. And it's quite an honor for me to be speaking with you today. I actually got
one of the earliest editions of the book. And some of
the entrepreneurship suggestions that you covered were ideas that I tried to implement in law
enforcement and with some difficulty, but I tried. And it was a pretty good fun. And I actually took
your advice on some of the things you did. I went on an information diet, not a real diet, but an
information diet. And I also, you know,
have a love of foreign languages the way you do and actually enrolled in the Hartnachschule in
Berlin in Germany, just the way you did. So thank you for your book. That's something else I wanted
to mention right off the top. Well, that, of course, completely makes my week. And
bitteschön. I hope you had fun. That was I had a great time at the Hartnachschule in Berlin.
And I think that language is a metaphor for so many different aspects of life.
And becoming fluent in a language or becoming fluent in technology, I think can sound very intimidating to people,
but it doesn't have to be super, super complicated. But before we dig in,
I'm going to try something a little different. And that is to do...
We're going to do the interview in German.
We're going to do the interview in German and I'll try to teach you Swahili.
No, I thought that we might do just a little bit of calisthenics
by doing some rapid fire questions first, just to loosen up the joints.
Great.
And then we can jump into all of the spy versus spy stuff, which I am absolutely obsessed with, which a lot of people might not realize.
But before we do that, I have to get into the really important stuff, such as if Sean Connery came to your house for dinner,
what would you cook him?
What would I cook him?
I don't know if he'd eat, but I'd make him some drinks.
I'm sure he'd have a nice drink.
What would you, what's the cocktail or the drink of choice?
I think for him, a martini.
He'd be a martini kind of guy.
Martini kind of guy.
Do you have any favorite documentaries or films that come to mind?
God, I love film.
And I love stupid 80s comedy.
So Ghostbusters was great.
And, you know, anything of that genre, anything with Bill Murray or Dan Aykroyd in it, I'm a fan.
And, of course, I like all those 80s hacking movies like War Games and Sneakers and that type of stuff. So of the hacking genre or the crime slash spy genre, what movies that you like are closest
to reality and furthest from reality?
That's interesting.
It's very funny when you see how Hollywood goes at and portrays hacking on the screen.
Most hackers get a good laugh of what they type at the C prompt.
It's pretty funny.
But I think actually I have to give a hat tip to Walter Parks
who did the original War Games
because considering that it was in the early 80s
before most people were thinking about computers,
I mean modems were super slow and incredibly rare.
And the fact that he was able to bring that hacker type out there
and show that the Department of Defense was connected to the Internet
and you could change your grades.
I mean, he did that 30 or so years ago.
So that was really awesome.
And I think that's great.
Some of the other hacker movies, Sandra Bullock, The Net, you know,
it was a nice movie,
not particularly realistic, but there were elements of truth in it. So there have just been a lot
of silly hacker movies out there
because, as I've been told, it's
difficult to show cool
hacker stuff on the screen in a way that people
understand.
I had a computer scientist
friend of mine also say that
it's always amusing to watch hackers typing in movies because they never use the space bar.
And you can tell when people are BSing on a keyboard because you never hear the distinctive sort of thwack of the thumb hitting the space bar.
Tim, as you will know, all the best hackers never use the space bar.
That's right.
Very common.
All the Dvorak typers out there, like Matt Mullenweg.
Let's see.
What is the book that you're most likely to give as a gift or the book that you've given most as a gift to people?
This sounds like BS, but it's actually been your book.
I have to say I've given it to a ton of people. I run into people all the time, both in
law enforcement, friends of mine, folks that are struggling with their careers and trying to think
about opportunities to see the world in a different way. And no bullshit, I've actually
given away about 10 copies of your book. Wow. Well, I appreciate that. And my publisher thanks
you for that as well. Yes. But that was before I had my own book. In the future, of course, I'll be giving him my book. But up until then, you were my favorite.
Well, I'll take a runner up when your book comes out. Are there any fiction books that you particularly like? It doesn't have to be science fiction or any particular genre, but any fiction books that have been very influential in your life? You know, there were some, I love the old street crime drama. So, you know, having grown up in New
York City and kind of been very in tune with the New York City Police Department, there was a book
called One Police Plaza by a guy called William Connitz, which I thought was awesome and just
really got what policing was and what policing was all about. I thought that was pretty amazing.
Very cool. No, I'd love to check that out. I know less about the police than I do
the other aspects of the military, oddly enough. It's the law enforcement that I have the most
contact with, I have the least knowledge of.
I understand.
It's ironic. Let's see here. I'm not going to ask too many more of these because
I want to, uh, I want to jump into, um, of course the, uh, the, the, the subject areas that are
your expertise, but do you have any particular morning routines? What does the first hour of
your day look like? Oh, I wake up, I take my dog out for a walk, and then I have breakfast, which I really enjoy.
Catch up on some news, emails, and then go and take on the day.
What time do you typically wake up?
It depends.
I do a lot of traveling, so it depends on what time zone I'm in and how jet lagged I'm in.
But more on the early side these days, I'd say.
Got it.
And is that like a 7 a.mam kind of thing or 6am? Yesterday I was up at five the day before I was up at five. And
then mostly I would say 637 something in that timeframe. Got it. And do you change your,
how does your routine change on the weekends? How do you decompress if you do?
I like to go for hikes. I like to go outside, like going to the movie theater, seeing films,
hanging out with friends, all the kind of standard stuff. But for the past year,
when I was writing the book, it mostly was my butt in chair typing.
Right. When you think of the word successful, who's the first person who comes to mind?
Hmm. Wow. There's so many different ways to define success. I mean, Martin Luther King
joined, you know, is one of the first guys that pops into my head. Clinton was a pretty successful
politician. There are lots of folks out there. And of course, you know,
any of the entrepreneurs like Steve Jobs and the like.
Got it. So let's jump into the subject matter at hand. And we can tackle this from many different
perspectives, but perhaps you could give maybe a few facts or examples of
things that might surprise people in the world of whether it's currently existing crime or things
that you see right on the horizon coming down the pike. Sure, I'd be happy to do that. Basically,
my take on this is that folks are very focused on the cybercrime of today. Every day in the news,
whether it be the New York Times or the Wall Street Journal,
we're hearing that Target was hacked and Home Depot was hacked and J.P. Morgan was hacked.
And what's interesting to me is that the media treats all of these as distinct incidents.
Like, oh, another company was hacked.
You know, a bunch of celebrities had their naked photos, you know, tipped off by a hacker.
That stuff is all treated as if it were an individual
act. And what people don't see from a 35,000 foot view is that there's a systemic issue going on,
which is something I try to mention in future crimes. It's the fact that we have, thanks to
Moore's law, which you mentioned earlier, we're just moving at an exponential rate. And so we're
plugging more and more things into the internet. And the fact is, as you well know, software is eating
the world. So everything is becoming software, everything is becoming a computer, a car is not
a car anymore, it's no longer a mechanical device, it is 250 computer chips in it at a minimum. So a
car is basically a Unix box that we ride in. An elevator
is a computer that takes us from floor to floor. As Cory Doctorow says, an airplane is a flying
Solaris box with a bunch of industrial controllers. So people don't realize that. And the big takeaway
from that is that never has there been a computer system that could not be hacked.
In other words, every computer system is hackable.
There are no unhackable machines. And that has some really profound consequences for us as a society and the world that we're building
because we're about to add between 50 and 200 billion new devices to the Internet of Things,
depending on who you ask. Cisco will say
$50 billion by the year 2020. Intel says $200 billion by the year 2020. The impact of that
is that we're going to go from an internet that is theoretically or metaphorically the size of a
golf ball today to one that is the size of the sun, right? That's a massive, massive increase.
Substantial difference, yeah.
We're just at the very, very earliest days of the internet.
And so the, I guess you would say,
mistake that a lot of people make is
they think we're technologically advanced today,
but they have no idea of the tsunami of technology
that's coming our way tomorrow.
And I think also to underscore that,
that human beings intrinsically are very bad
at thinking in exponential terms. They're very bad at predicting, for instance, I mean,
the answers to a lot of these old riddles, such as you take one grain of rice and you double it
for each square on the chessboard, and how many pieces of rice do you have, how many grains of rice do
you have by the end. And it's very hard for people to anticipate how quickly things can change.
For instance, I've listened to a number of your talks. You have a great TED talk.
And the fact that, and this may even be more accelerated now, I think your talk was in 2012,
but the DNA sequencing is proceeding at
five times Moore's law. And the impact that that has on sort of privacy and the weaponization of
different types of code, right? And there's another term that you also use, or phrase rather,
and that's the technological arms race, sort of the white hat versus the black hat.
