Confessions of a cyber spy hunter | Eric Winsborrow | TEDxVancouver

Подписаться 41 млн

Просмотров 1,7 млн

50% 1

With over 20 years of experience leading high technology companies out of Silicon Valley, Eric has played a part in shaping the industry as an executive at heavyweights like McAfee, Symantec, and Cisco.
Today, he is the CEO of ZanttZ, a company that is developing stealth cyber security technology solutions. Eric and his company are at the forefront of the latest developments in the world of global espionage, and the merging of man and machine. He attests that the Hollywood-created image of the daring secret agent sneaking into a foreign government's laser protected server room to steal top secret information couldn't be further from modern reality. In fact, the "James Bond" of the 21st century doesn't just use a computer, he is the computer.
This talk was given at a TEDx event using the TED conference format but independently organized by a local community. Learn more at www.ted.com/tedx

Наука

Опубликовано:

11 май 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 693

@AnthonyGorss 4 года назад

This is a good video to share with those who are oblivious to the real-world threats we face on the digital battleground.

@delilahtuxedo6993 2 года назад

That was the most informative TEDx talk I've listened to. Thank you so much.

@javierescontrias 4 года назад

This guys "dad jokes" must be epic.

@AndreasDelleske 4 года назад

Poor kids :-)

@curtcoller3632 3 года назад

His dad jokes are dead jokes.

@kentwinsborrow 3 года назад

Oh boy.. just you wait...

@naomiwinsborrow7407 2 года назад

You have no idea man…dinner table jokes are something else

@iLaddx 9 лет назад

"the youtube"

@Nitsujcm2600 9 лет назад

As soon as he said it, I scrolled down looking for this comment.

@YouSunkMyFishy 9 лет назад

It's like the boobtube, but on the internet.

@turbocrew8039 6 лет назад

Daryl Ladd as soon as I heard that I was looking for this comment

@michaelmettie9430 6 лет назад

that moment when you realize your thoughts will already be the top rated comment and just look for the thumbs up on it instead. So yeah, let me save you 20 minutes and save you from becoming dumber..... skip this video. Don't listen to a lecture about technology from a guy that says "the youtube" hint: hes probably from "the iraq"

@SLACKLINEDUDE 5 лет назад

Daryl _"I don't do the Email"_

@bobbymorelli9763 5 лет назад

17:27 hes sending hackers to the mirror dimension. dr strange would be proud

@kar351 4 года назад

What is sad is that the same technology that does this, could be used to improve life for everyone on the planet. But since we are full of stupidity and greed this is what we have. I am about to hit 50 years old, I saw the internet growing, I saw amazing innovations and was hopefully for the future, and this is what my kids kids, will have.

@ShatabdaRoy115 2 года назад

Yup sir!

@arshaghazie 4 года назад

man I recall all those viruses name from my childhood when I was so obsessed with computer magazines

@SimplySpace 4 года назад

"Imagine the fallout" Ahhhh, I see what you did there.

@recoveringcatholic4130 3 года назад

What is da meaning ?...

@soundaddiktion2006 5 лет назад

"Will we ever realise it" made me think of Brave New World in a chilling way

@jeremybumpermanpub7144 4 года назад

Sound Addiktion Me too.

@MrSkyTown 7 лет назад

Unplugging my GameCube from now on, don't want to get hacked

@eduardoarty1228 6 лет назад

MrSkyTown hahaha wtf

@finnelhumano6096 6 лет назад

After the vault 7 leak, that doesn't sound so funny anymore does it?

@LordJackass 5 лет назад

they'll spin that tiny CD so fast it'll break the CD drive.

@brisclan7813 4 года назад

Good idea, can't trust those Japanese

@amead5248 4 года назад

I already warned you.....do not unplug me.

@candaceberry6651 2 года назад

I really enjoyed this! Such a great balance of humor and information. Sucked me right in! Fascinating!

@maverick4220 6 лет назад

I've heard about this secret mission before. I believe there is a full documentary about it.

@pharcyde110573 4 года назад

Love this guy, wish I had a boss like this!!

