Why I teach people how to hack | Ýmir Vigfússon | TEDxReykjavík
Ýmir tells us why he teaches his students how to hack and how understanding hacking gives an insight into computer security and the best mindset to react to attacks.
Ýmir is an assistant professor at Reykjavík University, Ph.D. in computer science, entrepreneur and hacker.
Ýmir's website: ymsir.com
TEDxReykjavík was held for the fourth time on May 17th 2014 in Harpa conference and concert center. The audience experienced engaging and motivational talks from some of the brightest artists, thinkers and entrepreneurs in Iceland, and from further afield. You can find more about TEDxReykjavík at www.TEDxReykjavik.is
facebook.com/tedxreykjavik
twitter.com/TedxReykjavik
The other videos from TEDxReykjavík 2014: ow.ly/yMlTU
---
In the spirit of ideas worth spreading, TEDx is a program of local, self-organized events that bring people together to share a TED-like experience. At a TEDx event, TEDTalks video and live speakers combine to spark deep discussion and connection in a small group. These local, self-organized events are branded TEDx, where x = independently organized TED event. The TED Conference provides general guidance for the TEDx program, but individual TEDx events are self-organized.* (*Subject to certain rules and regulations)
Hacking is the constant pressure that forces technology to improve.
COULDNA a said it better
+boiledelephant Definitely.
No
+Arif Muhammad Security software development is a technical field, and technical knowledge *is* technology...
***** Oh, for Christ's sake... Technical knowledge *IS* technology. That can include software development.
Thank god there's people like this: skilled, passionate, extremely sophisticated stream of thought, but entirely morally grounded, and with a will to educate others too. What a guy.
+George Cochrane Thanks for the kind words!
+George Cochrane He's probably dead now, US government probably captured, tortured and killed him.
+SuperLC1010 nope he is alive xD
***** Afraid I'm still around.
+Ymir Vigfusson Hæ
Damn, his English is solid
Icelandic is surprisingly similar to English. Surprisingly, that is if you do not realize, that, under all the Romance influence, English is a northern Germanic language.
***** yeh....fucking education being all educational...
***** So is the English of pretty much everyone in Northern Europe. It's a testament to the education system in all these countries (Holland, Scandinavia, etc)
Tom Alexander I'm Dutch ;) I didn't mean that his vocabulary was awesome (which it was by the way), but his fluency and the fact that it sounds like he has mastered the language. Even in holland you won't see this too often; with most people you will hear a horrible accent or moments of hesitation
***** De meeste Nederlanders hebben een verschrikkelijk Engels accent hoor ;)
A steel door reinforced with unobtainium.
+Snail (snool) I'll use Kali as a battering ram.
+simplyme922 you only have to throw a nokia at the door.
.
wut
Whatever company that had the balls and brains to hire you guys deserves a "pat on the back!" If someone has shown an obvious flaw in your system, reported that issue without using said "bug/hack" in a menacing way... Then you need to respect that person's intelligence, then consider how much you could learn from them and possibly offer them an incentive to do so!!!
By the way he forgot one big organization that teaches tools that could harm you, THE MILITARY! :/
Pornorgraph
I think these videos are going to change what I want to do in my life
Mathieu Reich same
Eshan is Fugglierestieres
And did you yet?
J S I totally forgot I posted this, and yes, I’ve followed so much more on cyber security and technology and don’t regret it
We love to hear it boss 💪🏼✌🏼
My favorite talk on the TEDxReykjavík Conference this year! Great job Ýmir!
Originally, hacking meant nothing but this : "Getting machines do so something else besides what they're designed to do"
All my childhood, I was wishing for somebody who had the same interest as me, but sadly, I always felt alone with what I like. Wouldve been really fun to have a bud or a teacher, who wanted to learn computer related stuff, like what the guy had when they hacked that server room when he was 15. Til now I still feel somewhat the same ... Really, if I become professional at what I'd be trying to achieve, I'll look for people who wants to learn it at a young age!
I feel the same. Maybe we should start our own group and let each other know what we can do.