And then you have a bunch of folks in between. Mumbai that you've talked about before, where terrorists built their own op center in Pakistan to monitor the progress of these attacks in real time, and where they'd be executing people
with a handgun in one hand while looking at their cell phone in another, which gave them
huge situational and tactical advantage over the police. But those were with relatively
primitive devices, all things considered, because I think that was in 2006 or somewhere along those lines.
Right.
The 2008 attack on Mumbai.
Yeah.
I apologize.
And that, I remember doing research for the four-hour body at one point.
I was chatting with a scientist who shall remain unnamed, but he was talking about how
negligent it was in his mind
for a very well-known tech titan to have released all of his genetic data or his DNA sequencing,
because people could create personalized biological weapons to attack him. And it's
sort of, I think, to the uninitiated seems like complete science
fiction, like a fantasy. But where are we with that type of thing? I mean, is that already being
used on people? Yeah. So you're spot on, actually, with everything that you just said. In fact,
the cost of sequencing human genomes has dropped precipitously and is dropping at five times faster than Moore's law. So with Moore's law, silicon-based technology, ones and zeros,
that is doubling every 18 to 24 months, depending on who you ask. And Ray Kurzweil has shown
in The Singularity is Near and many times since that there is this persistent exponential pace
of technology. Synthetic biology and genetics are outpacing that by a factor of
five. So biological advancements and computational biology were pretty much proceeding at Moore's
law's pace until 2008 when there were some massive breakthroughs in genetic sequencing,
which made it go five times faster. So what is the result of that? Well, there'll be tremendous
opportunities for each one of us to know our genome. For example, today, most people would
certainly never consider going in for a full genetic genome sequencing. Prehabitably expensive.
When the U.S. government launched the Human Genome Project back a decade or so ago,
they allocated $3 billion to sequence the first person's genome.
And they didn't get it done. They didn't complete it. Craig Ventner, a world-famous biologist,
came in and worked on the project, built upon the work done by the Human Genome Project. And he was
able to sequence in full the first human being for a cost of $300 million about 10 years ago. And fast forward
to today, you can actually get a full genetic sequencing for $1,000. And there are companies
like 23andMe that will offer you partial genetic sequencing for just $99. Without a doubt, within
a few years, it'll be the price of a cup of coffee. Everybody will have their full genetic sequence. So that's great news for medicine, right?
Every cancer can be treated differently.
You will know your proclivities for certain diseases.
We'll be able to, you know, have really massive impacts on health care.
But there's a flip side of that.
When it costs $3 billion to, you know, sequence the human genome and pieces of equipment to
do that, we were in the tens
of millions of dollars only the government or the wealthiest universities could afford that
now equipment that sold on ebay a year ago for a hundred thousand dollars can be bought for ten
thousand or a thousand today that is putting the tools of genetics and synthetic biology in the
hands of the common man. So, there are actually
high school clubs that are doing genetic sequencing today, right? They have lots of groups. There's
something called iGEM, which is a high school and college competition that focuses on this. So,
today's kids are very much at the cutting edge of science. And again, they'll do all different
types of cool stuff. At Singularity University, we had a startup that was creating a glow-in-the-dark plant because they thought it would be cool. Let's do that. And you can do that.
But the challenge with these things are is that not everybody playing with these tools,
whether it be genetics, synthetic biology, robotics, artificial intelligence, is of a kind
heart. And there are criminals and terrorists and bad guys that now for the first time have access to these tools. And I know you're chomping at the. And so I have thought to myself and talked
with other people about, well, perhaps you should have a friend pay for your 23andMe who is of
a different gender so that if that data is ever compromised, it's tossed out or misattributed
or using a pseudonym, let's say with an authorized account under a separate
credit card, et cetera, shipped to an address that isn't associated with your name. So that,
that, that data cannot be used against you in some fashion. Is that, is that, is that paranoia
or is that preparedness? Is that, is that a practical thing in your mind or something else? I'm just curious.
Well, if it's paranoia, you and I are both paranoid because that's the exact advice I
give to my friends that want to do the test. So I don't know whether or not this violates
their terms and services, but the simple fact of the matter is we have no idea how they're going
to use that genetic information. And there are lots of sites out there. And some I mentioned
in the book.
One is called Patients Like Me.
Patients Like Me was a medical site where people were meant to be sharing confidential medical information with each other and, you know,
get help for particularly rare diseases.
And they had something called the mood form,
where people were talking about psychotic breaks, suicidality, and the like.
And it turns out the folks that were running it
were actually releasing all of that information to insurance companies. And it was mentioned very
clearly in their terms of service that they do so. So you think you may be doing something that's
safe and secure and private, but in fact, often you're not. So I would always look at the terms
of services. Again, I don't know what the terms of services are for 23andMe specifically, but I
would say the following. If I wanted to get genetic testing, I definitely't know what the terms of services are for 23andMe specifically, but I would say the following.
If I wanted to get genetic testing, I definitely share your concern and would not be doing it under my own name because we simply don't know where this technology is going.
We have a naivete about the future and what it might look like.
I'm not sure if you ever saw the movie Gattaca.
I've seen the previews.
It's about as far as I've gone, the short story
is it's kind of a dystopian future where everybody is judged based upon their DNA. So let's say you
want to be a scientist or you want to be an astronaut based upon your genetic profile.
They'll say, no, you know what, Tim, you're not quite what we're looking for. And everybody's
social strata is determined by their DNA and what people presume that means.
So I won't say that exactly we'll be living in the Gattaca future. But for example,
if there are genetic markers for sexual orientation, for example, which some people
suggest there are, there are definitely genetic markers for predispositions to violence,
could be for schizophrenia and other diseases.
So the opportunities from a public policy, law, and ethics perspective to have your genetic material leak or the information about you and get out into the public sphere, I'm sure will happen.
You know, we know today that presidential candidates are forced one way or the other to release their medical records to
show that they're fit and ready for office. I guarantee that that will be happening with
presidential genomes in the future. And in fact, I talked about this, I wrote an article
with two friends of mine, Stephen Kotler, who you may know, and Andrew Hessel, a synthetic
biologist, and it was in the Atlantic Monthly, and it was called Hacking the President's DNA. And it was all about what those risks would look like and the number of bio threats that could be launched if you had access to somebody's genetic material.
So for most folks, I don't think they have to worry about biohacking today. definitely take precautions. And the ones that you mentioned about using a prepaid credit card,
for example, or having it shipped to a third party and all of that stuff, I think are good
logical common sense steps to take. So what are some other, yeah, and just for what it's worth,
I want to do like an urban myth check here, because of course, I get all excited about this stuff. And when I was doing research
for the four hour chef and got, became fascinated by marksmanship and hunting, of course, that very
quickly leads to the prepper communities and there's the good, bad, and the ugly there.
And there were some very extreme edge cases, but I was speaking with a very well-credentialed scientist, and the example he gave was a personalized weapon doesn't have to be a of, say, a neurodegenerative disease
by blowing molybdenum into their face at a public event where they might not even register
that that's what happened.
But if you wanted to, say, take a long-term short position on their stock and they're
running a publicly-trained company, that it doesn't have to be – that type of crime
doesn't need to be – the diagnostics and the determining of the target could be sophisticated, but the actual attack does not have to be something futuristic.
I agree with that.
I'll give you a perfect example.
There's a medicine called Warfarin, which is a blood thinner, and there's a certain small percentage of people that have a genetic marker that makes them allergic to that. And it's deadly if taken.
So that would be a perfect example.
It's a common pharmaceutical.
They exist today.
And it's not something that you can see by looking at somebody whether or not they're
allergic to warfarin.
But if ingested, right, now you have that additional piece of information and you know
about it and it could be fatal.
Yeah.
Yeah.
That's crazy.
I mean, yeah.
And I think, you know. so don't do that kids.
Yeah. Don't, don't commit bio homicide. And, uh, you know, it's, it's also, uh, it brings up,
uh, and I, and I want you to, to give some examples, but a misconception, I think that a
lot of people have about criminals or particularly, uh, terrorists specifically, and that is that they're just uneducated.
And maybe you can shed some light here, but it seems that there actually seems to be a disproportionately high percentage
of very, very, very well-educated people who then are recruited by militant groups as operatives or terrorists.
I think people underestimate perhaps the intellectual horsepower
of some people who could perpetrate these types of crimes.
But I would love to hear, certainly, examples.
You mentioned you might have a couple of different examples,
which I'd love to hear. Yeah, I mean, on the terrorist front, you're exactly right. People
tend to underestimate them. You know, when we were first going into Iraq and Afghanistan,
we talked about people with towels on their heads living in caves, and what could they possibly do
to defeat us. And as we saw, they were able to put up quite a hell of a fight. And, you know, Ayman al-Zawahiri, who was Osama bin Laden's number two, was an M.D.
