September 15, 2025 • 42 mins
Ted Harrington shares insights about achieving difficult goals through disciplined habits rather than relying on fleeting inspiration. He explains how the hacker mindset—being curious, non-conforming, committed, and creative—can help anyone overcome challenges and find overlooked opportunities.
• Breaking big goals into smaller, manageable pieces makes difficult tasks achievable
• Inspiration only gets you started; habits and consistency are what help you finish
• The four traits of the hacker mindset: curiosity, non-conformity, commitment, and creativity
• Focus on genuinely helping others rather than self-promotion in professional interactions
• Applying the hacker mindset can reveal opportunities others miss in any field
• AI is changing both attack and defense strategies in cybersecurity, but fundamental principles remain the same
Check out Ted's new book "Inner Hacker" to learn how to apply the hacker mindset to achieve your own goals and find hidden opportunities in your life.
Follow the Podcast on Social Media!
Tesla Referral Code: https://ts.la/joseph675128
YouTube: https://www.youtube.com/@securityunfilteredpodcast
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
How's it going, ted?
It's great to get you on thepodcast.
It's been a couple of years.
I don't know if I even had kidswhen we last talked.
I always judge it by thatbecause it's like man, how long
ago was that?
How much of my life has changedsince I last talked to someone?
Speaker 2 (00:18):
I like that.
Well, yeah, big changes for you.
So I'm excited to be back andto chat with you again.
Good to see you.
Speaker 1 (00:28):
Yeah, absolutely, I mean you, you know, you've
you've definitely been hittingthe speaking circuit a bit.
You got a new book coming out.
I mean, how do you do it?
You know, you're, you're, youseem like you're just endlessly
busy.
Speaker 2 (00:36):
It is a lot.
I was just thinking about thattoday, this morning, about how
it's like I just started I wasfeeling a little like stressed
about some of the things thatare going on right now and I
started just rattling off thethings I actively have going on
right now and I realized like Ithink it's okay to feel a little
stressed when there's there'sthis much going on, but I don't
know, I just like I find it tobe really, really inspiring and
(00:58):
invigorating to have a bunch ofdifferent things going on and
like pushing multiple differentboulders up the hill at the same
time, and I really liked that.
I mean, obviously, you knowcrosses an inflection point
sometimes where you got to pullback a little bit and do some
self-care.
But I just I think the shortanswer is I like it, I just like
working on a lot of cool thingsat the same time.
Speaker 1 (01:18):
Yeah, that is.
I really relate to that.
I find myself in that samesituation no-transcript, first
(01:51):
house, having our first kid, oh,and I'm starting my PhD all at
the same time, right, like indoing a podcast and a nine to
five, you know it's.
It's like how many more thingscan I put on top?
You know, before, before, likeI crumble, right, so I'm trying
to do a bit better of a jobabout that.
You know, like trying to stayon top of getting some exercise
in daily and, you know, cuttingoff, cutting off the projects
(02:13):
after, like November, you know,and picking them back up in like
February, you know, trying tojust figure out what works best,
to work most optimally, I guess.
Speaker 2 (02:22):
Yeah, I mean, I think really what we're talking about
here, it's kind of interesting.
I think it will relate to someof the themes we might discuss
later throughout the episode andI don't think we set out to
start with this discussion butit's really interesting talking
about these ideas of tenacityand like persistence and
resilience and how do youaccomplish big and difficult and
meaningful things.
One of the things I think isreally interesting is a lot of
(02:45):
people who haven't say, writtena book, like people ask me that
all the time.
Like, what's it like to write abook?
Tell me about the process, whatwas inspiration?
What got you started on thatstuff?
And it's really interestingbecause that is a good question
to ask, a good series ofquestions to ask, and I do think
it's the right way of like fora non-author to be thinking
about well, what does thisjourney mean?
(03:07):
But there's this really glaringelement to the question that
stands out to me as people askthat, which is it's all about
inspiration, right, like whatinspired you to write this?
What was the moment you knewyou need to write it?
And that is true.
You have this moment ofinspiration, maybe, where the
idea comes to you, and the samefor entrepreneurship, the same
for creating anything thatdidn't exist before.
You have this moment whereyou're like I can do this thing,
(03:30):
or this thing needs to be done,or maybe there's the
inspiration, that or the moment.
That's not inspiration, butit's like the commitment.
I've been kicking around thisbook idea for a while.
I've been kicking aroundstarting this company for a
while.
I've been kicking around makingthis change in my life for a
while.
Now I'm gonna do it.
But what's overlooked in allthose is that the inspiration
and that moment of commitment.
Those only get you started andthey barely get you started.
(03:53):
They are what get you off thesideline and into the game and
what it takes to complete theeffort, to finish the race, if
you will, is that's habits.
So when you set out to dosomething big you want to start
a company, start a podcast, likeyou're talking about, you want
to build a house, buy a house,invest in real estate, like
whatever the things are if youwant to do, it's like you got to
build these habits of beingable to consistently, over a
(04:17):
long period of time includingwhen it's boring or tiring or
you're burnt out being able tocontribute to those efforts.
That tenacity, that's thehacker mindset in so many ways
Like that's what hackers do isthey're just, they're persistent
, but that's what it takes.