+Lolopoldo Odlopolol
If YALL start a group can I join
I agree, may I join as well?
Think about it first, lets say we made a group,. then what? We're like lost foxes in the woods. We don't know each other either, meaning we do not know what everyone wants and we may not have the same goal. Some may want to go for InfoSec, some may just want to have fun programming. There may not be somebody who will ,kind of ,lead us. But I guess we can try if y'all really want it. An IRC group would work out fine, although I myself is new to IRC. I strongly suggest to find a group of people with the same mindset before we make this thing happen. (sorry for my bad english)
Big respect to him, I would love to have him as a mentor
I remember once, I guessed the password for the display laptops at my local computer store. In less than five minutes, I had every single one open on a word document, that said "Get a better password". Five years later, and they use the same password on half of the display models. Also, this guy was fascinating to listen to... And he's inspired me to make a new character for my world, so, bravo.
I was shocked how easy it's actually to break into the house. Once I was getting a room for a lease but I didn't like it so I went to look around for other options and have had left my stuff in the house. When I returned having found better room I found out that the owner had left and I didn't have a key to get in. So I climb the fence from backside, put a credit card trough the gap of a window and unlock pins and just pushed the windows in and got inside, took my stuff, fix the window and left :D
Vaidas Kondratas
X Y woah :o
I find journalism, because everybody can be a journalist, potentially more dangerous than professional hacking. source: I studied media law.
except hackers that get caught get ass raped in prison. i'd rather be shot at.lol
Rumpa Stiltskin lol
Robert Raymond What the fuck is wrong with you. Did you get IP banned from 8ch?
And if you studied computer science, you would most likely think differently.
+Rumpa Stiltskin is it good to be raped?
I hacked a tree once.
john doe I think we all have 😏
No i haven't chopped a tree and i'm getting grey. Time to hack a tree instead of some code. Getting out of my basement, feeling like golem, no the light, goes back to his basement.
+john doe , could you remote control it afterwards from your laptop?
man, hacking is incredibly interesting and working to discover flaws in someone elses program sounds amazingly rewarding but im just not smart enough for that. people like him and especially students are badass.
I'm feeling inspired and I'm moving to Iceland. One of the greatest TED talks.
we need more people like him in this world...really inspiring and aspiring man.
Great talk, great teacher.
That video was 16 Minutes. XD I was so absorbed in to listening that I haven't realised how the time went flying, even though I don't really listen to lecture expecially in english.
so true
Solange Brooks oh yea we are all geeks
What's the name of the hacking competition? I wanna watch it
Me too
+Dhruv Patel it's called "big sausage in a hole mate, pepe in da feel ya mate late, for fuck sake hate fate, lol mol, pause fam, mah lad"
Search 'TG15 hacking competition'
Thank you
Dhruv Patel
This guy is so funny with his role play type parts. But honestly, he makes a really good point
This Ted talk really educated me, not just about hacking but education too
wow he became emotional the last few seconds. Very nice presentation!
Brilliant Energy in this talk about #Hacking, Go Ýmir Go!
Moral compass. Started with and ended with. Use hacking for the good only. Thanks for the great talk.
I no lie involuntarily clapped after watching this.
Great presentation - I appreciate it - Thank you. I have a question for all of us. Today we have more operating systems, more security devices, complex security algoritms and also whole departments specialized in dealing with cybersecurity. Considering that as an heterogenous medium, hackers that convert themselves into cybersecurity experts loose some of the capacity in dealing with the heterogeneity, because when they choose a fixed salary, a.k.a job, they have to leave the digital jungle where they have to learn tons of different things every day and start to concentrate their work on a particular set of security media. A hacker before the job is free to learn and walk to wherever he likes. Otherwise he has a fixed timeframe, has to keep secrecy of their work, repect the company contracts, etc... This obviously weakens his master capability's. Or i'm wrong? What i meant is: You can't be a hacker in theory. You are a hacker only when you are hacking.