He was a trained physician, right?
So there are any number of doctors that are in these terrorist organizations.
We've seen them recruiting specifically on terrorist chat boards.
They're looking for people with scientific backgrounds, with technological backgrounds.
One terrorist by the
name of Irhabi 007, he took the 007 from James Bond. And he was like basically the CIO for Al
Qaeda for a while, running their technology. In the wake of the Snowden disclosures, there's been
a ton of chatter on terrorist chat boards talking about the importance of encryption. So they follow the news very,
very closely and are paying attention to it. They show tremendous sophistication.
Let's go back to a bio, for example, the terrorist organization, Aum Shumrinkyo,
the folks that carried out the 1995 terrorist attack. Exactly. Seren gas on the Tokyo subway.
That occurred in 95. What most people didn't realize about Aum Shumrinkyo is the fact that they had a bioweapons project. They spent a million dollars a year for 10 years from 1985 to 1995 trying to develop a powerful bioweapon, and the science wasn't there yet for them to be able to do it. That's why they went with the chemical sarin gas attack.
Today, things like that would be much more trivial given the wide availability of biotoxins and other types of infectious threats that are available online.
The code is there.
You can download it, basically build some of these things in your basement or garage and release them. Another area where we see terrorists playing in really interesting ways
are both robotics and social media and open source intelligence. And I'll just give a few
crazy examples. So during the terror attack at the Westgate Mall that occurred in Nairobi
about a year ago, we saw the terrorists from Al-Shabaab, the militants, were incredibly
sophisticated in how they were using social media and Twitter.
They were live tweeting the entire event, and they were actually mocking the Kenyan police force and military guards throughout the incident, putting out information, adding to the confusion.
And ISIS or the Islamic State has been doing the same exact thing.
You mentioned earlier also the 2008 Mumbai
terrorist attack. In my humble opinion, that was perhaps one of the most sophisticated terrorist
attacks we've seen to date from a technological perspective. 10 terrorists were able to keep a
city, a metropolitan area of 20 million people completely shut down for 60 hours so 10 guys not just armed with standard
weapons ak-47s rdx explosives hand grenades but these guys had night vision goggles they had
satellite phones satellite imagery encrypted blackberries they use skype type voip communications
during the incident because they had all that technology, they had phenomenal
situational awareness, situational awareness that beat the capacity of the Indian National Guard
and the Mumbai police to respond. And they used it to great effect to actually kill more people.
There's an example I talk about in the book of a man called K.R. Ramaporti, who was staying at the
Taj Mahal Hotel in Mumbai. You may have been
there. It's one of the most beautiful hotels in the world. And when the terrorists took over the
hotel, they started going room to room trying to find more hostages. And they came across Mr.
Ramaporti, who was on the top floor in a suite at the Taj. And they broke into his room and they
said to him, well, who are you and
what are you doing here? And he said, oh no, I'm nobody. Leave me alone. I'm just an innocent
school teacher. Well, the terrorists were dumb, but to your point about not being that dumb,
they looked at this guy and staying in a suite at the Taj Mahal, beautiful hotel. And they said,
there's no way any Indian school teacher could afford this suite. They picked up his ID at his bedside and then they phoned it in via a satellite phone to the terrorist war room that was set up across the border in Pakistan.
There in the war room, the terrorists were monitoring live.
They had IBM, CNN, BBC, Al Jazeera and a bank of computers where they were doing real-time research.
So you had the 10 operatives from Lakshya E Toiba, an Al Qaeda affiliate based in Pakistan,
that were carrying out the attack, broken down into five teams of two terrorists.
And then you had the terrorist war room.
So when they phoned in the name of this guy to the terrorist war room, they simply Googled him.
They came across his
photograph. As it turns out, he was not a school teacher. He was the head of one of the second
largest banks in India called ING. They came across his photo. And then we know from the
intercepted conversation, which we only discovered after the fact that the terrorist war room said,
hey, we found a picture of your guy is your hostage heavy set yes does he have glasses
yes is he kind of bald yes okay we found him the terrorist then said to their op center what shall
we do and then the order came down kill him so the fact of the matter is back in 2008 terrorists
were using search engines like google to determine who shall live and who shall die.
And though it's a black swan event, and I know you talk about those, the fact of the matter is
when you're sharing in Facebook, it's not just, you know, the media and marketing companies that
you need to be concerned about. When you share openly, everybody has access to this. And even
though it's a black swan, we're event that could be terrorists or organized criminals as well. And I think it's a terrifying example, particularly when you consider that 2008 was the Stone
Ages compared to the implications of big data and ubiquitous availability of tools today
and the sophistication, certainly, of a lot of those tools,
including reverse image search and things like that through Google or TenEye or others.
The black swan events also, just because a black swan event is considered a black swan event to the victims doesn't mean it's a black swan event, i.e. a low probability random event.
It could be completely engineered, as it was in this particular case through extensive preparations on the part of the terrorists.
So I'd love to talk a little bit about a phrase I've heard you mentioned before, and that is public safety is too important to leave to the professionals. So there are, there are a number of ways I'd like to try to unpack that.
The first is just as a, um, uh, to, to try to bring out my inner prepper. So in, in, if,
if you live in San Francisco, in a city like New York City, or San Francisco, or Chicago,
what are the things that should be keeping you up at night that you should be thinking about
mitigating as risks or black swan events? Well, traffic, but it's not a black swan event.
Keeps me up at night. When I talked about that, I was speaking more broadly about kind of the cyber threat, but it's also true in physical space as well.
I mean, the fact of the matter is that the line between kind of order and society and chaos is actually quite thin in law enforcement.
They talk about the thin blue line.
And I was a patrol officer in Los Angeles during the L.A. riots. And what I realized is that the police are in charge as long as the public wants them to be in charge.
Once the public decides that they are not in charge, you are no longer in charge.
I think L.A. had 1.7 police officers for every 100,000 citizens at that point.
And so if you make the citizens really, really mad, as was the case during the
Rodney King incident, then it's over. And there's nothing you can do. So in physical space, I mean,
all the basic stuff that you talked about the prepper movement, but the Red Cross would give
you the same type of advice for the California Office of Emergency Services, FEMA, there are any
number of good checklists out there about having water and food and, you know, just be prepared to have an emergency plan.
All of that is really good and useful.
And I also had, unfortunately, the opportunity to be in New York City down at Seven World
Trade on 9-11.
So that was another experience that I happened to have lived through.
And, you know, that brought out the best of people in that particular instance where you saw total and complete strangers being as warm and helpful to one another as they could.
So it can really go both ways.
When I talk about public safety being too important to leave to the professionals, what I would say is that people often abdicate their concept of safety to the police or to the authorities and think that
everything will be just fine. And mostly in our physical space in the developed world where we
have rule of law. So, you know, think Australia, Western Europe, you know, North America. That's
a system that works quite well. If you look at what's going on, you know, with Al-Shabaab and others in, you know, Africa, it's a different story. But in cyberspace, it's a complete, you know,
every man for himself type scenario. What I find fascinating is, is that from the most part,
law enforcement has abdicated any responsibility for cybercrime. Now, I know that some of my
colleagues in law enforcement might, you know, take issue with that. And certainly they're trying hard, but the volume of the threat and the nature
of the technology makes law enforcement nearly impossible as a solution for the cyber threat.
You know, I talk about law enforcement is a nation state type solution, right? A policeman
in New York cannot make an arrest in Moscow and vice versa.
And so law enforcement is a local solution to a global problem. So no matter how good the cops get,
even though there are organizations like Interpol also that are trying to make a difference,
they're just fundamentally mismatched. And that's what we need to deal with. You know,
if somebody came into your house and broke into it and stole something, you dial 911.
If some kid spray painted your car or your house, you'd call the police.
You'd file a report for vandalism.
And yet we have the equivalent of these things going on every single day in our homes, in our computers, on our cell phones, on our tablets.
And if you dialed 911 to report a computer virus, the cops would come for you as
opposed to sending a car to investigate it. So I think from that angle, we need to get average and
everyday citizens involved in this. On the one hand, law enforcement has very limited resources,
it doesn't work internationally. And not all agencies are particularly well schooled on the
cyber threat. Whereas and you know, this living in San Francisco and Silicon Valley, there's tremendous talent in the private sector that fully is versed in technology.
There's a global community of people that could contribute significantly to this problem.