It's not about inspiration.
It's about discipline, habitbuilding and consistency over a
period of time.
Speaker 1 (04:38):
Yeah, that's very true.
That's very accurate too.
You know, and I was talking toa friend of mine who I've known
for many years at this point andhe was trying to get into
cybersecurity or is still tryingto get into cybersecurity.
He's really just at thebeginning of his journey with
that and he was complainingabout, you know, he can't focus,
can't like stay engaged in, youknow, the material all the time
(05:00):
that he needs to and whatnot.
He's very inefficientessentially with his, with his
study time, right, and Ibasically broke it down for him
exactly like that, like you haveto learn how to hack your own
mind and you have to play gameswith your mind and you have to
continuously do it.
Like for me, when I'm studying,or when I'm writing my PhD, my
dissertation, you know like Ihave music playing in the
(05:21):
background, right, because itneeds to like occupy that part
of my brain that won't be quietso I can focus on writing, you
know.
And like I even like take itback to like when I was training
for marathons, right, like I'mout there, I'm not the fastest
runner, so it takes me foreverto complete like 20 miles, you
know, it just takes me anembarrassing amount of time and
the only way that I can do it tolike run for long distances
(05:45):
like that, because I'll getbored, my mind will get bored
and I'll talk myself out of it.
Like, why am I running this far?
Why am I running this long?
This is stupid.
You're tired, your feet hurt,your legs hurt.
You should just stop.
You're gonna pay for thistomorrow, all that sort of stuff
.
Right, I actually countbackwards, like I started
looking at my watch.
I'm like, okay, right, Iactually count backwards, like I
(06:06):
started looking at my watch.
I'm like, okay, this many stepsequal to this 0.01 of a mile,
and I got this left to go, andyou know all that sort of stuff.
So then, that's how many steps?
Like all these games.
Right, there's no reason for meto think about any of that
stuff, but I have to find a wayto preoccupy my mind to reach
that goal.
Like that's the only way that Ican do it.
Speaker 2 (06:25):
Yeah, you know what you're doing when you describe,
that is, you are preoccupyingyour mind for sure.
You've figured out the way youthink and how can you optimize
your habits or your processaround that.
So that's phenomenalself-awareness.
There's an element to whatyou're describing which is, I
think, really key to achievinganything difficult, which is
break it into smaller pieces.
(06:45):
Right, so you don't run 26.2miles in one step, you run it in
like whatever, that is, like30,000 steps or something.
And so, looking at it, like youknow, not even how do I get to
the half mile mark, halfmarathon marker.
It's like let's get to mile one, Great 25 to go, and then it's.
(07:05):
You know, I'm, you know,inserting the framework on the
way you described it, butbreaking it down into its small
things.
All right, I don't have to run25 more miles, I have to run one
more mile and then I'll checkin with those.
Maybe I'll have a water, thenmaybe I'll give myself some sort
of like you know, positivereinforcement or something.
Yeah, breaking big goal into itssub components is the way to do
(07:26):
anything that's hard, likewriting a book, as an example,
as something similar, where bythe time you're done writing a
book, you've gone through thatmanuscript like I actually don't
know exactly the number oftimes, but I would say probably
like 2030 times at least.
You've gone through everysingle word, the whole thing,
and then done it over again andeach one of those you feel like
I'm almost done.
I'm like you know, I got onemore chapter to go and.
(07:47):
But if you thought about it aslike, and then I have like two
dozen more of this, you youprobably wouldn't do it.
But if you could just look atthe thing that's just on the
horizon in front of you, like Ijust got to get part one
finished today or part onefinished this week or whatever,
(08:09):
that's week or whatever.
Speaker 1 (08:09):
That's way more achievable and it's not as
daunting and you just build ahabit, you do that over time and
that produces really bigoutcomes.
Yeah, yeah, I mean, it makes alot of sense.
That's the same mentality that,like, the special forces use
when they're going through theirtraining, right, like I don't
know if you've ever like lookedinto that or anything I
definitely have, but you knowthey always say, like if you
want to quit, cool, quittomorrow.
Don't quit right now.
Like don't quit in the moment.
Go go back to your bunk, thinkabout it when you wake up.
If you still want to quit, youknow, get through the warm,
(08:31):
we'll see.
If you still want to quit, thenyou know, like all that sort of
stuff, and you know even evenlike when I was doing wrestling,
like our coach told us he'slike this is going to be the
hardest thing that you've everdone.
Right right off the bat we bat.
We all thought that he wasjoking and, of course, like it
was absolutely the hardest thingthat we ever did physically.
And you know he even told ushe's like, just make it to the
next drill.
(08:51):
There's, there's new drillsevery five minutes.
Make it to the next, next one.
You know and reassess, right,like, don't quit right now,
don't quit in the moment, andthat's.
I think that's the thing that alot of people get caught up in,
right, it gets too difficult.
You don't know what the nextstep is, you can't see it, you
can't see the finish line and itkind of overwhelms you and you
just quit, you walk away from it.
(09:12):
It's like, oh, I can't do it,but there's millions of other
people that wrote books you know.
Speaker 2 (09:17):
So, like you can do it no-transcript wand and like
(09:53):
poof, you know they're in.