I will be giving a presentation next week to a local organization about the CyberPatriot program that provides students with the opportunity to participate in cyber defense competition. Watching the video provided me with a title, and information to include in the presentation. The title will be "Providing Direction for Students' Moral Compass."
+Steve Linthicum Wonderful to hear. I hope it went well.
I love this speech. I'm a computer scientist and despite Computer Security being one of my top favorite fields, I didn't learn much on it. That being said I'm working on a project (maybe a series of documentaries) with this goal in my mind to wake people in my society about the importance of Cyber Security and I would love to hear any kind of advise from you guys. I have an argument about his reasoning at the end of speech about why it's ok for him to "arm people with cyber weapons"; he compares it to teaching marshal arts or chemistry and explains that he like those marshal masters and chemistry teachers is putting his faith into his students not to abuse the knowledge. Well, fair enough but the problem with this comparison is also the students might not abuse the knowledge because of morality but in marshal arts and chemistry science, there is this high chance of being caught if you do so while in cyber terrorism the chances are not that high. Am I missing something here? P.S. I'm not saying teaching hacking is wrong or right, I'm just trying to make a point about his defense on it.
I would say Rahmat that you're just as likely to get noticed within the cyberworld, the difference is simply that it's not as likely that the observer can do anything.
Cyber terorist already know everything, you won't teach anyone something new so that they could abuse it, don't worry😅
Knowledge is dangerous, yet necessary. The problem many people that have uncovered how to hack face is that if they teach someone else how to do it and build up their hacker mindset, they are essentially giving those people an invisible machinegun that could be used to rob a bank at any time with almost no trace of who did it. That's a scary thought to have when you uncover something that could be used in a very illegal and dangerous way, up to the point where that knowledge becomes widely recognized as forbidden. While it shouldn't be: a hacker doesn't have to hack into someone's computer to use their knowledge and that unique hacker mindset. They could go over to the other side of the virtual war, like this good man has done, and work cyber security. These people will be the most succesful cyber security guys out there: they don't need to think outside the box, they simply have to think of what they would do if they were in the same situation. That makes it a lot easier to uncover a potential security problem, thus enabling the company to fix whatever security issues they may have. Also, no company is without those small cracks in their security. Hackers are well aware of this and they can hack anything at any time. Don't feel like your company is safe just because you've invested in cyber security before. No security is perfect and it's always a work in progress. You may, as this Ymir noted, have closed the door and reinforced it, but there's always a tiny little window left open by accident and that's something you should watch out for. The people at the internet banking company he was talking about were clearly not hackers. They didn't think outside of the box, leaving a very important couple of lines of code out and thus making their clients extremely vulnerable. Seriously, not making the system check whether or not the number is actually positive is the biggest mistake possible when it comes to this. That man should be fired!
Curiosity (interest) a challenge and need and how to think, to create a tool out of anything to get what it is you need (spinning gold from dirt) the enterprise would be applying your discovery appropriately to commodity.
i broke into tears...what a speech
I love the italian student accent! :)
i love being the same way. finding bugs and then reporting them. other wise if i did use them to my advantage i would always feel like it would bit me in the butt later on in the future.
Wish he was my teacher...
Me too...
Thanks for sharing this awesome, short, informative, video
Just what happened to me. I managed to take control of the computers in our school and find everybody's grades, and then apparently I went a bit too far and did something horrible someones computer. Well, eventually, they found me and I had a talk with the IT guy. He was awesome, he was all like "I already know what you did, yeah, that's cool!" and at the end he promised help getting a CEH degree!!! It was the happiest (or luckiest) day of my life. The way I hack, it's kinda like how he described it. I try a bulk attempt. This with this and that with that. See what works. What happens. Go from there, because you can always keep on making combinations of things. (Make sure to Google it all) Ask me if you want sum help.
i am trying to learn java right now but i am only thirteen with nobody that i know that actually could help me any help would be appreciated because as i said i have not even memorized all the code yet let alone started thinking about using it
alex reid I'm fourteen, don't bother learning Java if you want to do something like that :P Honestly, all it takes is patience (for trying every single method and every single combination of methods) and a little knowledge of what you think is right. It's just like: "Oh, hey, this looks important. I wonder what happens if I delete/rename it."
alex reid www.hackthissite.org/ www.khanacademy.org/ www.w3schools.com/html/
Any idea how to install a keylogger on a teachers computer
Declan Copland There are some flashdrives that you can buy XD I tried it once, it actually works. Another way you can get a password is if, on a Mac, you press tab while they are just about to type in their password, pressing tab switches you over to the user box, so when they type, as long as they are looking at the keyboard, you should be able to get their password successfully.