And I think that it'd be a great opportunity to get them engaged. And the last thing I would mention, particularly since we are living
so much of our lives online,
staring at screens on our smartphones
or on our computers every single day,
there's a part of our life
that is taking place in cyberspace.
And yet we don't have a common defense force
for cyberspace.
So for a hundred years,
we've had reserve army,
we've had reserve and
auxiliary police officers, we don't have any equivalent for that in cyberspace. And so when
the big cyber attack comes, we're going to have a paucity of resources and talent to respond. So
one of the things I call for is the building of a National Cyber Reserve Corps, take average
ordinary citizens, men and women, young and old, it doesn't matter. Put them through a background, get them cleared and part of the solution because we definitely need their help.
So I definitely want to come back to that type of distributed or crowdsourced workforce. And on a related note, I want to talk a little bit about the physical world, so meat space.
Yes.
By the way, on crowdsourcing, I'll give you some great examples when we come back about criminals crowdsourcing.
Okay, great.
And we can talk about the counter forces to that also.
So I remember going through a Northern Emergency Response Team training course, which was organized by the San Francisco Police and
Fire Department. So this was not a fringe group teaching this class. And I remember, I'm
paraphrasing here, but roughly they said, they polled the audience, said, okay, how many people
live in San Francisco? How many fire engines do you think there are? And it was something like, you know, 38 fire engines for
at a, at a minimum, several hundred thousand people. And the point they made was if there is
a, if there is a, in, in the event of a real event, a, let's just call it a seven point or
higher Richter scale earthquake, you could go and very realistically could expect to go seven to 10 days without food or water. And the fact that the Lord of the Flies type scenario, while unlikely, is not as unlikely
as people might think. And I recall when I was writing a section of The 4-Hour Chef called The
Wild Section, which was all about sort of forging and
hunting and, and, uh, preparing food without the use of a kitchen. I got, went down the,
the prepper rat hole pretty quickly. And, uh, I remember having, uh, some editorial feedback
from the publisher, which was critical of how deep I went into this stuff.
And just at that moment, when I was being
told that I was, uh, it was too alarmist and too extreme hurricane Sandy hit New York city.
And, uh, it was just a perfect illustration of how ill prepared most people were, uh, for what
is going to be, uh, a, an increasingly common occurrence with climate change, at least according to a lot of scientists who have looked at the modeling of, say,
100-year storms and how those might occur every decade or even more frequently.
But let me ask you, do you think having – you were mentioning biochemical weapons
or biological agents and how people – it's become increasingly easy in a way to fabricate these or to engineer
them. Do you think having iodine tablets and gas masks at home is overkill if you live in a
metropolitan area? I guess I would say it depends on your philosophy in life and how you choose to
live your life. You were talking about 30 or 40 fire engines for the city of San Francisco.
There were nights when I was working with the LAPD on Morning Watch, midnight to 8.
And for a precinct that had 400,000 people living in it, we had three police cars on the road.
So, in that precinct.
Now, we had other guys in other precincts that we could call.
But that's, you know, three police cars, six guys and gals, you know, for 400,000 people. So, yes, the thin blue line can be quite thin at times. And I'm always encouraging people to be prepared to have a bunker. I need to live underground. We need to be prepared for nuclear Armageddon.
And that's not the way that I choose to live my life.
But I think common sense tools, first aid kit, having iodine perhaps, opportunity to have tablets to make sure that you have access to clean water that's decontaminated and things like that.
I think that just is logical.
I don't think there's anything over the top about that at all.
Uh,
with international travel,
um,
and,
and,
uh,
we're not going to get into,
um,
necessarily kidnapping and all of that,
but I want to,
I want to,
I want to use this as a,
we can,
I have a great kidnapping example.
Well,
all right.
Well,
if you're going to dangle that carrot in front of me,
let's go there.
So I want to,
I want to know,
I want to hear the kidnapping example.
Let's do it. So this is just something that carrot in front of me, let's go there. So I want to hear the kidnapping example. Let's do it.
So this is just something that occurred in Mexico City a couple of years ago when smartphones were first starting to come in.
The cops in Mexico noticed a phenomenon that was really weird.
So I'm sure this has happened to you.
You get off an airplane in another city and somebody is holding a piece of cardboard with your name on it and you walk up to them.
Have you done that?
Yes.
Yeah.
So guess what?
Cardboard can be hacked.
Sometimes people lie and sometimes the person holding the sign is not the person that you
expect them to be.
So about three years ago, four years ago in Mexico City, when smartphones first came out,
organized crime groups and narcos were hanging out at the mexico city airport and with all the
signs up they said mr smith from dow chemicals and mrs jones from you know whatever the company may
be the bad guys were sitting there and they were using their smartphones to google the people whose
names were on the signs and looking for those that they estimated to be of the greatest net worth. Once they figured out who that was, the criminals were going up to the chauffeurs and saying,
you know, here's 100 pesos, get out of here and we'll kill you or we'll kill you.
And they were taking the cardboard sign.
The executive flying in from New York, San Francisco, London would then get off the plane,
see the piece of cardboard with their name on it, walk up to the person who also took
the limousine, was dressed like a limousine driver, got into a car and was kidnapped
as a result. And there were actually a few people that were killed. So my point is, is that most
people are very trusting and they should be. That's the way you want to live life that, you
know, you want to be happy and think about that stuff. But when everybody thinks like that, those
who think differently, for example, criminals, terrorists, and others, it's really easy to subvert the system and cardboard can be hacked.
Yeah. I hadn't heard that specific example, but that is yet another reason for me to use
pseudonyms when using car services, which I Um, I have done for the last couple of years just because I've had some weird
experiences with travel.
Uh,
even though,
uh,
you know,
this is where,
this is where the internet really fucks me because people think people can't
run publishing numbers.
They don't understand book economics.
So they think I have like a hundred billion dollars and I'm like,
you got the wrong guy. But, the the uh oh god yeah the the kidnapping is
terrifying i i i know i have known people in argentina and in other countries who've been
kidnapped or or colombia brazil very very common extremely common i know many people who've had
family members or friends kidnapped in South and Central America.
And certainly not exclusive to those places at all.
But the question I was going to ask you is a segue to virtual attacks.
And one of the startups that I'm close to used to be called Rep called reputation defender. It's now reputation.com.
And one of the executives there told me that when he travels to China on business,
he will use a brand new throwaway netbook because he does not want any of his data compromised on
his, uh, on his hardware. You know, if he brings a laptop with him. If someone is traveling, let's just say it's a
business person. They're traveling to any number of countries, but let's just assume it's China.
What are the precautions that they might take to try to prevent any infiltration of their data or
sensitive information? Yeah, that is an awesome, awesome question. And it's one that people don't think about
nearly often enough, you know, whether it be an executive from Houston or New York City,
or those in Silicon Valley, obviously, business will take them to, you know,
the most populous nation on earth, the People's Republic of China. And there,
the rules are very different in terms of what the so-called police can do and how they
will treat you and your technology so all i would say is if you're going over there for business
play close attention the fact of the matter is their screening of you begins when you fill out
your visa application right it's nothing there is random so why do you have to do a visa application
because they want to know who you are and if you're interesting. And if you're Andy Grove from Intel traveling into China, they're going to pay attention to you.
And I'll give you one simple example.
And this was reported several years ago.
Andy Grove, the former chairman of Intel, actually took a flight into Beijing.
He gave a lecture before a thousand people and presented from his laptop.
After his presentation was over, two very young,
pretty Chinese women approached him and they were ever so subtly just moving their own bodies
to get him to turn away from his own laptop. He had a lovely conversation. And when he turned
around, his laptop was gone. Now, the big mistake in that particular case is not that he brought a
laptop per se. But as the chairman of Intel, he actually had the designs for one of the latest Pentium chips, some extremely valuable intellectual property on the computer that disappeared along with the laptop.
So my general rule of thumb is, you know, laptops, netbooks, whatever they are, they're just a couple hundred bucks today if you can afford a trip to china you should be able to afford a laptop you can bring a dummy phone with
you and just to give you an idea of some of the information that leaks the minute you connect to
a hotel in a potentially hostile territory whether it be iran china you know whatever country you're
traveling to they have the ability to insert malware onto both your phone
and your computer the minute your device connects to their network.
So you know when you have to log into the hotel webpage to pay, that's when the handshake
takes place and that's when your device gets infected.
So that's step one.
If you go ahead and leave your laptop in any hotel safe. Routinely, the hotel security gives access to the local
police so they all know the combinations. Anybody can open up one of those saves incredibly easily.
So what I would recommend is if you bring technology, carry it on you if you want to
hold on to it. I would limit the amount of information you put on it. I would certainly
consider what we call a throwaway laptop or mobile phone, and I would make sure that those devices were encrypted.