@sdsfgsty 4 года назад

Propose to him! 😍

@Calm_Energy 4 года назад

What a great presenter! These jokes really kept me engaged lol

@existencebeyond5398 4 года назад

He is a very great presenter! Thanks!

@kn0ck496 6 лет назад

new age honeypots is essentially the gist of this talk. The software suite they use is obviously next gen and mind blowing.

@alexgoslar4057 4 года назад

Thanks Eric, for this enlightenment.

@brianmilligan1787 2 года назад

He never really scratched at the true facts but all he said was very interesting and with humour thumbs up

@quelorepario 8 лет назад

"shadow networks" > Honeypots

@ryanschafer9034 7 лет назад

its the same thing on a larger scale. better known as honeynets which are made of honeypots. these are just smart honeypots that are linked together. TrapX makes a neat product thatll even replicate PLC equipment and generate bogus event log things so it looks real enough.

@marcinnawrocki1437 6 лет назад

Yup, just network of honeypots, nothing neew really. And Stuxnet story has few more very interesting aspects.

@cyberkidnap6359 6 лет назад

yup except they are programmed to talk to each other☝

@zyeuh2565 5 лет назад

@@marcinnawrocki1437 such as ?

@jeanayala5239 4 года назад

"Imagin the fallout", I see what you did there, and I love it.

@therealderekchurch 4 года назад

please explain...

@jameswhite6152 4 года назад

@@therealderekchurch if you were to bomb a nuclear reactor there would be "nuclear fallout" in the form of radiation. What he did was a play on words. Because fallout used as a word by itself to explain something means consequences.

@rodkneeellil3905 5 лет назад

Thanks, TED 4 sharing.

@EXHellfire 7 лет назад

I was hoping this guy would say agent 009 is now agent 1001 but eh... wasted opportunities...

@ingebrecht 6 лет назад

Nope, he is top secret. Agent 404.

@EXHellfire 6 лет назад

not found, huh, that one is also good

@lostspace5811 5 лет назад

Said it near the end 001

@timmonrf3347 4 года назад

@@lostspace5811 Thats not what he meant. The number 9 in binary code is 1001. 7 would be 0111

@bluejay6904 4 года назад

it was double 001 earlier James Pond. it's cutely in binary.

@tsehampton 6 лет назад

Wow! A great talk, informative and a little scary with a glimpse into the future. Thanks.

@migsfire5912 4 года назад

I remember hearing about the "Michaelangelo" virus when I was playing Oregon Trail , in Elementary school

@amediarts 4 года назад

Thanks for the real question at the end.

@apurwamusic 3 года назад

This video is 8 years old and still looks next gen today.

@gsogso3444 3 года назад

Wow...thank you Great speaker.🙏✨

@jdrissel 4 года назад

I have for years thought that engine computers at least could alter the spark timing to cause occasional extremely early ignition (and very high cylinder pressure) leading to early mechanical failure. My suspicion dates back to a 1976 Pontiac. At about 6 years of age it began pinging when it had not before. It pinged but with no seeming pattern, and not even 100 octane racing fuel stopped the pinging. We replaced the ignition module, the coil, cap and rotor, all the wires and plugs without any impact. Carbon deposits were the next suspect, but when we pulled the heads it was clean. We did a valve job and installed new springs and vatted the intake manifold. When we put it back together and drove it, the pinging was gone. Then we realized we left the plug that sets the ignition timing to base unplugged, and wouldn't you know it, the pinging came back. We wound up installing a stand-alone MSD system that just used mechanical and vacuum advance. That worked and got better mileage and better acceleration, though both were still awful. It was a 1976 Pontiac 455 (with a pavement-shattering 160hp LoL) after all, but it was still going at about 300k when I lost track of it. Not many '76 engines of any make or model made it much past 100k.

@Bojan-tg2vk 2 года назад

More mechanics and less digital technology and people will not be able to hack or spy on it, but the future is unfortunately 0% mechanic and 100% digital technology. That's why I always hated these new mobile phones.

@pamcota3451 4 года назад

Excellent Presentation !! Although scary !!!

@danielrobinson4795 4 года назад

Great vid!

@CaptainSamie 4 года назад

The first virus was written on punch cards in 1968. The internet didn't even exist as we know it today, it was a connection between universities and military so that data could be quickly shared. A collage kid wrote it to see what would happen. And he also wrote the first virus protection program.