And it doesn't quite work thatway.
I mean some, in some cases itdoes.
Systems are so badly built thatit's like literally a couple
keystrokes.
But uh, for the part it's just,it's probing and pushing and
trying different things andhitting dead ends and chasing
red herrings, and you just do itover and over and over and over
and over again and eventuallyyou find that thing that may not
(10:17):
itself yet be the exploitablevulnerability, but it leads you
to the next thing and everyhacker that I ever talked to
about like what do they loveabout this?
They talk about some version ofthat, like that dopamine that
comes from that.
They're like, oh it's, it'salmost like a drug, it's like
you know, getting closer to andthen finally finding that
vulnerability.
It's like so meaningful andfulfilling and it's the, it's
(10:39):
the hard things make the payoffricher.
Right, if it was easy toachieve things like, it wouldn't
be that meaningful.
But because things can be hard,the things that are hard, those
things are the really, reallyrewarding efforts that we can
pursue.
Speaker 1 (10:53):
Yeah, no, it's like having that mentality of like,
well, what if I can do it right?
What, what if I can actuallyaccomplish this?
You know, I, I, I don't knowlike, like I started with right,
like something's wrong with mybrain where if it's too easy or
I get too used to something likeI have to switch it up and make
it really hard.
Maybe when I'm done with myresearch, I'll go the offensive
(11:14):
side of security.
I've always done the blue teamstuff.
I've always been on thedefensive side, the engineering
side, but now I'm starting toget the itch, you know, again to
to get into the offensive side.
So it's like, all right, let's,let's get this PhD done and
then I'll.
Then I'll dive into that rabbithole.
Speaker 2 (11:30):
And both sides will make you better, right?
So you go the blue route for alittle while and then you do the
red route red route for a while.
That's going to make you abetter blue teamer, and the fact
that you've been a blue teamerall along is going to make you
better a red teamer, and youkeep combining those things.
I mean, one of the things thatis a really important facet for
any aspect of life but let'stalk about in the hacking realm
(11:53):
right now is the ability tostand and analyze the viewpoint
of others Like this is whathackers are so good at this
they're able to look atsomething and think what was the
developer thinking when theybuilt this system?
Like, what was the engineeringprocess they were going through?
Why did they build it that wayand when?
Being able to put yourself insomeone else's shoes, that is
how you can then think aboutokay, well, and then how would I
(12:15):
?
Maybe?
Where are the gaps in thatthinking?
Social engineers do this all thetime, right?
That's why, like a socialengineer, if they're trying to
get into a building, they mightwear a reflective yellow vest,
because what does the person onthe other side of the table
think when they see someone walkin carrying a ladder, wearing a
yellow vest.
Oh, that person is probably amaintenance person.
They're probably supposed to behere.
Let me make their life easier.
(12:35):
Their hands are full of thisladder and all these tools, and
that's why that's so effective,because that social engineer has
put themselves in the shoes ofthe person they're trying to
deceive and try to think aboutin this person's moment, the way
they think, the way they dotheir job.
How are they going to see me?
And that is a really, reallyimportant thing to do.
So what you're talking aboutthis idea of like having
(12:56):
pursuing different elements,different angles of really the
same profession all that's goingto do is make you better, and I
think there's a lot of peoplewho feel like, once I switch
from one thing to another, nowI'm like at the basement again.
Now I have no experience, nowI'm a novice again, as if that's
a bad thing.
Being a novice is phenomenal.
First of all, that's wherecuriosity is so abundant.
(13:19):
But, yeah, you get this nowvariety of perspectives, which
is just going to make you betterat everything else that you do.
Speaker 1 (13:24):
Yeah, yeah, that is very true.
I feel like there's a stigmastill in the industry right,
where it's like it's almostdifficult for people to switch,
even within security itself.
You know, like trying to gofrom blue team to red team and
whatnot, like they just don'twant to spend the time and the
money trying to give you thatspace to learn and grow into
(13:47):
that role.
You know they want you to, Iguess, like already be the
expert, to already be.
You know the person in the roomthat knows and has the answers.
How do you get beyond that?
Speaker 2 (13:56):
Yeah, that's.
That is a tough one, becausewhen you look at a lot of job
descriptions today, they'regetting better, but a lot of
them are just preposterous.
Right, they're like you knowyou need it's an entry-level
role and you need 15 yearsexperience and a PhD, and you're
like well, which is it?
Is it an entry-level role or isit a more?
(14:17):
You know what are we talkingabout here.
So the first step is that thepeople who are hiring these
types of roles need to be alittle more realistic about what
they're looking for.
I get the idea of wanting tolike find the unicorn.
Every company wants that inevery role they ever hire.
They're like we want thisperson to excel in these ways
and we want to meet our budgetrequirements in these ways,
(14:37):
which probably don't align tothat, and it'd be great if they
also, as a secondary thing, wereelite at this other discipline.
That's unrelated to that corejob, like a lot of companies.
That's the way a lot of jobdescriptions read, and so I'm
not blaming that on any hiringmanagers, for security in
particular, because that's justlike a normal thing.
But the first step is we needto be more realistic about what
(14:58):
we're expecting to get out ofpeople.