If you know you're going to call 10 people when you're over there, have those 10 phone numbers and don't walk out there with all of your contacts, with your business plans, with your sales figures.
The thing that mostly the Chinese are interested in besides intellectual property is they're very aggressive about being
helpful to their state-backed industry. So if you're over there as an American businessman
or woman or regardless of what country you're from and you're negotiating a deal with the Chinese,
they'll be very careful about monitoring your email, what you're doing, and any negotiations
that you may be having with your counterparts from your own company in the United States,
whether it be your general counsel, the head of sales, they're going to take that information
and feed it to their Chinese equivalent in order to do that.
And in fact, there was a case that I mentioned in the book where an executive from Coca-Cola
got fished with a spear phishing email and they were in a multi-billion dollar deal with
a Chinese beverage, a state-sponsored Chinese beverage company, and they were underb multi-billion dollar deal with a chinese beverage estate sponsor chinese
beverage company and they were under bid and lost out so one phishing email to the right executive
crafted in the right way infected the computer and then the deal was done and billions of dollars
were lost wow so the phishing email was something like whatever it might be uh your account is
overdrawn for the Bank of America.
Click here to confirm your blah, blah, blah.
And if I could just give one general tip,
something to keep in mind,
and I don't know everybody that's going to listen to your podcast,
but I'm going to postulate that most of your listeners
actually do not know a prince in Nigeria.
If you get an email from a prince in Nigeria,
do not click on it.
He's not your friend.
He doesn't know you.
That's, yeah, very good you that's yeah very good advice very very good advice yeah the the opportunity cost of missing the real
email from the prince in nigeria pretty pretty low when you look at the probabilities uh but you hit
on something major right there which is actually that is one of the major causes of infections to
people's computers is that they're clicking on the wrong link.
And in the old days, you used to be able to tell a phishing email because they use bad English, bad grammar.
Now they're perfectly well crafted and a spear phishing email targeting a specific individual or executive is even more so.
So you have to be really careful.
Basically, my general rule of thumb is don't click on links.
If people send me a link, I'll call them and say, hey, did you send this to me? And they think I'm crazy,
but I don't click on links. Yeah, well, ditto for attachments, which can be executable files.
Okay, so I'm going to ask about an edge case because I love asking these sort of absurd or extreme questions.
But if someone has a nearly unlimited or unlimited budget, let's just say it's a hedge fund manager
who's worth a billion dollars plus, and you are their personal sort of security consultant,
and you can interpret that any way you'd like uh security slash sort of uh armageddon
proofing consultant what are what are some of the things you would have them do i would have them
hire a guy who didn't discuss their security plan on a podcast with tim ferris my first piece of
advice right good advice don't don't do that. But generally speaking, you know, every person you work with is unique and different.
So I work with a lot of folks of high net worth and a lot of general public corporations.
And the advice is very specific on what people's threats are.
So for some people, the biggest threat, you know, to a hedge fund manager may be that their son or daughter is addicted to meth.
And that's bringing all types of other, you know, people into their home that causes them difficulty.
In others, it may be some of their personal proclivities, things that they're looking for online that could be personally embarrassing, you know, mistresses, extramarital affairs, all of that type of stuff.
So those are the general things that you look at.
And then you work up a threat profile. That's something that I find that most individuals don't do, and certainly
most corporations don't do. And the fact of the matter is, in the same way that hackers are using
the internet to gather lots of information about their targets, you yourself can go out there and
use tools. And you talked about reputation.com and others, but there are lots of tools out there
that will allow people to get really good
open source information on themselves
and the threats against them.
And that's one of the key steps
that I always mention to my corporate clients
is that they need to go ahead
and implement an open source intelligence program.
Because if you are working on a secret project,
let's say it's the latest iPhone
or you're working on the latest version of Android, something that you don't want people to know about.
If you've got your search engines up and running and you start seeing people talking about it or sales lists are leaking out there or employees resumes are out there showing that they're about to jump to the competition.
You know, there's just a lot of stuff that you can detect. And the other point that I tell them is, and most people don't realize this, is make sure that you're looking in the digital underground. So most people think, you know, when they search Google, they're searching the internet. And when you're searching Google, in reality, you're only searching about 0.03% of all the available electronic information stored on the planet.
So how do you go about
searching the digital underground ah you have to go underground the the quickest way to do that i
mean one of the ways that people do it is by using tor the onion router so that's a specialized piece
of software actually produced by the u.s navy and it was meant originally to help democracy and human
rights activists overseas
bypass their national firewalls, whether in China or Iran, so that they can get around to
communicate. And it was very useful for their personal safety. And there's a million great
reasons why you would use Tor, again, if you want, in the wake of Snowden, if you wanted to go ahead
and have good encryption of the information you're looking for, then Tor is a great useful tool for that with some noted limitations.
But the other side of that is that there's something called Tor Hidden Services.
And if you're running this particular piece of software,
you can now get access to a whole world that you don't know exists.
So this is where hackers and terrorists and hacktivists and spy agencies and law enforcement hang out. So I'm sure you will be familiar with the Silk Road and what went on in that case.
It broke very close to you in San Francisco.
And the fact of the matter is Dread Pirate Roberts, the alleged person who was running
that, had the largest drug website in the world.
And whether or not you like drugs or not, and whatever your position may be, a National Institute of Health drug abuse agency study said at some point, 20% of all narcotics
purchased in the United States transited the Silk Road. Wow, I had no idea the number was so big.
And the money that Dread Pirate Roberts brought in in those 30 months was $12 billion dollars so 1.2 billion dollars in 30 months of
methamphetamine ak-47s uzis child pornography fake passports whatever you're looking for
you could buy it there and because uh silk road operated kind of like ebay where the house took
a cut of everything they sold dread Dread Pirate Roberts is alleged to
have amassed a personal fortune of $110 million. So, you know, let's say you're a 28-year-old
entrepreneur and kids don't do this out there. But if you're a 28-year-old entrepreneur,
you know, going from zero to $1.2 billion in 30 months, he had a relatively successful exit
except for the life imprisonment he's facing. But other than that, you know, pretty good gig.
Right.
The rather punishing asterisk.
Yes, exactly.
On the income statement.
Note.
Yeah.
Comes with free imprisonment for life.
Free prison companions.
Yeah.
Oh, God.
So you mentioned drugs. I want to chat about that for a second because I've heard you mention and maybe you can elaborate on drug production.
So this is something that I'm very fascinated by. I mean, I think drugs is a bit of a – so in the Nancy Reagan say no to drugs sense, it's a bit broad. I think a lot gets mixed into this so-called war on drugs that shouldn't be part of it at all.
And a lot of good therapeutic agents get disregarded and blah, blah, blah.
But the point being, when you look at just some of the real cash cows, if you look at the opiates, right, if you look at heroin, you look at cocaine. Marijuana is a very interesting case.
We won't get too far into that, but just the sort of decriminalization of marijuana is really fascinating.
Isn't its use mandatory in San Francisco?
It's pretty close.
If you go into Dolores Park, you by law are required to, yes, be using marijuana.
Yeah, if you stub your toe and therefore have chronic pain, then you can get marijuana.
You're permanently disabled, yes, and now you need marijuana.
But I've heard, and I haven't verified this, but there are poppy fields, even within some national parks in the U.S., that are policed by Mexican narcos.
And you have to be careful even as a hiker in some cases, if you go too far off the beaten path, uh, is that going to change in so much as will drugs, uh, the example
that you used was, uh, involving yeast to synthetically produce cocaine or not synthetically
perhaps, but in a, I guess it would be synthetically produce cocaine or other drugs like that.
Are these, are these fields, is that entire production chain and all the shipment, is that just going to go away?
Yeah, so you've hit on a really, really interesting point, which is, you know,
in the same way that Apple can go ahead and disrupt Microsoft and Google can disrupt, you know, somebody else,
the fact of the matter is, is that the old school original gangsters and
narco dealers are going to be faced with some challenges to their business model from a new
generation of joke dealers uh and it's going to be really fascinating so to your point when you
think about what is required for the production of uh cocaine today or heroin, right? You need these massive fields of cocoa leaves or marijuana plants
or poppy plants, etc. And that is really tough for the dope dealers. A, they're expensive to
maintain. They have a very huge footprint in terms of hectares and hectares of fields that need to
be maintained. And they're easy for law enforcement to detect. So now, thanks to synthetic biology,
one of the amazing things that you can do is
because all of those marijuana, poppy, or cocoa plants are all naturally occurring, you know,
substances that contain DNA, you can actually go in and sequence cocaine plant or poppy seed or
any of those things. And from that, deduce the genetic code for cocoa. And you can go further in and say, well, what's the active ingredient here? And genetic code for cocoa and you can go further in and say well what's
the active ingredient here and you can isolate that and you can snip that part of the plant or
the active ingredient and you could insert it into yeast and then you could grow those yeast and you
could bake bread with it and you could make beer with it so we're not quite there yet but all of
these things are very close off on the horizon. And it completely breaks our current global security model around narcotics because, again, we have these big fields and we look for the big fields and we have dope sniffing dogs when you arrive at the airport or going through customs and immigration.