@badriprajapat 10 месяцев назад

Great knowledge sharing.. And the voice is very clear and bold like some hacker threatening very seriously 😂

@oo-dd3lk 5 лет назад

Fascinating talk....

@hop3881 4 года назад

Anyone know what software he is using towards the end of the talk? Some sort of network visualizer?

@DaveSuperDaveLyon 4 года назад

You civilians don't get to have that stuff until the machines allow you to.

@rydmerlin 7 лет назад

Interesting how his contention is the subject of Spectre and how boots on the ground defeats "cyber" in the movie.

@NeedSec 11 лет назад

Nothing new or groundbreaking in this presentation but a great introduction for the layman.

@PatchedThePipe 6 лет назад

Ahh I remember the “I love you” hit just as panic died down when it became clear the Y2K bug wasn’t gonna happen

@spaghetti9845 4 года назад

i used a securid ... since it changes codes every 30 sec that is tough

@shaneksmith1957 5 лет назад

Thank You!

@user-gv4bf4zx2s 4 года назад

The only way to be 100% sure is to have a physically isolated network. I had a customer that insisted on it. They had two computers on each desk: one was connected to the Internet, and the other was connected to the LAN and server with the ERP system. All USB ports were disabled, and of course, end users were not 'Admins', lol. They never had a problem w the isolated system. Imagine that.

@basicdesign1 Год назад

yep. Got that since 2000. 20+ yrs of peace and I'll be dead before they find a way of getting around that 🖕. Meanwhile my son, who grew up with that system, has become a hacker - of course.

@alessandrocernuzzi 4 года назад

Next Halloween I'll just skip the usual horror movies and theme thing and I go to the next level. I watch a lecture by Eric Winsborrow

@KeithCooper-Albuquerque 5 лет назад

Great video!

@552rehtyls 9 лет назад

What program is being used to show the network here? I am interested in that!

@shepkohler6399 5 лет назад

PRISM

@babybirdhome 4 года назад

Xavier Grogan Microsoft PowerPoint. It's an illustration modeled after the fact based on network packet captures and log analysis.

@jamessmaby8758 5 лет назад

A great Ted !

@mst5g826 4 года назад

Actually, he showed how the confluence of man and machine makes us much more susceptible.

@mehrdademami149 8 лет назад

Operation "Olympic Games" ??? But DOPED !!!

@kizombeiro8130 5 лет назад

Do all the Ted talk presenters follow the exact same talk structure ?

@natebeattie8945 2 года назад

wow excellent presentation

@yardmasterswealtheducation8424 5 лет назад

Old School Theory (not uploaded to my channel yet...) counters this threat beautifully!

@q1w2e3621 9 лет назад

The piece just before the conclusion was a non-sequitur ('Licence to kill'). He didn't go anywhere with it.

@RajSingh-qc6lq 6 лет назад

He's a bit socially awkward is all.

@__-cd9ug 6 лет назад

yeah idk, I feel like he uses the "licence to kill" in comparison with the "ally" that james bond has today, which is a fake agent that does the job but doesn't reveal actual information - like he explain right before with shadow networks or whatever

@slidhg2247 6 лет назад

I guess it’s more his way to say that they are also allowed to engage on the networks which are collecting data from their honeypot/ shadow network. I didn’t do research on this guy, but he seems to have pretty good inside in offensive hacking strategies of the past decade. so why are you thinking his company just uses this defensiv mechanisms he showed during the talk

@tombraider77777 5 лет назад

"License to murder ".

@hamidnikkhah929 3 года назад

Good ,informative and true

@divyaboy 6 лет назад

Excellent Heads UP Glade Guys Like you are on our side

@danieljanecka9492 3 года назад

"our side". Ha. Ha.

@nilsp9426 6 лет назад

What also works instead of espionage? Diplomacy. Sometimes trust is worth more than having a thousand missiles or viruses. But we are taught to defeat the enemy, not befriend him.

@MrKurisu28 4 года назад

I honestly wouldn’t be surprised if he turned out to be a robot.

