1. Home
  2. Live Updates
  3. Transcripts For CSPAN3 Bruce 20240705 : vimarsana.com

Transcripts For CSPAN3 Bruce 20240705 : vimarsana.com

CSPAN3 Bruce July 5, 2024

Security technologist called a security guru by economist. He was he has written more than one dozen books, including the New York Times best seller data and goliath and click here to kill everybody, both awesome books, which ive also read cover to cover in his latest book, a hackers mind. In quotes, schneier provides easily digestible mine opening tourist on how hacking exacerbates notes the. Associated press. Then it says kirkus calls the hackers mind an eye opening banding book. Get ready to be and offers hope for leveling a badly tilted playing field. Booth teaches at Harvard Kennedy school and lives in cambridge, massachusetts. So please put your hands together for the person who wrote the book on applied cybersecurity. Bruce schneier andrea angwin, thank you. Gretchen, you think you have. And that was pretty fun. That was im so excited. We got a mask of this situation. You know, hes got the mask. He said, well, its great to be here and thank you all for coming. And its my first time in this building since pandemic finally i was in the old building. Ive never been in this building. Oh, yeah. The interim one. Yeah. Yeah. While they were renovating here. Yes. So so, bruce is a doesnt need an introduction. Hes a legend and want to start with a bunch of questions. Im to ask him based on my reading of the book. And then open it up for for all of you guys. Well, but i do want to just start with the very the amazing premise that blew my mind, which was that i myself think of myself as hacker aligned, i would say as a data journalist who has often hackers or used techniques in order to examine that, i thought public needed to see and you make this really argument. So i guess i had always thought of the as the outsider and that was my view of it. And you make a really interesting argument that really hacking is the domain of the privileged. And so i was hoping you could talk a little bit about the power structure just to start, and then we can move into the details. And i think power is key and i that word bringing power, the notion of hacking. To me, hacking is a subversion. Its its subverting the rules, not breaking the rules. Its doing something that the rules are allow but is unintended and unnoticeable. Aided by the rules, designers. So its not cheating on your taxes. Its finding a tax loophole and thats and thats an important difference. And hacking is something that a lot of people do in the situations whenever theres a set of rules and theres a desire to subvert them, you know, people hack and i and my book has examples from from sports, from history that mentioned religion, religion rules have been hacked all the time. And but also from from hedge funds and from Companies Like uber and in tax. So everybody is hacking but when the rich and powerful hack, they often have the ability to make sure hacks arent declared illegal. So we normally think of hacking and then the computer since you find a hack in Microsoft Windows and microsoft says you cant do that and they patch the code and that really well because theres like a power thats in charge of windows, it works less well when you a tax loophole because no ones really charge the process. Changing law is complicated and slow so things tend to stick around the carried interest loopholes around for a couple of decades. We just cant we got were a one vote short of closing it. We still cant close that loophole. So hacking really tied up in power i love the example you give of Goldman Sachs loading and. 1500 bars of metal at ten foreign warehouses in in order to game the spot market for aluminum prices. So heres example of hacking you and i cant do so it turns out that price of aluminum in the Commodities Exchange has to do with how quickly. It can be delivered. So Goldman Sachs because that goldman can buy like most the aluminum and they move it around warehouses like they put it on trucks, drive it all the way, house, take out of a truck, put on truck. The next day youre over to the warehouse. That because that artificially manipulates the price totally hack. I mean when when we decide aluminum cost it doesnt include one Company Driving it all around to pretend. But according to the rules that they figured out, they were able to basically control the price of aluminum and so theres a hack that you to be powerful if i figured it out so that no ones going to care. But if youre Goldman Sachs can make a lot of money with it. You do make this point in the book they say hacking is not cheating. Right. And thats really important. But i think its it is. Its interesting to me because, you know, you talk about peter thiels use of the roth ira loophole and which is, you know, a tax code loophole that allowed him to. Are you going to explain it . Tax free is a 4 billion tax free forever. Yeah. So that seems like a cool hack, but i i just if you got billion dollars. Right, exactly i was trying to figure out actually where to stash my 4 billion, but am im wondering, i mean, you thats not a cheat. But isnt that cheating . So it depends what were talking about. Its not against the law. Right. Right. So. So follows the letter of the law it breaks the spirit. We can argue its unethical. We can its immoral. But so, so up to me, we have a set of rules. The tax code or, you know, the rules of basketball or the rules of football, rules of the game. And youre not breaking them. Youre finding a loophole. So my favorite stories in the book 1970s some team shows up on the formula one race track with a six wheeled car and says you cant have a six wheeled car. And the team says pulls out the rulebook, says, well, show me. And it turns out that the rule book is silent on number of wheels a car could have because whoever that a car couldnt have four wheels. So thats a heck no one thought of it now, because its a formula and i dont know their names. They have a french name whos in charge of women racing. They able to patch the rulebook. So you open up the rules today and says that a car can have no more actually, or no less then just in case four wheels. But thats easier because you have one body that is in charge of fixing the rules. Now there are times when the rules are better if theyve been hacked. So in hockey a dozen