But they're not going to smell a loaf of bread that is just as powerful as cocaine.
So there are some really interesting
opportunities there moving forward. It's going to make for some really interesting beer and bread
in the future. Is it conceivable, this is just now I'm going to really go off the deep end into my
sort of detective novel mode, but is it conceivable that the US government could decide that it would be pragmatic to, in some way,
seed people domestically with technology to, in a very decentralized way,
produce, meaning synthesize, and finances of, say, cartels who are shuttling drugs from –
and I know the Mexican cartels are now as far south as Colombia, where I've spent some time.
They're very, very prevalent.
But basically, in a way to reduce violence and disrupt that chain, do you think there's any conceivable scenario in which the government or some facet of law enforcement would decide that that type of – even the introduction of that type of production would either be done deliberately or have a blind eye cast to it for the tradeoffoff, which is disrupting the immensely violent and problematic influence of the cartels in Mexico.
Yeah, I mean, you're asking for a particularly interesting public policy and political question.
There are plenty of folks who are advocating for this. There's a great talk by a gentleman called Ethan Nadelman, who I just saw speak down at Global, who really gives a very powerful and compelling talk for why drugs should be legalized.
And you can Google that and find his talk.
We're kind of seeing the beginnings of that now with marijuana.
And there are other countries like the Netherlands that have allowed people to be on heroin for years and put them on methadone.
So there have been lots of different experiments around this. I would say I don't know that the
public policy and more importantly, the politics around this is there yet. But you can certainly
look at the cost of what it is doing to our society, particularly here in the United States.
We have the largest incarcerated population in the world. I think there are something like 3 million people that are somehow in the criminal justice system at
state pen or at the local level in federal penitentiary. So the cost of maintaining that,
most of those folks are there for drugs one way or the other. So there's certainly an economic
cause to be put forth. And again, I'd refer you to Ethan Naleman, who makes that way
better than I can. I don't know that the government anytime soon is going to see this more as a public
health issue and focus on demand reduction. Right now, public policy in the United States has been
almost heavily geared towards supply reduction. So, you know, let's go ahead and, you know, drop
napalm on cocaine fields in Colombia, and that'll solve it. And of course, as the people in Latin America, the Mexican president and others have mentioned, well, don't blame us. You guys are the ones that want to buy it. So it's really complex, right? How this works. I will mention that the narcos are all over the drug trade from all over the technology space in really amazing ways.
So narcos are using robots.
They're flying drones.
They've got drug subs.
There are now quadcopter drones and octocopter drones that can carry like 1,000 kilo loads
of cocaine and marijuana across the Mexican-American border.
We're starting to see that.
There are 2,000 tons carried by remote-controlled narco-subs.
Some of the Colombian cartels literally have a R&D budget.
So the cocaine cartels in Colombia have like $5 million allocated to R&D for robotics
because the day that they can launch autonomous subs up against North America, they've hit pay dirt.
So we're seeing that.
And the money and the sums are involved.
We were talking earlier about how clever terrorists may or may not be.
You should look at the sophistication among the narcos and the money that they have allows them to bring in tremendous talent.
El Chapo, Joaquin Guzman, who ran the Sinaloa cartel, was recently arrested in Mexico.
And at the time of his arrest, he had a room in his mansion, a cash room, with $200 million in cash just sitting in his house.
We call that the Tim Ferriss room, obviously, for obvious reasons.
But he was actually listed at number one on the Forbes wealthiest list ahead of Oprah
and French president Sarkozy, right? So the amount of money, by the way, to put $200 million
in perspective, Interpol's annual budget is $90 million. Wow. So if you were a sports team,
you would bet on that sports team against Interpol in a heartbeat. And it would seem to be the wiser bet.
Yes.
In terms of talent recruitment,
he should have,
he should have a number of incentives to use.
I will kill you or you work for me,
or exactly.
I will give you twice as much as anyone else,
any other law enforcement agency,
or at least Interpol can pay you.
And by the way,
that's exactly happening right now.
There's,
you know,
we were kind of joking about what's going on with the narco wars in Mexico.
But there have been 50,000 innocent Mexican citizens, nationals that have been slayed in the past six years.
So just south of our border, 50,000 people, right, you know, more than live in Palo Alto or the suburb of New York have been murdered.
And so there's a massive war going on between the people.
We talked about crowdsourcing before. There's a ton of incredibly brave Mexican citizens who are actually crowdsourcing
the location and activities of the narcos. And they're using open source tools like Google Maps
to report dope dealers and bring that information forward. The dope dealers have gotten hip to that
and have now actually gone ahead and killed off
a bunch of these citizen reporters and so uh to protect themselves now those guys are using
encryption and the narcos have gone out there and actually kidnapped hackers they've kidnapped like
top hackers off the street and brought them back to their headquarters and say hey you decrypt this
or i'm gonna kill you uh and the payback once somebody is identified as being a potential snitch for the narcos have been draconian. You know, it's kind of
gross and you can edit this out if you need be. But to make their point, some of the narcos have
gone ahead and kidnapped some of these folks who are using tools like Google Maps to crowdsource
what was going on with the drug dealers and their activities, kidnapped them,
uh,
and killed them and decapitated them and taken their heads,
uh,
and brought them to the central square of the town,
like right in front of the church when everybody shows up on Sunday morning.
And they took two,
uh,
computer keyboards,
put them in the town square in front of the church that everybody shows up at
with a head,
the human head of the snitch right there. And with a note in big letters that said, this is what happens to rats.
It's horrifying, of course. And the number that I have so much trouble
grasping is 50,000. It's so many people. How does that break down? If you're looking at the pie chart of reasons for these deaths, how many of them are snitches or what percentage versus stray bullets and just collateral damage versus shock and awe campaigns to instill fear and terror into entire cities and to compliance?
Because I've read these stories of, say, 20 or 50 students being killed
and decapitated. Right, we had that right now. In the past couple of weeks, we've had all these,
you know, innocent high school students who were just murdered, allegedly, by the mayor
and the police in the town. So, you know, I can make up a story, but I don't know the exact
breakdown of what it is. My gut tells me, based upon what I've read and researched,
that, you know, there's some percentage of this that is drug dealer, undrug dealer violence.
So one cartel fighting with another.
The others are people that won't go along with the narcos and what they are up against and what they want to do.
So they get taken out.
Law enforcement officers get taken out.
And then there's just a tremendous number of casualties when the trucks know, the trucks come through the little town and
everybody's shooting AKs and M16s. And then, you know, five-year-olds get gunned down as kind of
collateral damage. Man, good to count our blessings when you don't have to contend with that on a
regular basis or an anytime basis. It's really horrifying, to just maybe project forward a bit.
And I'm not sure if it's projecting forward that far, in fact, but artificial intelligence,
there are a lot of differing opinions on this, but what are the threats, if any,
of artificial intelligence? And where are things now versus where you think they might be?
That is a great question. It's actually very much in the news today. Elon Musk,
and I quote him in my book, talks about the threat from AI being greater than nukes. And
Stephen Hawking actually put an op-ed in the Independent in London about a month or two ago,
where he was very cautious about a widespread adoption of AI. Just
for folks who aren't particularly familiar with AI, you know, there are generally two types.
There's the narrow AI. That's the artificial intelligence that goes ahead and puts a
recommendation for you out there on Netflix or Amazon about what book you might like. If you
enjoyed this movie, you might like this movie. So that kind of narrow AI is widespread and ubiquitous. It's, you know, AI that allows you to talk to
American Airlines while you're on hold. And we're seeing that every place. And then there's the
broader, more widespread AI, which is kind of artificial general intelligence. That's kind of
the Skynet AI that people fear will run the planet. And there are some concerns about both. Broadly speaking, we all saw or most of and it played against the top, top Jeopardy
champs and just kicked their butts, right?
So this big computer with a funny voice called Watson was able to beat the best champions
in the world at Jeopardy.
And before that, you know, we had our greatest chess champions being beaten by a computer.