So that's on the hiring side,on the side of the person who is
now themselves trying to getthe job.
What I'd recommend let's say,someone listening to this finds
himself in that situation andthey are applying to an
entry-level role, but the entryrequirements of the role are not
entry-level.
They're an entry-level personor maybe it's the role.
(15:20):
We see this all the time whereit's like this person needs to
have, like you know, 20 years oftech leadership and then they
also need to, and then theydescribe like the person who
does the hands-on engineering,and it's usually one path or the
other.
By that point it's not both.
So what I recommend for peoplewhen you find yourself in that
situation is you really canstand out in that interview by
(15:42):
helping the person you'reinterviewing with understand
what they're looking for better.
So that is arrived at throughclarifying and open ended
questions.
So they're going to sit downand they're going to say some
version of okay, tell me aboutyourself, or whatever.
Whatever they open with Doesn'tmatter.
That's your opportunity tostart being the investigator and
(16:03):
start saying okay.
I noticed in this jobdescription it states X, y or Z.
Could you explain to me thereasoning behind this, like
what's actually driving that?
And just keep asking thoseopen-ended questions.
Open-ended questions cannot beanswered with yes or no.
They require an expansiveanswer, and when you ask those,
you get the other personstarting to explain what it is
they're really trying toaccomplish.
(16:23):
Like what's?
You get the other personstarting to explain what it is
they're really trying toaccomplish.
What's the problem they'retrying to solve?
Why are they filling this role?
Why are they putting resourcestowards this?
And then you can help them shiftthe conversation, if you are in
fact suited for it.
Like they might describe thewhole thing, what they're really
after, and you're like oh, itturns out I'm actually I really
can't, I'm not good for that,but most likely you're good for
at least some of it.
And that's where you canreshape it and say okay, here,
(16:44):
what I'm describing, you say, isyou need blank, and here's my
expertise as it pertains toblank.
But here's why I think youshould think about it in a
slightly different way.
And there's some risk of that,because the hiring manager might
be like I don't want to thinkabout it a different way at all.
Who are you to suggest anythinglike that?
(17:07):
You might have the opposite,though, where the person is now
realizing they're thinking aboutit differently.
You have helped them thinkabout it differently.
If you're the person who'shelping them think about the job
differently, you areimmediately at the top of the
pile.
So that's how I would recommenddealing with that complex
situation.
It's not easy, but I think it'sa great way to approach it.
I mean, a lot of people want togo into a job saying here's
(17:28):
what I'm good at.
Hire me for that.
And yes, you should have that.
But I think it's much morepowerful to really truly
understand like, will this evenwork for you?
You might find out yeah, I'llexcel at this job, but I don't
actually want to work in thiscompany, or I don't want to do
this job or whatever.
It's as much up to thecandidate to figure out whether
they want to work at thatcompany or not as it is for the
(17:49):
company to decide where theywant to hire that candidate.
Speaker 1 (17:51):
Yeah, interviews definitely need to be both ways,
you know, and it's difficult todo that too as a candidate,
right, because you always feellike, at least in my shoes, I
always feel like I'm like put ata disadvantage, almost.
You know, like hiring managers,I feel like some of them will
kind of, you know, choreographthe interview in a way that like
(18:13):
hides some of the things thatwould determine or persuade me
otherwise of not going there,right, and they just always,
very conveniently, you know,leave out things like oh yeah,
we actually have no budget, wejust want you to just sit here.
You know, that sort of thing,which is, you know, for someone
like me, it's, it's like gutwrenching, it's like, okay, you
know, I made a mistake going tothis place, right, that's like
(18:36):
the worst, that's the worstfeeling, you know, because
you're not being challenged atall and you're not allowed to,
you know, change anythingyourself, which you know.
Speaker 2 (18:45):
For me, that's like not who I am no-transcript, and
(19:40):
you might be the only player inthat game now.
But, more importantly, I mean,think about it this way right,
let's say someone goes and doeslike 50 interviews,
(20:12):
no-transcript, positive thingsthat eventually do return to you
.
And like the thing that Ialways tell our team, like the
members of our businessdevelopment team, for example,
whenever they are like, whenwe're talking about coaching,
like how do you talk about whatwe do to our customers, our
(20:32):
prospective customers?
And for me, the mantra alwayscomes back to is just help this
person.
Like every meeting you go into,you're not trying to sell them
anything, you're just trying tohelp them.
If you can help this personunderstand their problem
differently, figure out a waymaybe they can go solve it,
including if that way is to nottalk, to not work with us,
(20:53):
that's fine too.
But if you come from this likeand you're genuine about it, you
genuinely wanna try to help theperson you're talking to, then
good things will happen.
And I think for a lot of themthat's a surprise.
They're like aren't peoplesupposed to talk about sales in
terms of, like, click rates andopen rates, persuasion tactics
and stuff, and it's like yeah, Imean I guess there's probably a
(21:13):
lot of sales engineering youcan do around that, but I just
think it's just helps them Like,if you, if you start everything
with that ethos, good thingswill happen and that's, I think,
a great way to think aboutsales, that's a great way to
think about selling yourself interms of getting a role, and
that's just a great way to likehumans want to treat each other
getting a role and that's just agreat way like humans want to
(21:34):
treat each other.