@robertwagner7439 4 года назад

Thank you

@Tej517 4 года назад

@7:12 it's Natanz not Nantaz .

@kbto 19 дней назад

A lot of this is incorrect in terms of the Natanz stuxnet attack. The Natanz siemens box was airgapped so it was impossible for stuxnet to phone home, it was programmed to know what to do. Also recently (3 months as of the writing of this comment) it was discovered that stuxnet was delivered via a water pump installed in the facility.

@johnsabaku2257 4 года назад

2013? holy moley! I wish I this guy's foresight

@melvinmayfield470 2 года назад

Excellent!

@geoffreylee5199 5 лет назад

Diamonds Are Forever is about computer break in, with an audiocassette ...

@sweden5665 7 лет назад

what software was he using at the end?

@over00lordunknown12 5 лет назад

5:46 DAMN IT! The gyroscope in my phone will burn out and I won't be able to use the compass... XD

@BOT-vk7wq 3 года назад

Unplugging my GameCube from now on, don't want to get hacked

@MathewunnamedWeymouth 4 года назад

Nice advertisement hidden as a TED talk...

@andrewe3165 7 лет назад

Chuck Norris could swim in a desert.

@larrytownley2231 5 лет назад

Usta surf sand dunes in N.M. !

@Calm_Energy 4 года назад

When Chuck Norris jumps in the ocean he doesn't get wet. The ocean gets Norris.

@yiagi6126 4 года назад

Mark rober already did that to one of his cousin 😂 Watch his super mario effect

@UltimateBargains 4 года назад

There was a time when Chunks Norris could do that, but he's over the hill now.

@donbow450 4 года назад

Chuck Norris would have not sped up the centrifuges, he would have sped down earth.

@justineb211 4 года назад

USB not surprising, I remember I love you and everyone at the company being warned BUT STILL opening it. Uggh, pain for the day.

@americaalwayswins9655 10 лет назад

Excellent. I want in.

@lloydjoseph6484 6 лет назад

this was technology back in2013 ,now after 5 years . we are at a way higher RISK

@Enonymouse_ 4 года назад

China's i-war end game has advanced considerably since this guy gave the talk. They are constantly targeting cellphone networks and other assets.

@roderrickgaming9949 4 года назад

Yeah no way jose

@DouglasMoran 6 лет назад

The speaker gets a lot wrong and the sloppiness makes me doubt much more. For example, the Melissa/ILoveYou worm of May 2000 was not, as he claimed, the first case of SPAM. First, the first case of SPAM was in 1978 although the term wasn't coined until the mid-1990s. Second, although Melissa used email to spread, it wasn't SPAM. Another example, the Code Red worm hit in mid-July 2001, not after 9/11. A quick consultation with Wikipedia would have revealed these errors. And as others have noted below, his "shadow networks" are collections of "honeypots". Honeypots arose in the 1990s, although I don't know when the threshold was crossed of being populated with enough data to warrant that term. In 2000, there was at least one commercial product designed to facilitate creating custom honeypots by providing the underlying capabilities such as hidden monitoring. I didn't hear anything here that would help an executive be more aware of the threat. It was little more than "Be afraid. Be very afraid."

@glenngammon4215 4 года назад

BS: it was a game called TETRIS in 1989.

@greywolf271 6 лет назад

I don't know why he bothered creating a vision of the future when what he's describing is exactly what Cliff Stoll described in The Cuckoo's Egg.

@spacemanjames 8 лет назад

This guy is brilliant, genius and hilarious.

@aseeds7785 3 года назад

18:45 In a nutshell: In a virtual world but full of Player versus player, then booted to a world full of npcs with the sprites of the original players.

@prasoonpandey1184 6 лет назад

Fantastic... Knowledge along with humour.. great

@Adawg420 5 лет назад

the chinese had access for 10 years, huh...that 1 Trillion dollar annual defense budget is really worth the price tag

@davidsandford8343 5 лет назад

very interesting

@earthman6700 4 года назад

As Captain Adama said 'I will not have networked computers on this ship!'. (a lesson from the future).

@jink6091 6 лет назад

Good speaker.

@manishahamal950 4 года назад

It gives me goosebumps whenever i see these kinda videos. But does shadow network relate to dark web??