years ago, maybe a little more someone someone invented of curving your hockey stick. Now, i dont dont watch hockey, but supposedly when you curve your stick, the puck goes much faster. It gets air. The game is way more dangerous and, way more exciting. And now everybody curves their hockey stick and. The league has now detailed rules. And how much coverage are you going to have . Theyve modified over the years. So theres a hack there was a positive change on the game as far as everyone was concerned, except for the people getting injured. But then they have to do theyre better protective armor, but they are there are injuries. So. So there is right. So theres a hack thats i mean, not even moral or immoral, just like there was no there was an empty space. The rules because no one thought of it. The person who invented the the high jump flop. What was his . And you remember the name stage name flansburgh. Great. So great. So he invents a way to do the high jump that no one thought of before, and suddenly everyones doing it. Its the person who figured out that you film cooking from above, right . And changed all of think talking youtube videos. So you talk about how you say hacking be an engine of progress actually can be a force good. Although i feel like a lot of the stories the book made me feel bad. Yeah. I was hoping you could tell us one of the good one. Oh, we could argue the hockey ones a good one. The i use in the book is the in the 1400s, some whose name is eastwick or antisec hacked. The the English Common law trespass to protect from the government. It used to not do that was never intended to do that. And he brought a case where the government trespassing. So you cant do that by this law. And so there we have we have, you know, whos in charge of the law. Well, courts are and judge said, yeah, i mean, that makes sense. Thats a good hack. And now, you know, all of our notions of trespass law come from that decision. So theres a hack for. Good. You know, one that we can argue is for good. We talk about uber and uber hacks all sorts of laws, laws about employment, laws about taxis and right. Hacking it again and again and. We can say theres a lot of really bad things is doing. They also say the taxi industry was completely moribund, captured by these local monopolies and unable to. And it took a company like uber to kick it over. So here i have like this good and bad. Mm. Right. I mean i think its a it reminds me of the, you know, Creative Destruction is sort of. Yeah. The idea of it reading your book, i couldnt stop thinking about. Trump you say in the book that you dont want to talk about trump because its like talking about guns. You just like, have people dont listen. And its like a terrible example. I know but its a good example. A hacker. I mean, that guy hacked all the norms of traditional media, of social media. I really have always thought of him as like just basically a dinosaur tech. He just, you know, and i dont know if everyone knows what that is, but essentially, when you flood a server, too many requests and it shuts down, i felt like he broke. So norms that no one could absorb. Thats right. Right. Basically, youre doing things so fast that the media just operates it as a slow. We dont have a to deal with and we really patched either. So i mean like week were learning that suddenly, like is the entire news cycle even though hes not in any of power at all. Yeah exactly. And there were like a whole bunch of other people being arraigned that day who are never going to get that coverage right. I mean, just and it was coverage of nothing. Yeah. Yeah. And what the doors were like in the building. A lot of stuff out the door. There wasnt lot of talk about the door. Its like theres nothing to talk about and yes, exactly this why you dont go down the rabbit hole. I know, im sorry, but i just to raise it. But i was thinking about types of hacks. Right. And de dos attack made me think medical billing, which also like a dos attack on me, like the number of bills i get from and the itemization itemization figure out basically means that no way for me to contest it or even what im paying right. And i heard some of those called me migo for my eyes glaze over. Yeah, right i mean, things that are so complicated so you cant understand and that is, again, that is a rich person hack. All right. Im going to talk about that. Ill give you a history example which is vaguely religious. So the 1700s, there a surprising epidemic of random murders in europe, mostly northern europe, mostly denmark. Enough. This is not in the book. I learned about this last week, so im kind of excited about it. So heres the hack. You want to commit suicide, but suicide is a mortal sin if you commit suicide, right . You go straight to hell. So you believe that. So thats a consider you believe that hundred percent. So what do you do heres the hack. You kill somebody, murder is a capital crime. Youre going to die. But you get to confess to a priest first and that im not this up. There was a of random murders of people who want to commit suicide. And this the way they were able to do it and avoid eternal hell and they only fixed it when they got rid of capital as the only way. Patch this then saying that is insane. I mean, i love the whole section on the indulgences, right . That mean the classic hack of the church was being offering to sell indulgences so an adult indulgence is basically like a get out of sinning free card. Its so so cool so so you i was like so write me up i mean in the in the catholic faith that you have you seen in theres penance well it doesnt have to be in that order right so you can do an of penance first and get whats called an indulgence which kind of protects you from. I, i dont know how it works once in five so i dont know i dont know what the deal is. So but and this something and then and the church is in church earning money from this the church doesnt get any money any other way. So this is how the church funds itself. But they kind of over this over the decades and centuries realize this is kind of a limitless you can sell as many these as you can print and theyre up being a whole economics. Theres theres middlemen that are that are selling them to people from the church. Theres all sorts of fraud. I mean, this is what Martin Luther railed against this practice. And this is a way of taking is, you