Speaker 1 (21:37):
Yeah, recently fairly recently, you know, last year I
went onto the professionalservices side of security and
it's it's great to see that Iguess I'm doing the right thing.
You know, when I start theconversation off with saying
like, hey, tell me what yourbiggest challenges are, right,
I'm not like even sellinganything.
You know, I give them mybackground as like a initial
intro or whatever, and then I'mjust tell me what your issues
are and if I can't help you, youknow I'll send you somewhere
(21:58):
else.
Like, I know a lot of people inthe industry, I'm sure I can
find someone to help you.
You know, that always seems topan out a whole lot better than
just trying to sell them aservice or a solution or
whatever it might be.
And even the most successfulsalespeople that I've worked
with throughout my career they Imean they spend like five
(22:19):
minutes at the end of theconversation just being like, oh
yeah, like you know, I got thisthing over here.
If you want it, we can do it,but if not, no worries.
You know, like that sort ofmentality and having that having
that interest right, because itcomes down to having a genuine
interest in the person in frontof you, rather than seeing them
(22:40):
as a dollar sign or, you know,making some sort of money off of
them or whatever.
You're just here to help themand when you're genuinely there
to just help, you know, I thinkit comes off a whole lot, whole
lot better, a whole lotdifferent, and it works out
better for everyone.
Speaker 2 (22:50):
I mean people want to work with, do business with,
partner with, et cetera.
People they like I'm in theprocess right now of
interviewing for a new taxstrategist.
I mean talk about a snooze of aprofession to be interviewing
people about, right, and I'venarrowed it down to maybe three
or four.
They all seem very, verycapable.
(23:11):
They all know the tax codebetter than I do.
So then it's like, okay, wellthen, what you know, and now I'm
realizing, like of these threeor four, all roughly equally
qualified, fees vary, but it'snot like you know orders of
magnitude and variation.
It comes down to like the guythat I like talking to, like the
guy who understands my business, who was asking clarifying
(23:35):
questions, who's like curious,not just about like the numbers
but about oh, why do you make,why'd you make that particular
business decision, what'sdriving next, et cetera.
It's like that's the guy I wantto do business with, cause he's
like he's interested and he'sengaged and I like him.
I think just I know it's maybenot as actionable of advice like
be likable to other people, butbeing likable starts with
(23:56):
wanting to help other people.
Like if you genuinely careabout other people and helping
them, you can overcome anyinterpersonal conversational
deficiencies that you might haveif you just want to help other
people.
Speaker 1 (24:09):
Yeah, that's a great point.
So you know, tell me about yourbook that's coming out.
I think I'm registered to findout when it goes live.
But tell me, tell me what thisnew book is.
Speaker 2 (24:19):
Yeah, the new book is called Inner Hacker and the
concept of it is for a generalaudience, so I wrote this for
everyone, not just securityprofessionals.
I want people to be able tothink like a hacker, and what I
do in this book is I've first,of course, explore what that
means Like.
What does it mean to think likea hacker, what are hackers?
And then examine well whathappens when you do think like a
hacker.
So what happens when you thinklike a hacker is it helps you
(24:42):
think independently, it helpsyou think differently about the
situation.
Whatever the situation is Maybeit's starting a company,
getting a job, getting promoted,starting a charity, changing
your career, whatever If youapply the hacker mindset, you
could think about that situationdifferently.
And when you think about itdifferently, that reveals these
overlooked opportunities, thesethings that other people have
(25:04):
missed, and that's what makeshackers successful when it comes
to finding exploitable securityvulnerabilities in, say,
software systems.
But that's a mindset, right.
That's not about technicalskills.
That's about how you thinkabout something.
And so in this book I analyze, I, through storytelling, explore
well, what does that mean, whatare the different elements to
(25:25):
how a hacker thinks, and then,most importantly, how can
someone apply it Like it's onething to be like you should
think like a hacker and peopleare like, okay, that sounds
interesting, now what?
And so this book is sort of thenow what.
So I mean, obviously there'sthe convince.
I'm trying to convince why youshould do this, and then I, it's
very actionable in terms ofteaching people how to do that.
I mean, I get to spend everyday around hackers.
(25:46):
Hackers are my friends.
I go on vacation with hackersand I just I think the hacker
mindset is a superpower and whatI'm trying to do with this book
is to teach that superpower toeveryone who is interested in a
new way of thinking.
Speaker 1 (25:58):
Yeah, it seems like everyone has that to some extent
or they have.
You know, that need rightBecause, like, just going back
to like kind of how we startedthe conversation, where you have
to find a way to hack your ownmind to get yourself through the
roadblocks that you encounter.
You know, like when I was, whenI was starting my dissertation,
(26:19):
I was having huge writer'sblock, you know, and my chair
literally had to break it down.
He's like just give me aparagraph.
You know, give me foursentences.
Can you give me four sentences?
You know, like on this firstlittle intro, just talk about
yourself for four sentences.
Oh, okay, I can do that.
It's like, okay Now, like talkabout this, this topic.
(26:39):
What's the first part of it?
You know, like what?
Why does it matter?
You know, and once, once, I wasable to like kind of hack my
own mindset.
