CE HACKER SAIT TOUT DE VOUS : VOUS N’AVEZ PLUS AUCUNE VIE PRIVÉE
Audio Summary
AI Summary
Being a cybercriminal is far more appealing than drug dealing, as individuals are actively monitoring your digital private life to sell your data on the dark web. The digital realm profoundly impacts your life, and once data leaks online, it remains there permanently. Sax, an ethical hacker, discusses cybersecurity, cybercrime, data leaks, cybercriminals, artificial intelligence, and information warfare. He demonstrates how quickly personal information can be found due to poor digital hygiene.
The discussion highlights the dangers of data leaks, which can be far more critical than people realize. For example, medical records, sexual orientation, and personal struggles like burnout can become public, affecting individuals' lives profoundly. A person's financial future could be jeopardized if a bank accessed their leaked medical history, revealing a serious illness.
Connecting to public Wi-Fi networks is risky as it can lead to virus downloads, phone or computer infections, and the theft of all your data, including banking information. It's impossible to know who is behind a public Wi-Fi network – it could be a cybercriminal or a state service. The reality is that personal data is constantly being collected and exploited. Sax mentions accessing a file containing 800 million data points on French citizens, indicating that an average person has likely experienced three to five data breaches. This data can reveal not only personal information but also details about one's family, address, and financial holdings, making individuals vulnerable to pressure or even physical threats. The digital world is increasingly impacting and even ruining lives.
The ease with which personal information is found is attributed to poor digital hygiene, such as using the same email address and personal data across multiple platforms. Sax advises creating unique email aliases for different services (e.g., "[email protected]") and deliberately making small errors in personal information like names and birth dates when signing up for services, as most businesses don't genuinely need precise details beyond an email for promotions. For deliveries, he suggests using pickup lockers to avoid linking purchases to a home address.
Regarding the urban legend of phones listening in, Sax clarifies that continuous listening is impossible due to the immense resources it would require. However, powerful tech companies like Google, Amazon, Facebook, Apple, and Microsoft (GAFAM), along with AI companies like OpenAI and Anthropic, continuously collect general metadata. This data, invisible to the naked eye, is used for targeted advertising. For instance, if you mention a product or visit related websites, the collected metadata can trigger relevant advertisements. While not continuous eavesdropping, these companies gather comprehensive information, including oral conversations, once you accept their terms and conditions, effectively giving them ownership of your digital life.
The widespread data leaks, particularly concerning health and social security information, are a significant concern. Sax points out the lack of political action despite major leaks occurring almost weekly in France. He also criticizes the proposed ban on social media for minors under 15, as it would require individuals to provide identity documents and selfies to a third party, whose security and intentions are unknown. This could lead to a generalized mass surveillance system, reminiscent of George Orwell's "1984," where the state knows everything about its citizens. Sax fears a future where social credit systems, similar to those in China, could dictate access to services based on a personal score.
Sax emphasizes that his expertise is the result of immense dedication and hard work, not inherent talent. He believes that learning how to learn and developing perseverance are crucial skills, often overlooked in traditional education. He has always operated ethically, never crossing to the "dark side" of hacking.
He debunks the stereotypical image of a hacker as someone confined to a dark room with multiple screens. Sax has conducted "Red Team" missions, which involve testing a client's security in real-world scenarios. In one notable mission, instead of directly hacking servers, his team observed human behavior. They exploited the psychological aspect of human interaction to gain access to a client's server room. By posing as a scruffy repairman, he subtly conveyed inferiority to a young, social media-savvy secretary who, out of perceived superiority and a desire to get rid of him quickly, granted him access to the server room. This allowed them to breach the entire company and achieve nine "trophies" or mission objectives, such as accessing the CEO's office or HR's computer. This experience highlights that 100% security is an illusion, and human vulnerability is often the weakest link.
Sax also shares an anecdote about finding a vulnerability in a major festival's ticketing system, allowing him to pay only €1 instead of full price. Instead of exploiting it for profit, he contacted the organizers, who were grateful and offered him VIP access. This demonstrates his commitment to ethical hacking and responsible disclosure. He explains that system vulnerabilities often arise from human errors and biases during development.
He hasn't pursued tracking famous individuals like Xavier Dupont de Ligonnès, noting that disappearing completely is almost impossible in 2024 due to the digital traces everyone leaves. Even when on the run, individuals need their closest circle for support, which can be triangulated by authorities. While it was easier to evade capture in the past, modern systems, tools, and data make a perfect escape virtually impossible, especially in Europe and the US.
Ethical hacking, like what Sax does, involves identifying system vulnerabilities and alerting companies to improve their security, rather than exploiting them. This work is highly lucrative, even more so than drug dealing in 2024. While he could earn more, Sax prioritizes his role in raising public awareness about digital education. He draws a parallel with road safety campaigns, which transformed dangerous driving habits over decades.
Artificial intelligence, particularly deepfakes, presents new and terrifying challenges. Sax believes society is unprepared for the rapid advancements in AI, especially in France, which he estimates is five years behind in public readiness. Deepfakes could be used for scams, impersonations, and even to create fake evidence, as seen in the current Vinted scam where AI generates images of damaged products for refunds.
He warns about the dystopian potential of "wearable tech" and human augmentation, referencing Elon Musk's Neuralink. While these technologies offer exciting possibilities like enhanced senses, they also pose risks of external control over memories and experiences by malicious actors or authoritarian states. Sax stresses that technically, it could become possible to manipulate memories through brain implants.
Regarding France's cybersecurity capabilities, Sax rates it 4.5 or 5 out of 10. While large state entities and major corporations have some protection, small businesses, which are crucial to local economies, are highly vulnerable and often targeted. He identifies Iran, North Korea, Israel, Russia, and the US as having the best hackers and possessing the most information.
Sax believes a third world war could start entirely on digital networks, with cyberattacks crippling infrastructure like railway networks, power grids, and water systems before any physical conflict begins. He concludes by offering essential digital hygiene advice:
1. **Email Aliases:** Use unique email aliases (e.g., "[email protected]") instead of your main email for every service. This makes it harder to track you and doesn't require creating multiple email accounts.
2. **Falsify Information:** Deliberately make small errors in your name, birth date, and other personal details when signing up for non-essential services. Most companies don't need accurate personal data beyond an email for promotions.
3. **Pickup Lockers:** For online purchases, use pickup lockers instead of home delivery to avoid linking your physical address to your online activities.
4. **Strong Passwords:** Avoid using basic passwords like birth dates or the same password everywhere.
5. **Password Managers:** Use a password manager (e.g., KeyPass, LastPass, One Password, Bitwarden) as a digital vault. Remember one strong passphrase (e.g., "I get up, I push you, you don't wake up") to unlock the manager, which then generates and stores complex, unique passwords for all your accounts. Do NOT save passwords in web browsers like Google Chrome, as they are vulnerable to hacking.
6. **Skepticism and Caution:** Be wary of suspicious SMS messages or calls, especially those demanding urgent action or payment. If unsure about a bank call, hang up and call your bank directly. Take a step back and think critically before acting.
Finally, Sax encourages intelligent and responsible use of social media, rather than abandoning it entirely, as digital presence is now indispensable. He emphasizes that everyone can improve their digital security and that the common excuse "I have nothing to hide" should be replaced with "I have everything to protect."