Is he have a KZhead channel ? I'd like to learn more from him, he's amazing
You're all on the list.
"I grew up as a hacker" **Waits for laughters** **continues**
It may sound ironic, but God bless our hackers!
Guys, watch this with the subs on. It's pure gold XD
I don't get it..
Whenever he pretends to be someone else, he turns into Mario!
Lol
It's a me mario
In the 2016 Jason Bourne movie(watched it last night at the cinema) Hacking happened in iceland...
You have inspired me 😊. Thank you.
So awesome, I am finishing up my Computer Science degree, and would love get into hacking and security.
I want this person to teach me tooooo......I'm seriously serious.......🥺🥺
Im almost finishing my career as a Systems Engineer, and i would really like to start learning about cybersecurity and hacking, so what would you recommend me? Where to start? How to practice? Anything would be really helpful
I'm in Reykjavik! :)
his english is on point. i love his accent
I know a lot about the Linux terminal, Hard drive partitioning, configuration, building PCs, case modding, overclocking, PC cooling, graphics cards performance, sd cards, usb drives, floppy disks, SSDs, but one thing I completely can not do is programming/hacking. It is something that seems extremely difficult to learn, and although I already have a lot of background knowledge on computers, I can't seem to learn programming and it seems so difficult, but I want to learn it so badly, because I could do so many awesome and great things by writing my own code and programs. I haven't really tried learning it much though, but it seems so difficult I tried to take online courses and read some books, but its so hard to write your own code, all i can do is just copy from the book.
Unfortunately there have been recent events where white hats have been arrested and prosecuted for disclosing vulnerabilities. But very cool talk.
great stuff,wish I could do or learn
This guy outlined security faults the best way. Everyone focuses fortifying one particular thing, which makes everything around it weaker in comparison. A hacker is going to just take the path of least resistance and move around your nice wall. The only real way to impede the hacker is slowing them down long enough for you to force them into starting from scratch. If you build your system so that all points are equally secure, the hacker is going to take their time poking around everything to find the best weak point, and by that time, they could be discovered, or the system could be completely changed, making all their efforts pointless.
Anyone else get here in my garage?
#no scam
Joshverd Me!!!!
I just listened to this while the Borderlands 2 main menu music played in the background, and it was really good lol
Extremely interesting very smart guy
I got in trouble in 5th grade for coding in HTML on a school computer, the moment I said it was a website they thought I was changing the school website and I got sent home! smh
Awesome lecture Ýmir!
+SleepyGaming Thanks!
This is so awesome
I wish I was part of your group I really do. I want to understand how things work. When I see something I wonder what it's designed to do then I wonder what I can make it do and what the limits of soemtning is. But I would abuse what I'd find. Somewhere along the line I changed. It's a shame, would love o meet somebody like you in real life because I would get a kick out of things like this
Thank you
you are really fascinating!
1:14 misleading subtitles english
Noooooo KZhead auto captions are fixed now shittttt
Fuck.I wish there was someone like you in my country.
It was very intresting and educational
"Now ask yourself, How would you break into your own home?" i've done that already :3
mind blowing
great Idea and work
Unobtanium is one of the most awesomest names I've ever heard. Yes, I know he didn't just make it up, but I need to say it.
We as humans seem to gravitate towards the weapon of choice, but not the 'moral' choice to use it, the real issue.
Good job, portal! ;)
Great talk
This talk provides a strong argument in favor of gun rights
I really haven't been a hacker but I am always interested in finding out how to get behind the world and fix it
I never had the chance to learn in a school like that :( Needed to learn by myself :)
Very cool talk!