Now I'm a hundred pages in andI'm not close to being done,
unfortunately, but you know,like it got me there, it got me
through it and now I'm able towork my way through, you know,
those problems that I wasencountering.
(26:59):
I love that.
Speaker 2 (27:00):
Yeah, it's interesting because some of the
things we talk about at the topof the show are directly
reflected in this book, like theidea of like doing one more
thing, how to build habits, howto basically be more tenacious,
cause that's, that's one of thekey elements I mean I've I've
had through the course ofinterviewing and writing this
(27:20):
book, and I gave a Ted talkcalled why you need to think
like a hacker and sort of so,working on that, all these
things they helped me likedistill down what does it
actually mean to think like ahacker?
It's a pretty cool process.
I got to go reach out tohackers that I respect and
admire and ask them thatquestion what does that mean to
you?
And I basically distilled itdown to these four traits that
(27:41):
hackers are they're curious,they are non-conforming, they're
committed and they're creative.
So those the four Cs, as Ithink about them, hackers are
curious, their hackers areinquisitive, they want to
understand how things work, whyit works that way, all that
stuff.
The second is that hackers arecommitted or, sorry, are
non-conforming, meaning thatthey're not willing to follow
(28:02):
along where the herd is goingjust because the herd is going
there.
They want to thinkindependently and say well, I
know I should do X, but what ifI did Y?
So that's non-conformity.
And then hackers are committed,which is to say that hackers
are willing to invest the time,the effort, the love, the
passion, the person power,whatever the resources may be
required, to pursue theirtargets.
And then, finally, hackers arecreative, meaning that hackers
(28:25):
come up with these reallyelegant and beautiful and
innovative approaches to solvingproblems, like, oh, no one had
thought to combine A with B, butwhen you combine A with B, it
creates this thing that's likeexponentially more impactful
than either A or B.
And hackers do that stuff everysingle day, and so it's been a
really enjoyable journey thendigging into each one of those
(28:48):
and thinking about well, whatdoes that mean and how can I
teach that?
What are stories thatillustrate that?
And that's basically what thebook does.
Speaker 1 (28:55):
And it's all really built off of habits?
I think it does.
Would you think that you knowthat hacker mindset comes from
just having the right habits?
Speaker 2 (29:05):
I think so.
I mean, I think hackers arelike any group.
You know, people exist on aspectrum and I'm sure there's
the people in the hackercommunity who would say they
have terrible habits and somewho have incredibly disciplined
habits.
But that would be aself-assessment of themselves
within their own spectrum.
When I think about what ittakes for someone to be
interested in and successful athacking as a profession, it does
(29:28):
require habits.
They have to be willing to gokind of do the same, attempt,
the same types of things overand over again.
Maybe they're changingdifferent types of systems or
going after it in a differentway or trying to, you know,
arrive at a different outcome.
But yeah, it's a lot of buyingsomething that hasn't worked 70%
of the time, 80% of the time,90% of the time you're willing
(29:49):
to do it again anyway.
And I often think about thismetaphorically, as like you
think about Olympic athletes andwhat makes an Olympic athlete
that level of elite starts with,of course, genetics.
They had to be predisposed in acertain way to even be eligible
to build themselves into acertain thing.
But once you move beyond that,then it's like they've, of
(30:12):
course, got to have invested thetime and effort and like
building their body in a certainway.
But there's this one detailthat's really interesting about
Olympians is that they'rewilling to do the boring thing
thousands of times, like they'rewilling to eat unseasoned
chicken breasts three times aday for 10 years, and most
people aren't willing to committo do something boring or
(30:34):
unappealing repeatedly for along period of time, and it's
more than that.
But without that, someone willnever become an Olympian.
Just the same way, someone willnever become a successful
hacker if they're not willing tobe tenacious and persistent and
adapt and pivot and, just youknow, keep pushing forward.
Speaker 1 (30:52):
Yeah, yeah, it's like what Jay Cutler says when he
was trying to be Mr Olympia.
You know he ate not for flavor,not for taste or anything like
that.
Right, it was just literally.
It was literally the nutrientsthat he was putting in.
You know, like how clean it wasand whatnot, and he even talked
about.
He's like, yeah, I eat 12 timesa day.
You know, every two hours I'meating and I don't enjoy
(31:14):
anything that I'm eating.
None of it, like it's justthere.
I couldn't even imagine thatwould be a tough one.
Thankfully it's not my job.
Speaker 2 (31:22):
Yeah, I mean something like that you're.
The reason someone like that isable to do that is because of a
larger mission, something thatthey're striving towards and
they've they've started with theoutcome.
Like this is how you break anybig thing down and you build it
towards habits.
You start with the outcome youwant to achieve and then you
determine what would themeasurements need to be along
(31:44):
the way in order for thatoutcome to be most likely to be
delivered?
So, whatever the goal is,there's going to be some sort of
measurement that would met.
Like you know, someone says Iwant to be rich someday.
Okay, well, what's themeasurement?
What does that mean?
And you define that as either,like you know, dollars in a bank
account, or total net worth, orpassive cashflow, or whatever
it is that.
However, someone defines that,and then you say, okay, well,
(32:07):
now I've defined let's forsimplicity sake, let's say it's
dollars of passive cashflow fromreal estate investment.