But the question that people don't realize or don't often ask themselves is, what would
happen if Watson turned to a life of
crime? Right? How much healthcare fraud could Watson commit? How much identity theft could
Watson commit? The fact of the matter is, is that day in and day out, we are turning over more and
more of our lives to algorithms. People worry about individual bits of data being stolen,
but that's like kind of a low-level threat.
Of course, that's happening.
The bigger threat is having our algorithm hacks.
Algorithms are very complex mathematical formulae that go out there and carry out everything from the anti-brake system in your car to the GPS navigation used by aircraft around the world to all the trading on the stock floors.
And those are all
algorithms. And we've seen a couple of really crazy, wacky things going on in the world of
algorithms, such, you know, which look like market manipulation. The challenge is, is that Moore's
law applies to criminals as well. And the big paradigm shift in crime has been as a result of
algorithmic programming. So in the book,
I talk about the fact that the old paradigm of crime is you get a bad guy, he goes out and buys
a knife or gun, hides in a dark alley and says, stick them up, right? That was a good business.
You could be your own boss, set your own hours, startup costs were low. But Tim, you know this
better than anybody else. What was his problem? Didn't scale.
How do you scale your business, right?
That was tough for a criminal.
Two arms, two guns.
Exactly.
And everybody you rob might shoot back and kill you.
So technology came along that actually improved upon that business model, and the technology was the locomotive.
Now, rather than robbing one person at a time, we could rob 200 people at a time.
Now, when they created trains,
nobody thought about that. But of course, that was a consequence. Fast forward today to the days of
the internet. And we've had hacks like at Target and the Sony PlayStation hack before that, where
100 million people were simultaneously victims of a crime. In the target hack, one third of all Americans were affected by
that. So if you talk about exponentials, we've gone from criminals robbing one person to one
single lone individual being able to rob 100 million people. That is a complete paradigm
shift in crime. And because it's exponential, it's only going to grow. And so
my big fear and concern that I write about in Future Crimes, the book, is the fact that our
systems of justice and law and order and public safety are all deeply, deeply linear. And yet the
threat is entirely exponential. And we're seeing criminals use algorithms, right? You know why you
can rob 100 million people? Because computer crime has been reduced to an algorithm the old days i talked about the movie
war games earlier the old day was you'd have the you know high school kid with the bag of doritos
and you know monster or red bull sitting at his computer hacking away at all hours you don't need
to do that anymore you can write scripts that carry out crime you've heard of
software as a service guess what there's crime as a service you can actually go out there and buy
programs like black shades and others that will go out there and commit crime for you and so when
a computer program can do the identity theft can do the denial of service attacks can do that for
you it can run in the background 24 7-7, 365 days a year to carry
out that crime. That's why it scales and that's why the profits are so high. And a lot of the
principles in the four-hour work week have been implemented by organized crime. I'm not saying
they read your book, but I'm saying that the logic that you developed in a lot of this,
people are seeing that.
And so now we have fully automated crime
and it's algorithms that are carrying it out and AI.
Yeah, I mean, these principles,
whenever you look at principles for effectiveness
and efficiency or scaling or building an organization,
they can, of course, cut both ways.
I mean, they can be used as a surgical tool to do good things.
They can be used to decapitate people metaphorically or physically even.
And that's an important point I'd love to make is I'm not saying, by the way, technology is bad.
I, like you, live in Silicon Valley.
I'm a huge proponent of technology.
It has the opportunity to bring tremendous abundance and positive good to the world. But as you mentioned, whether it be
a knife can be used by a surgeon to heal or by a criminal to kill. And it's just about how we use
it. No, absolutely. And I'd love to chat. I know we're probably going to be wrapping up pretty soon, but I wanted to ask you just about what can be done.
So let's assume that the people listening are, for the most part, not going to feel compelled to dig a spider hole in their backyard because they're afraid the black helicopter is going to come for them and they're going to fight off the US government with their stash of handguns.
Let's just assume that that's not who we're talking to primarily. But for people who are
like, all right, I'm busy. I've got a little bit of money. I'm well-educated. I'm very worried
about doing stupid things that compromise me. What are a handful of simple steps that they
should take or might consider taking to decrease the odds of bad
things happening? Sure. I can throw out some tips for individuals and then some for startups and
companies. So on the individual front, you know, common sense actually is not so common. And the
number of people that will click on links and open attachments is really high as a really strong piece of advice. Just don't do that. It's really bad cyber hygiene. And I talk about the concept
of cyber hygiene and the idea of keeping yourself clean. And if you think about, you know, sexually
transmitted diseases, right? If you're not clean, you transmit it to other people. The same is true
with our computers. So don't do that. Another thing that you can do is make sure that your
computer or your mobile phone is
constantly up to date. Have you ever been sitting in front of your computer when you get a little
notification like, hey, there's a new update to Windows or there's a new update to iOS or something
like that? Have you come across those? Sure. Yeah, I get notifications all the time.
Right. So what people don't what that isn't saying, it sounds really nice when they say,
oh, there's an update. What it really means is our secure our software has been riddled with security holes for the past six months, you know,
since the previous update, and we're now finally fixing them. So you know, there's the flip side
of that, I would say always make sure that your software is up to date across all of your devices
and keep that updated. Another thing you can do, I am not a fan of single sign on and using
the same password to log on to, you know, all your services. The challenge with that is if your
account at Target gets hacked, and you use your same Target email and log in across multiple sites,
now the bad guys and they do routinely do this once they get 100 million accounts from Target,
they're taking your target, you know, name and and password and they're trying it at bank of america and city bank
and they're trying it at facebook and google so if you have you should definitely have a different
name and password for all of your sites now i know people will say to me a great mark how am i going
to remember you know 300 passwords and this one wants a capital letter and the other one wants
the name of you know my favorite child actress and it's all too complex. There are a number of pieces of software
out there called password managers or password wallets that I recommend. You have to use some
caution because guess what? Organized crime have created their own versions of those.
So they'll upload something. It's like super number one best password program and get it into the Android Play Store and tens of thousands of people download it.
And, of course, your passwords are just being fed to organized crime in the background.
So I recommend one password.
There's another one called LastPass, which is quite good.
And then there's KeePass, K-E-E-P-A-S-S, which is an open source version.
So definitely do not use the same password.
If you're in a public space, always make sure that you use a VPN, a virtual private network.
This way, any of the information that is transiting from your computer to the internet
is encrypted from that point to point. If you're not and you're sitting at a local Starbucks,
I can go ahead and just because we're on the same network, see everything you're doing on your computer. There was a hack a few years ago called Fire Sheep where I could steal your
Facebook session cookie and log in as you and post things to your Facebook account just because we
were on the same network and you didn't need to be sophisticated. Actually, it was just a
browse in for a Firefox browser that allowed me to hack. So the tools of hacking are becoming particularly,
you know, easy to use. So if you do those things, if you maintain your site,
if you go ahead and constantly update them and use password managers, you can actually avoid
85% of the threats out there. So you can make a massive, massive difference. The last one that I
tell people that most folks don't consider is do not
use the admin account from your own computer as your primary account. So if you have, you know,
on your computer, a Tim Ferriss account, that account should not have administrative privileges,
you should have a primary account, which is administrative privileges. And the one that
you use day in and day out should be a user account with degraded non administrative privileges, and the one that you use day in and day out
should be a user account with degraded non-administrative privileges. Why would you do
that? Because if you click on the email from the Nigerian Prince by accident and get your computer
infected, if you're already logged in under an admin account, then that code needs no further
permissions to go ahead and infect you and to get onto your machine. But if you're on a user account and you get that infection
in order to change the system files, it will ask you to enter in your password, which should be a
good clue that you've been hacked. Got it. Okay. So you're talking about for the computer access,
the local computer access. Correct. Yeah. If you're logged onto your personal, you know, your MacBook Air or a Windows machine or a
Samsung machine, whatever it is, your laptop, your home computer, it's really wise to never
run it as an administrator.
Got it.
Okay.
Now that makes sense.
And just to add to your password recommendation, which I think is a smart one, you know, whether
it's one password, last pass or otherwise, is enabling two-step authentication.
Excellent.
It's really a good idea for Gmail, for Facebook, for any account that you can
to enable two-step authentication.
For those people listening who don't know what that is,
it's usually within settings somewhere.
And all that means is if you try, if you or someone
else tries to log into say your Gmail account from an unrecognized computer, it's going to
shoot you a typically, uh, very often a text to your cell phone with a pass key that you need to
enter in order to then enter your password. Uh, so it's just another barrier. So that's a great
piece of advice. Uh, what about, so speak. Yeah, that's a great piece of advice.
What about, so with the startups,
are there any other pieces of advice
that you would have, low-hanging fruit for those folks?