know, the notion of sinning penance, which makes sense. And you know financial nation is a form of penance we can do that. That seems reasonable and turning it into this like financial engine that was never intended right so the rules arent broken its all by the rules but Martin Luther looks at and says this cant be right. This is just bad, this is immoral. And you know and the rules are change. So you cant do that anymore. You cant go to your church and a get a sinning free card. They patched they patched. Okay. So we have to talk about a. I. Because everyone is obsessed with strategy between right now and you have. An interesting point. You say i was going to change hacking in two ways. First, itll be used to hack us, and then also ai systems will become hackers themselves. So can you describe what youre talking about and whats going to happen . Yeah talk about the second one. I think its actually its actually interesting. Lets lets think about that. Both interesting. Like what is really i mean, you wrote that. All right. Fair, fair. So lets talk about the tax code again, a tax code is not computer code, but its code its algorithms, right . Its got inputs and outputs. Its vaguely formulaic, supposedly. And that code has bugs. We call them loopholes, right . It has vulnerabilities. We call them tax avoidance strategies. And as black hat hackers know where those maps call them accountants. Right. But its very much a parallel. So these tax avoidance strategies, these loopholes are found by people, right . Theres your accounts who are who are poring through the tax code, looking for loopholes, and they find some amazing ones. And theyre can be very profitable, which are the character tax loophole. Theres the double dutch sandwich that Companies Like apple and google used avoid very much any tax for about a decade and theres something called come trading where you get two tax refunds for one trade and and eu is trying to figure out if they can like ban this thing having trouble but but so so that is a human process finding these loopholes turns out that you know going through a whole lot of data looking for patterns is something that i can do really well. So it is not unreasonable believe that an ai could be trained to find tax loopholes. But already guys are finding loopholes in computer code. Theyre not that good at it. Theyre going to get better. So what happens when an ai is fed the nations tax code and said, you know, i want to pay minimum tax . Well, the worlds tax codes. Its a company like apple or google. Youre going to find what, 110 100 a million tax loopholes and what that going to look like because our system for patching these is very slow. Witness the carried interest loophole and we still have it patched. So, you know, this has always been a very human thing, made power it power affects whether normalized or not. But you know when i start doing, i think its going to change the speed, scale and scope of this hacking. So i want to give another text this also shows a power differential. And if youre a member, youre youre all in new york. So this is affected you. Trumps 2017 tax cuts. One of the things they did was reduced state and local Tax Exemption and i know if you remember, but the word came out that we should prepay our 2018 taxes in 2017 when we could take the take the deduction. And if you remember that and that rumor went around for about a month and the irs said, no, you cant do. And so the irs saw the saw the hack and said, no, thats not allowed. And and that really is a power thing, preemptive purging. They wasnt preemptive because people were doing it, but they did issue a ruling saying, you know, you will not be able to take the deduction for prepaid 2018 tax on a 2017 return. But that so so but if we had lobbyists it could have gone the other way and thats the difference that that that the the hacks the rich and powerful invent come with lobbyists come with power behind it to ensure that doesnt get patched. Then no one goes to peter thiel and say, you know look, im sorry, thats not the way roth iras were us our tax on our 4 billion. Right. That doesnt happen. I know i was reading the section on aei and i got really excited. I thought well, maybe chad cbt can find me a tax loophole because im not smart enough to find one myself. And maybe this would democratize hacking. And i think and i think it will i mean, we cant we cant undo that power structure though. I mean i think it will decries the finding of them. But you know i mean i could take advantage of peter thiels tax loophole that just he did but i just dont have know the ability to turn into 4 billion. But thats the difference we can all do what he did and what did is he took money from his roth ira and invested it in his new company at micro pennies per share. And then it turned into i was palantir. So you and i could do that if we you know are the multibillion Dollar Company forming sort which we seem not to be so far its not working so far but but but this this whole time. Correct. We have a but i do think its worth thinking about. Also, the power structure who owns i because as soon as i started thinking about that, i thought, oh, theyre going to be like a tiered a. I. System where basically all the good loopholes, youll have to pay a lot of money to get. Well, we talked about this a bit in the break before before we started i mean, i think a lot of peoples of ai are basically fears of capitalism that the issue is not a. I. The issue is whos controlling. It means an ai run by a tech monopoly for their interests. Thats real different than if its an ai that is your advocate running on your hardware for your benefits. You know, we dont have that world. But like do the citizens of sweden fear a. I. Like we do . Probably not. And what are they going to do to ask them . We should ask them. We all have phones. Call them up. Yeah. I mean, i thought it was an interesting point. You said pervasive predatory hacking is a symptom of a flawed system and you described late stage capitalism as the tsunami of hacks in our society reflects an absence of trust social cohesion and civic engagement. And so i started to feel depressed about the state of democracy because it does feel so hackable, right . It does feel like theyre that the powerful are finding ways around accountable. Party. I mean, somethings going on. I think t

© 2025 Vimarsana