Okay, well, what do I need todo in order to build a portfolio
that gets to that?
And then you can break that down.
And then you say, okay, well,in order to do that, I have to
have this many properties.
Okay, what does it take toacquire a property, what
requires this type of action?
You can take that all the waydown to your daily habit and in
(32:31):
that case, the daily habit mightbe I'm going to analyze five
deals per day and make one offerper day.
I don't know if those areactually what the metrics might
be or the habit might be, butlet's just, for simplicity's
sake, let's say it's that If youworked it backwards and you
said that analyzing five deals aday and making one offer a day
every day means that eventuallyI will build a portfolio that's
(32:54):
going to lead to that, now youcan say now I don't need to
worry about the outcome, I don'tneed to worry about the
measurements, I only need tofocus on the habit.
And that's what someone like MrOlympia story you're telling.
That's what he's doing.
Is he's saying look, I know, toachieve my bodybuilding goal,
it requires me to eat 12 times aday, every two hours after this
(33:15):
, many calories of thiscleanliness, and he can focus on
each meal just doing that thing.
And it's attached to thatlarger outcome.
And that's that's how youconnect the dots between the two
and people who truly have thatmission that they're they're
pursuing and are willing to dothat reverse engineering down to
the daily habits.
That's how you get there.
Speaker 1 (33:29):
Yeah, it's breaking it down into easily consumable
pieces.
It's like, oh, I got to do thisone thing every single day.
It takes me an hour to do it.
Okay, I can do that.
It's a lot easier to fall intothat habit than it is to do the
other 20 things that couldenable you to be successful in
that area.
So you know, where do you seethe industry going right now,
(33:55):
with AI and LLMs, you know,becoming prominent, right?
I mean, last time you were on,I don't even think Chad GPT was
around right.
So, like, everything is justaccelerated, right.
And now it's becoming moreimportant than ever.
Actually, the topic of yourbook has become more important
than ever For people that are ina situation where AI may offset
(34:18):
their job or put theirlivelihood at risk in some
degree.
Maybe companies are moving tooquickly towards AI and it's
offsetting their employee baseright, and they're probably
going to be moving back rightpretty soon.
But where do you think theindustry is going in the next
couple of years with justeverything going on in the world
?
Speaker 2 (34:38):
Yeah, I mean, it's interesting to see the hype
cycle happening around AI, andthis hype cycle has its unique
characteristics, for sure, butit also shares a lot of the same
characteristics with each ofthe preceding hype cycles we've
been through.
Iot was a hype cycle,blockchain was a hype cycle
Bring your own device hype cycle.
Cloud was a hype cycle Allthese things like.
(35:00):
At the early emergence of thesetechnologies, there was this
general sense of like,everything is different now.
Everything is different now.
That's exactly what it feelslike different now.
Everything is different now.
That's exactly what it feelslike with AI.
Everything is different now,and there's some truth to that,
but the fundamental truth isthat the principles are the same
how we build better, moresecure systems.
Those truths are universal andthey're timeless.
(35:23):
The application of thoseprinciples is what's different
now.
So that's one thing Idefinitely want to in any
discussion around AI, I want tomake sure we're grounded in the
fact that, like this is we'vebeen through this and we will go
through this again.
You know, five years from now,we're going to be like remember
when AI was that big thing?
Well, now it's.
I don't know, quantum isprobably going to be the next
hype cycle, but there's going tobe some hype cycle after this
(35:45):
where AI is just like and alsoran, but it's some other thing.
That's the main topic.
So there's that for us for sureto consider.
But as we are in the frothiestpart of the hype cycle right now
, things are changing, and forbetter and for worse.
So the way things are worse isthat if AI is further
(36:05):
democratizing attack techniquesso by that what I mean that's a
fancy way of saying it'senabling lower skilled attackers
to be able to do more, and thathas always been true.
I mean, the dark web is full oforganizations selling very
sophisticated attack tools thata low sophisticated adversary
(36:27):
can buy and then just run.
They don't need to havedeveloped this thing themselves,
they just pay for it and thenthey go execute it.
And so this is similar in that.
I think a perfectlyillustrative example is when you
think about all those scamtexts that all of us get all day
, nonstop.
They're starting to get betterright Forever.
The red flag well, first of all,it's been like some random
(36:48):
number texting you some randomthing Right out the gate.
You're like I probably don'tknow who this person is, but
there's a red flag within that,even if maybe you're the kind of
person who does get a lot ofrandom text messages from a lot
of random people, maybe justmeet a lot of people at
conferences or out at bars orwhatever and there was always a
red flag that was like justweird phrasing.
And there was always a red flagthat was like just weird
(37:08):
phrasing, broken English, weirdpunctuation, and you're like no,
this doesn't, this doesn't seemright.
Well, now they're gettingreally good, like I got one.
I got one yesterday that was somy, you know, as everyone's
cell phone number, it designateslike what region of the country
that phone number comes fromand the text had been like hey,
(37:30):
I'm coming to insert that areanext week.
We should get together.
That sounds like a text messagethat a person, a real human,
would send to another real human.