Well, so for the folks that are working in the startup world,
and I advise a lot of different startups,
as I know that you do,
they're running around crazy trying to get their beta out.
They want to ship their code, whatever their product is.
And so probably the
very last thing on their list is security they don't think about it and so for a company you
need to think about these issues right because all you have is your intellectual property and
they're actually companies out there that specialize you know the minute facebook is
launched they create the german version of facebook and they create the chinese version of ebay
and so ripping off your IP is very much what
they do. So both for startups, and particularly for larger corporations. One thing I often suggest
is that you need to be keenly aware of what's going on with your competition and with your
own company. So that goes back to implementing an open source intelligence program. You also need
to have somebody who's in charge of your security and kind of thinks,
you know, with the more of a conspiratorial mindset that you and I seem to have in talking
about this stuff and figuring out what can go wrong, because most people are good people.
They don't think like bad guys, right? I put handcuffs on bad guys for 20 years all over the
world. I know how they think. So if you're not trained in that, it's not at all obvious.
It's also important to realize that not everything
needs to go into a computer. Both Coca-Cola and Kentucky Fried Chicken, KFC, the secret recipes
for their food is not in any electronic system and be retrieved. It's air-gapped written down
on a piece of paper. So if it's really important, think about that. We talked about some of the
travel tips earlier.
The last thing that I would mention is to red team and test your assumptions.
Red team is a term from the military.
You kind of have the blue team and the red team.
The blue team is United States.
The red team is always the bad guys.
And the military trains this way where they use sets of bad guys to try to break their stuff.
I can guarantee you that if you're doing anything interesting on the internet or in your personal life,
there's somebody who's trying to get access to it.
It may not be an individual hacker sitting at a keyboard targeting you
because, as I mentioned earlier, a lot of these attacks can be scripted.
The thing I hear all the time is,
I've got nothing to hide, I've got nothing to lose.
Then you don't lead a very interesting life, if that's the case.
I would think we all have something at risk here.
And so you should be testing those assumptions.
And because if you're not trying to hack yourself, the bad guys are.
So better that you uncover those threats first.
No, definitely.
And just to your point, I mean, there are some real hotbeds.
I think I want to say Estonia for some reason, but it might be Bratislava,
somewhere out in that neck of the woods.
I mean, there are entire cottage industries that have popped up.
In Romania.
Romania, that's what it was.
That's what it was, Romania.
It's actually called the cybercrime headquarters of the world where it's very funny.
They have something like 500 people in this village, but that one Western Union office in Romania does more than most of Western Europe,
because of all the illegal cybercrime payments coming in there. So and in, you know, Nigeria,
they have what are called the Yahoo boys. These are the ones that send out all of those emails,
you know, trying to trick you. So yeah, there's definitely a very vibrant cybercrime economy out
there. A study by McAfee and CSIS, a think tank in DC, estimated the global cyber
economy at $400 billion a year. It's tremendous. That is so wild. Yeah. And growing. No doubt
about it. Well, I think this is a good round rather for us. I'm already looking for round two. So I
think this is a good introduction for folks, gives them plenty to think about. Okay, here's one for
you. Do you have any habits that might be non-obvious to people or habits that you think
improve your security or give you peace of mind that other people find odd? One that I get commented on all the time is if you look at
any of my devices, whether it be my cell phone, my laptop, or my computers at home,
they all have yellow stickies over the camera. The fact of the matter is, is that not only can
people hack your camera, but they can hack it in a way such that the little green or red light isn't on. And we had, there's malware out there. So that
does this really easily. I mentioned black shades earlier that will do that. There was a girl called
Cassidy Wolf who was Miss Teen America. And she went ahead and had her camera taken over. Ultimately,
we found out by one of her classmates, she clicked an infected email and as miss teen america 17 year old girl was coming out of her own bathroom you know after taking a shower her laptop was open
this creep was going ahead and surreptitiously filming her and taking the video and then
blackmailed her and said hey you know if you don't do specific sex acts for me in front of the video
i'm going to release all this stuff live. So I, unlike teen
America, people are not lining up naked, but I still go ahead and cover up the video camera and
it's super cheap to do. And it's, you know, it's, it's just something to keep in mind.
So funny. You mentioned that I have masking tape over my, over my camera on my laptop right now,
because I was hanging out with a buddy of mine who
in a previous life got in a lot of trouble with the FBI for hacking. He is a, he is a world-class
hacker. I mean, if you want to talk about a very competent red team, he now gets,
he now gets paid by companies to do that, to try to beat their systems, which he usually
does successfully. Uh, and he said, you know, you might want to put some tape on that. And I was
like, what are you talking about? And he's like, well, like if I wanted to hijack your computer
and videotape you, I could do it pretty easily. And I was like, okay, say no more.
And I've actually heard of business travelers who have been blackmailed very similarly,
usually female travelers who have had people attach cameras to their hotel peepholes from the opposite side.
And so business travelers, there's some business travelers I know who will similarly cover up that keyhole
so that people cannot surveil them.
Absolutely.
Talking about cameras, I mentioned earlier that everything is becoming software or hardware and cameras are a perfect example of that. You know, we all go ahead
and have cameras around us, not just on our cell phones or on our laptops, but everywhere we go,
right? There are now cameras at the dry cleaners, cameras at the bakery, cameras at the ATMs,
and all of those cameras are connected to the internet and they're all hackable. And some
crazy number like 30 to 40% of all camera systems have absolutely no password. And another 30 or 40%
have the admin password that's written in the manual that's available on PDF on the internet,
if you Google the name of the camera system. So that means they're widely available to be hacked.
And yet people use things like baby monitors,
nanny cams, things like that to protect themselves. And we're finding that they're just easy marks. Within the past week, actually, here in late October, we had an incident where it was reported
that 76,000 camera systems had been compromised and were being live streamed to the web. So you
could log in because all of these cameras had been hacked and easily taken over. And you could see women sitting on
the couch. You could see people in their bedroom having sex. You could see mothers breastfeeding
their kids, people sitting in dry cleaners, you know, cooking stuff at bakeries. So we think
these systems are there to protect us. But in fact, they can be compromised and used in really
interesting ways. If you have time, I'll tell you another funny story about that i have time awesome there was a case called the
crown casino in melbourne australia this happened about a year ago and a man comes in and starts
playing poker and he's doing really really well he ends up playing for two days almost straight
and he walks away from the crown casino in melbourne australia with
33 million dollars playing poker gets back on a plane and flies back to his home country in asia
what the hell happened because the casino got cleaned out they had no idea they ended up looking
at it and it turns out that he was part of a hacker team that went ahead and hacked the security
cameras and casinos you know all casinos have a ton of cameras and the hackers that were working with this
guy had given him an earpiece.
And so with the,
by having commandeered the casinos own security system,
they could see perfectly clearly what the dealer's cards were and the players
of all the different players at the table.
And they were basically via electronic message into his ear telling him, you know, stay pat, hold, double down, all of that stuff. And just
48 hours, you know, 33 million bucks. So the cameras that are meant to protect us,
if they're not locked down and encrypted, can definitely be used against us.
Wow. Yeah, good luck extraditing that guy.
Yeah, exactly.
Oh, man.
He can now afford a good defense yeah i bet wow well there's so
much more to talk about but uh i i will uh i will certainly look forward to some follow-on
conversations maybe we'll inject some wine into the into the mix to make things uh more rambunctious
but uh but since i know we're practically neighbors even though we're doing this virtually
I would love to meet you in person someday and hang out again
likewise and the
recommendation I'd make to folks is
go to futurecrimes.com check this out
and Mark did me a very big favor by coming on
the show early for you guys
and do me the favor. The book is
very inexpensive. It's going to be spectacular. Pre-order the book. So just it's, it'll take two
seconds, grab it on Amazon or wherever. Futurecrimes.com, check it out. Definitely take a
look at his TED talk. Where else should they, should or can they find you, Mark?
I'm at Singularity University. So I
teach there. We have a bunch of great executive programs. And other than that, on a plane
somewhere, travel in the world. So Singularity University is fascinating, guys. If you really
want to train yourself to think about exponential or exponentially growing technologies in a new way
to expand your mind, I can guarantee that Singularity U will help.
And that's what it is on the web, singularityu.org.
You can take a look at everything there.
And I will also include links to various resources and books and whatnot that we mentioned in
this episode, as well as future crimes in the show notes.
For those of you listening who want to simply find the one-stop shopping for everything
we talked about, go to 4hourworkweek.com forward slash podcast, all spelled out.
And Mark, until next time, thanks so much for taking the time.
This was a blast.
This was awesome, Tim.
Thank you so much.