@FamesHD 4 года назад

Manisha Hamal definitely intertwined. 011011010011110101 011000010010111 011 111011100111011100 0100110 0110101001

@rot10119 3 года назад

In what universe did the cold war create the computer?

@deancantave5233 4 года назад

This was an EXCELLENT talk on CyberSecurity, wow! Seems simple enough but I would have never thought about enabling network intrusion via the creation of a dummy or "shadow network". Since we aren't in a space where we can re-architecture how networks pass data its an ingenious idea to use a network to trap and direct hackers to make them think they've hit paydirt.

@ebaystars 2 года назад

believe me its all nonsense 99% of this presentation has no foundation in reality.

@brok3nsec 2 года назад

@@ebaystars Then why aren’t you on here presenting your newest discovery?

@ebaystars 2 года назад

@@brok3nsec no money in it :-)

@brok3nsec 2 года назад

@@ebaystars lol says you.

@AnglandAlamehnaSwedish Год назад

Dummy

@RigorMortisRape 4 года назад

When he says ‘the agents’, I keep hearing the Asians.

@crissd8283 6 лет назад

"Has technology made our lives better or worse." I would argue that it has made our lives just slightly better. There is still poverty, depression, wars, and now an online mob. Do we really want this technology even more in our lives?

@moiquiregardevideo 6 лет назад

This talk reflect the information that is verifiable in most media. The first this or that is actually the first time journalists spread the new to everybody. The experts know many more earlier examples. Just dig at the right place for counter examples. That doesn't diminish the importance of the talk. I just want to remind people to do a little more research before propagating the facts that are said in this video.

@blendpinexus1416 6 лет назад

if i found a usb stick i would insert it into my virtual machine to check and wipe it. then use it. (the wiping also wipes and replaces the partition table so ALL data is gone, nearly pemenently)

@babybirdhome 4 года назад

scooter800m None of those things you said are true except that you'd plug it into your computer. Your virtual machine can't access that USB stick until your host operating system has connected and talked to it to tell your VM that it exists in the first place. By the time your VM knows it's there, you've already been pwned. Also, if it's actually a rogue device designed to hack your machine, you're only going to be able to wipe the part that it wants you to think you've wiped, not the part that was put there to infect your machine.

@rickwrites2612 2 года назад

I don't understand why anyone would even take it. They're cheap.

@Larrythebassman 5 лет назад

Impressive

@MZITinfo 7 лет назад

I don't think the "I love you" virus was the first one to spread via email, was it?

@prantorchowdhury1842 7 лет назад

not first; but first major one

@aaronjones2429 4 года назад

What is this software that hes creating shadow clients and shadow networks?

@drrugee 4 года назад

Someone get this man a glass of water

@danieljanecka9492 3 года назад

Mic at fault.

@Gudzon91 3 года назад

haha, its so funny how i lost connection in the middle of playing this video, haha

@TheChurchHeydey 4 года назад

…………….absolutely one of the best TEDxTALKS...quality work

@quintin3871 4 года назад

Well, I did realise it and went with it just for fun. Now they got my genetics but... who's tricking who?

@danielescobar7618 Год назад

It's already happening. Just this morning I went to microwave some soup and when I got it out the bowl was scalding hot to the touch but the soup was still COLD

@FrannyWard 4 года назад

Cyberdyne Systems series T-800 Model 101 is already old news.

@francescoquadrio5824 4 года назад

One of the best Ted talks

@jaymills1573 4 года назад

This speech is informative about the way the present and future will be on cyber defense and infiltration. The down side is its bias to oneside, saying that this country or that country is making nuclear weapons. Let countries like the USA, Russia and China also have stock nuclear weapons. So if another country tries to arm itself it is added to a sanctions list. Its a case of a story not being bias to one country and keep it neatral to all countries. Keep it to science and tech and not politics.

@nirvanaurantian6834 5 лет назад

So what is new? How much time is required before a hack is found? Are you relying on your trusted software developers for security? You are a target don't you think it prudent to test your vulnerability? Would you not bait and trap? Ever considered training and education in " computer espionage "? Cyber warfare anyone?

