Ask at this point hackers know everything there is to know about every one of us.

Why do we need passwords now?

Why I keep going to the gym if you're gonna die Anyways, passwords are kind of a necessary evil and hackers really don't know everything about you.

It all depends if you put that information out there on the internet.

Congrats, I know what a white hat is, I know what a black hat is.

What is the red hat angry hacker.

I don't think I've heard the term red hat hacker before when you were a white hat hacker you hack for good.

Um, a lot of people in the security industry are white hat hackers and then for the cyber criminals that we call them black hats, there's also this other term called gray hat where they could be a IIttie admin during the day, while moonlight as a black hat during the night hacker for life.

Ask my unicorn.

How do you even begin learning and exceeding in this field?

I'm trying to become a penetration tester, need inspiration.

So pen tester is kind of like an attacker that goes and checks all of the external ports, any openings within someone's network.

But if you really want to be a penetration tester, there's a lot of content out on the web right now, courses, workshops, They even have events or conferences where you can meet other people in the field.

You can find a mentor learn from them, they would point you in the right direction.

I feel like the hacker culture is pretty open and and diverse.

Um, so there's a lot of content out there.

Malware is the worst.

What is this purpose other than wasting my time?

Usually malware is going after money and if anything, you're considered collateral damage when malware is delivered, they're usually just spraying all the malware to many people as possible.

So it may not be intended for you.

I think of malware as like a fashion trend.

You know, there's different malware every season every quarter and you have to stay in fashion and on trend all the time.

When you think about older malware that used to occur a couple of years ago.

Sometimes it comes back in fashion.

This twitter user name a ask, Jessica Alba is an interesting choice for hacking.

How do hackers decide who they're going to target?

Jessica Alba is a beautiful woman and she's also a celebrity.

So she sounds like a great shiny object for cybercriminals to go after.

But a lot of them have different motivations that could include money is probably the biggest one.

Another one would be reputation would be like ha ha, I hacked this person.

It could be information kind of like corporate espionage and then we have destruction, which is kind of rare, basically what it is.

They try to destroy all the systems to put that company out of business.

Kylie Minaj, ask why do they make the login process for your student loan aids, so difficult and tedious.

If some hackers want to break into my account and pay off all my student loans, please don't make it difficult for them.

You all are going to ruin this for me.

Let them run wild in there.

Kylie, these hackers are not going to go and pay off your debt.

If anything, they were going to go into the system to pay off their tuition.

So a lot of these controls are in place to hinder hackers like that to get into your account.

It's an unfortunate thing to do, but you know, it's necessary, axel Blazin asked, speaking of what is even the point of these body counts that follow you?

But well that's it.

No messaging or anything, no spam just follow like sake, it's dumb.

Well these accounts are doing something that may not pertain to you, what we call account aging.

So what that means is they're trying to bypass a lot of automated detections from social media that they have in place to look for fake accounts and so by tweeting or messaging or making any type of action, they're trying to bypass detection to look more like a legitimate account.

This twitter is there?

Andrew cheeky at what would they think of next?

Is there anything that has been courted in the last decade that hackers haven't found a vulnerability to do some damage.

If you think about your fridge at home being able to connect to the wifi or your pressure cooker, being able to connect to an app on your phone.

A lot of these devices are developed in a way where they're looking for the lowest possible cost of manufacturing, so when they get to the security part, it's kind of like an after thought.

So until things change, we're gonna still have these problems with IOT devices, twitter users, sift, basque, mauer, unicorn.

What should my first step be in the bugging?

Should I just get a file and a book and start doing the best way is to just jump right in think about it as riding a bike, it takes time, it takes practice, but eventually you'll get it.

There's a different bugger for every operating system, but they're not easy to learn unless you start, you know, just doing it, you're self and training yourself and practicing like I don't remember every single command in the burger, I have to use a cheat sheet, twitter user storm wolf, my awesome boss says that I can request to change my job title to whatever I want it to be in our company profile.

Obviously safe for work.

Could anything random like Pokemon hacker or cybersecurity wizard.

What do you guys think it should be?

Well I can see you just said obviously safe for work.

So I think you should just name yourself safe for work, this twitter user sub eight, you ask your smart tv and your video streaming apps are collecting and sharing tons of data just because it can how long before we can start having embedded cameras that malware triggers.

Surreptitiously I have unfortunate news for you.

This has been happening minus six years and it's gonna continue to happen so too late for you.

Allison 82718685.

That's a mouthful.

Why do you hate C.

Sharp?

And his handle looks like a bot.

I don't hate C.