Anyone hear about Project Ares? They just had a competition in Vegas, like he describes.
Why are the only subtitles on this the automatic subtitles? I expected proper subtitles from TED.
How can i become one of your student..?
This guy is great! :)
I want to learn to hack.
Learn to program.
I've taken programming class but I need little more instruction to better understand.
What language(s)? The more the better, the most important language to understand is assembly imho.
First: I am not an expert on information security. I'm an amateur cryptographer which a bit of a side interest in infosec. But having been learning stuff as a hobbyist for years... Learn the architecture of the stuff you're interested in. Figure out where the working parts are and read security advisories to learn about common breaks. You want to target applications? Learn about common memory bugs and leveraging them. You want to target code that uses self-modification to obscure its features? Learn reverse engineering (including how to read machine instructions on your target architecture, whether that's intel, ARM, etc, etc. You're curious about web application security? Learn about network architecture, network protocols, databases, common implementation security problems. You want to target the OS? Learn about how your operating system works, what sorts of security features it implements, and so on. Android? read widely about the DVM, bytecode, and the booming mobile malware industry. More than any particular programming language or technique -- and I think this is probably pretty clear from the example given in the video above of a house with an expensive lock and the windows open -- computer security is about understanding the various levels of architecture (ie: how things are put together) people actively develop attacks from as raw a level as sniffing RF radiation given off by components up to forcing faulty random number generation to break cryptography, to using different error messages as an oracle to reveal part of a user's secret information to using inadequate input checking in applications to hijack the process altogether). TBH, there's far too much of all of that potentially to learn, even if you were doing it as a full time job. So pick a piece of computer technology you're interested in and start poking at it to see how and when it fails and what you might be able to do to make use of that.
Phoebe Queen thank you, im takeing your advice now
His English vocabulary is soooo good, it's kind of amazing. He has a kinda obvious accent though.
+Dendy Appreciate the sentiment! And yes, I clearly have an accent :-)
I grew up as a hacker too. But lately no one is buying my trees. I even got in trouble for hacking.
I want him as a prof at my university!
Those hacking competitions sound fun where can I watch them o.O ?
Nogla's actual face reveal thanks ted
or u can just Google it. plus it's all over his twitter
who is nogla?
+Hoang Nguyen Minh go on KZhead and type Daith de nogla
+Yolo Lowe oh, the irish gaming guy that plays gta 5 with vanoss and others?? I do know his face, like 1 or 2 months ago, in a video of his channel xD
***** no, it's like hwang wien ming. Vietnamese name :p
he is a "subject of ymir" don't let him bit his hand.
*I came here to Learn some Hacking but got someone else's Life story.*
I agree all what the man said.
do you have video tutorials ? if yes then please send a link
Without hacking the security we have would have never been. The Tec me have right now would've never been without hacking
"unobtainium" Please let me be your student, Ymir-senpai!
Where do you learn how to do this?
3 people were hacked by this guy.
K
I got in trouble in 6th grade for "hacking the school website" smh
how did you do that..
mel roy the website had no security Xp
I made the school announcements say suck a dick as my senior prank. also we hung a giant inflatable phallus from all the bank accounts
Nice
I formed a group to work on a railgun in highschool
But isn't teaching large, multi-national industrial companies (that rape the planet) how to defend themselves against cyber-attacks, in itself un-ethical?
Interesting.
The moment you try to enter in another router, but u forgot that u were expelling ip's from that router
If i find any exploit even if it's a game, i tell it to the owner. Finding bugs in any behaviour is sometime feeling rewarding (i can so reflect to that). Some make a job out of it some make a hobby out of it, and some end in jail. Although i'm not american when you own a gun doesn't mean you should go frenzy with it. When a cop hauls you over, you should not reach for the cabinet. When you're a friendly hacker you messaged them you're on their side and they all know about it. Even if you found the smallest quirk. I tell them if it's ok if i attack it and let em know any findings. Some small quirks, can end up really big.