@adishamzic8504 4 года назад

Bravo

@MrNobodyAid 9 лет назад

McAfee virus by it self :-D

@photogramistic 8 лет назад

+TheLoneWolfCz McAfee sucks actually-

@scottishross91 8 лет назад

+Makus Dhy It's probably one of the best anti-virus softwares for corporations though. My mate works with them for his IT Security Company and apparently they're fantastic. Just not for the average user.

@marc-artwork 8 лет назад

+Ross Henderson ? What ? Wiki source.Controversies[edit]On January 4, 2006, the Securities and Exchange Commission filed suit against McAfee for overstating its 1998-2000 net revenue by US$622 million.[59] Without admitting any wrongdoing, McAfee simultaneously settled the complaint, and agreed to pay a $50 million penalty and rework its accounting practices.[60] The fine was for accounting fraud; known as channel stuffing that served to inflate their revenue to their investors.[60]In October 2006, McAfee fired its president Kevin Weiss,[61] and its CEO George Samaneuk resigned under the cloud of a recent SEC investigation which also caused the departure of Kent Roberts, the General Counsel, earlier in the year. In late December 2006 both Weiss and Samaneuk had share option grant prices revised upwards by McAfee's board. Weiss and Roberts were both exonerated of all wrongdoing from the claims of McAfee in 2009.[citation needed]In January 2007, under pressure from ex-employees worldwide, several of which backed a class action in the United States, McAfee agreed to honor share options granted, but which are unable to be exercised due to the self-imposed blackout on employee options dealing.On April 21, 2010, beginning at approximately 14:00 UTC, millions of computers worldwide running Windows XP Service Pack 3 were affected by an erroneous virus definition file update by McAfee, resulting in the removal of a Windows system file (svchost.exe) on those machines, causing machines to lose network access and, in some cases, enter a reboot loop. McAfee rectified this by removing and replacing the faulty DAT file, version 5958, with an emergency DAT file, version 5959 and has posted a fix for the affected machines in their consumer knowledge base.[62][63] The University of Michigan's medical school reported that 8,000 of its 25,000 computers crashed. Police in Lexington, Ky., resorted to hand-writing reports and turned off their patrol car terminals as a precaution. Some jails canceled visitation, and Rhode Island hospitals turned away non-trauma patients at emergency rooms and postponed some elective surgeries.[64] Australian supermarket Coles reported that 10 percent (1,100) of its point-of-sales terminals were affected and was forced to shut down stores in both western and southern parts of the country.[65]As a result of the outage, McAfee implemented additional QA protocols for any releases that directly impacted critical system files. The company also rolled out additional capabilities in Artemis that provide another level of protection against false positives by leveraging a whitelist of hands-off system files.[66]In March 2011, a group of "white hat" hackers released a report that they had identified serious vulnerabilities to security at McAfee.com, pointing out flaws that could lead to information disclosure and other issues.[67]In August 2012, an issue with an update to McAfee antivirus for home and enterprise computers turned off the antivirus protection and, in many cases, prevented connection to the Internet. McAfee was criticized for being slow to address the problem, forcing network operations to spend time diagnosing the issue.[68]

@scottishross91 8 лет назад

+Marc St-Jean Well, that's just what my mate's saying. No idea if anything has changed since 2012.

@marc-artwork 8 лет назад

;-)

@flashgordonCW 4 года назад

they're going to use our kids they're going to go through the game consoles, gamers

@jazzmaxwell1 4 года назад

Hire-hacker at Mansard Security, you can visit their youtube channel or search for them on Google

@DisbyComics 8 лет назад

Aurora invaded the zipper program via the web on the Canon pixima page it presents as a graphics program but down loads as a zipper compression file and copies your downloads and permissions to download and config, asking for permissions to allow access to keychains or passphrases etc. The canadian page offers free user menu and a path to free airprint., so technically you have let them in by sharware pages where the popup is chained to the page buts jumps ahead to your program, also the real CD disk allows a graphics program to install on your PC when you think you will be installing along with the access menu, so I feel Canon is responsible for those who may have Aurora on their systems. it moves right for html authorizations of web sites from host or server data and otherwise does not perform well. Of course any file zipped with the program won't function properly and will need to be destroyed.