Sharp.

C Sharp hates me.

The only one of you asked why can't hackers do anything useful like leak Taylor's recordings of Babe and better man grow up hackers.

If you don't already know.

Taylor Swift has an alter ego that we call swift on security and she's considered a security pro in the cybersecurity industry so no one actually wants to hack her.

But if you're in the know and you know who that is then you know who it is.

This twitter user zero pone asked, can we stop calling people who did hackers journals?

Why the hell do you even call them hackers?

To begin with looking for legitimate answers as I'm confused as hell.

Let me set the record straight.

There's a difference between hacker and a cyber criminal.

So if we were to refer to the bad guys, I would rather prefer to call them a cyber criminal.

There's a lot of people in the security industry that consider themselves hackers.

There's a lot of people that hack for good.

W.

M.

Ramadan asked Maori Unicorn.

I have a simple yet daunting question.

Why do you use a Mac for your security work?

I mean a lot of people argue the fact that Linux is the way to go in terms of security.

Mac is similar to think about two different brands of cars.

They look different on the outside, but they could be sharing the same chassis underneath.

There's not a lot of Mao out there for Mac and Linux, I mean it's there, but you know, currently most of them hours on Windows, the bishop or josh Harris 25 what is the point of spam emails?

Are they profiting from it?

What do they gain from spending random unnecessary emails When people send out spam emails, they're sending it to thousands and thousands of targets.

Say you had a million emails sent out and they're requesting $1.

These cybercriminals are expecting that 1% will actually bite a lot of these cybercriminals will treat this as a business.

So it becomes very lucrative for them, cyber tooth, Maori unicorn if you would create a timeline for an incident.

What would it look like?

Just curious because your design skills are cray cray, well a lot of people don't know this, but before I got into computer science, I was actually pursuing a degree in graphic design.

So a lot of it from my time doing that carries over into my work back when I used to work at the Department of Defense, I used to create these three D videos to describe different type of network layouts.

I didn't know three D design at the time.

So I spent the weekend taught myself and the next day started you know, making content if you can make things look nice and be able to come communicate the actual abstract content.

It helps.

Don't look asked.

Yeah, but bad pickup lines and fishing really.

Any different low effort, easy reuse and really do get a success.

I really think fishing is more effective than saying a pick up line.

I've lad dal v I studied wanna cry case an NHS hospital.

A disaster seemed totally preventable.

Why didn't they patch were they lazy?

Stupid in the case of this incident.

Huh?

Hospital in the UK was under a ransomware attack.

It happened because they didn't upgrade their servers or their computers.

This is the whole reason why upgrading is really important.

But when you think about it, some of these infrastructures like a hospital or a power plant, a lot of them cannot experience any downtime.

So when you do do an upgrade, you have to shut down the systems for a little while.

Higher.

Oh 733.

Ask as someone who doesn't work in info sec what are red and blue team?

I'm assuming red are the pen testers.

These terms actually come from the military where they would perform military operations.

They have a team that acts as the red team doing the attacks and the blue team serves as defense team similar to what we have in cybersecurity and that the red team is hacking the blue team's systems.

The whole point of what the red team does is to enumerate holes within a network.

We want to find the holes before the bad actors.

Do you think of it?

Like we're sparring partners so we're really not there to antagonize the blue team or anything like that.

We really want to work together with the blue team roots.

Asylum hacker kid interviewed his mom about what it's like to build a career in info sec.

Something def con parents often think about how do we inspire kids to go into space and see it for the fun and challenge that it is.

Well, when I was young I had no idea I was going to be in this job.

I actually had to know that this job existed in order to actually go into it.

If there was a chance that at a career fair you would have someone who gets to hack for a living.

I think that would be a really cool thing to have, you have to have the correct mentality to be in this industry.

The whole hacker mentality is creatively thinking outside the box solving a problem that's out of the standards or norms of how it's supposed to execute.

If we kind of use that type of mentality in some of the content or workshops or anything that we reach out to these kids with, it will kind of inspire them to want to solve problems in this field, this twitter user, our fitness asks why do stock image hackers exclusively wear ski masks and hoodies?

Well, I think the photographer was going for a feel of an actual robber or criminal, but there is a reason to wear something on your face.

They're trying to hide their face from cameras or any type of identify rare that will attribute them to a crime and why they're wearing hoodies.

I can imagine that some of these server rooms are super cold, they need to cover their ears if you don't already know.

You know, some of us actually dress like this to work and I actually have a ski mask for all of my outfits, Let me put it on for you guys and it's not complete without the glasses.

We're good to go.