And I think that a message likethat was so good because
someone not a native Englishspeaker, probably went to a chat
GPT or equivalent I'm notblaming chat GPT, but some LLM
(37:51):
and said you know, I want to saythis.
I wanted to say in casualAmerican English how would
someone text someone that saidsomething like that?
And probably gave him a wholebunch of options.
I got another one that was itwas.
It said something like it was ajoke.
I was like almost mid joke,like hey, remember when we were
lost for three hours because yourefused to ask for directions?
There's a lot of people, men inparticular, who would be like I
(38:13):
don't remember this specificthing, but that is something I
did do, and so that's an examplewhere things are getting worse,
like AI is helping attackersbecome more sophisticated or
lower skilled attackers getbetter, but it's also helping
like things are improving, Ithink, for the defender defender
side, because various AI toolsare enabling us to do more with
(38:35):
the same person powers, like anexample might be, maybe like
data classification.
You've got this hugeunstructured data set and it's
this massive bale of hay andsomewhere in there is a needle
and being able to pick throughit manually, you just might take
forever, you might not be ableto find it, but AI can comb
through, it can organize things,and all of a sudden, you're not
looking at a whole bale of hay,you're looking at like a
(38:57):
handful of hay and now you canmuch more easily comb through
that.
So those are the kinds ofthings that I'm seeing change.
Speaker 1 (39:06):
Yeah, it's definitely becoming more difficult.
No-transcript.
(39:35):
This stuff is getting way tooway, too good.
I can't even imagine being youknow, someone you know at the
end of their career, at the endof you know retirement right,
getting getting hacked like thisor getting, you know, you know,
this sort of attack like this.
I don't think I would be ableto stay on top of it.
You know like, even as sharp asI am, like at some point I
(39:56):
don't know, I want to go golf orsomething for the next 10 years
and I don't think I'd be ableto keep up.
Yep.
Speaker 2 (40:01):
Yeah, I mean even as diligent, as as we all are right
, like there.
It could also just be even allare right, like there.
It could also just be, even asyou're in the profession today,
it could just be a matter oftiming, right Like the times I
find myself like almost fallingfor something, or when that
attack has come in, that, youknow, phishing attempt has come
in at the exact moment when I'mactually expecting something
(40:24):
similar, you know, like theclassic one, like something
about a package, and it's like,oh, I'm expecting a package
today.
Here's this thing about apackage, the package.
There's an issue with thepackage.
Now, fortunately, I always,like you know, check myself
before I go do that.
But eventually, you know,someone might get lucky where
the right technique was used atthe right moment, where even
someone who's incrediblydiligent misses it.
(40:44):
And that's the reality of theworld we live in.
Speaker 1 (40:52):
But they're getting better.
They're getting harder to spotand AI is definitely helping
with that.
Yeah, I'm sure that that attackvector is really going to ramp
up in the next couple of weekswith Apple's new iPhone release.
I mean, I remember the lasttime when I ordered a phone like
I got that exact thing.
Oh, there's been a problem withyour package with UPS, like, ok
, well, apple shipping it viaUPS.
You know, I'm supposed to begetting it today.
Let's go check through Apple.
Oh, it's fine, I'm going toignore this text, but yeah, ted,
(41:15):
it's been a great, greatconversation.
I really enjoyed having youback on Me too.
Speaker 2 (41:22):
Yeah, thanks for having me and for anyone who's
listening and is wanting to stayin touch with me or learn more
about my books or TED Talks ortalks or anything like that.
It's pretty easy Easy to get ahold of Just find me at
tedherringtoncom.
Speaker 1 (41:36):
Yeah, absolutely.
I mean, I was going to ask youbefore you mentioned it.
But, thanks, Thanks everyonefor listening.
You know, I really hope thatyou enjoyed this episode.
Go check out Ted's books.
They're fantastic.
I got the first one.
I'm definitely going to beginthe second one.
Fantastic reads for anyone,anyone and everyone.
All right, Thanks everyone,Thank you.
How's it going, ted?
It's great to get you on thepodcast.
It's been a couple of years.
I don't know if I even had kidswhen we last talked.
I always judge it by thatbecause it's like man, how long
ago was that?
How much of my life has changedsince I last talked to someone?
Speaker 2 (00:18):
I like that.
Well, yeah, big changes for you.
So I'm excited to be back andto chat with you again.
Good to see you.
Speaker 1 (00:28):
Yeah, absolutely, I mean you, you know, you've
you've definitely been hittingthe speaking circuit a bit.
You got a new book coming out.
I mean, how do you do it?
You know, you're, you're, youseem like you're just endlessly
busy.
Speaker 2 (00:36):
It is a lot.
I was just thinking about thattoday, this morning, about how
it's like I just started I wasfeeling a little like stressed
about some of the things thatare going on right now and I
started just rattling off thethings I actively have going on
right now and I realized like Ithink it's okay to feel a little
stressed when there's there'sthis much going on, but I don't
know, I just like I find it tobe really, really inspiring and
(00:58):
invigorating to have a bunch ofdifferent things going on and
like pushing multiple differentboulders up the hill at the same
time, and I really liked that.
I mean, obviously, you knowcrosses an inflection point
sometimes where you got to pullback a little bit and do some
self-care.
But I just I think the shortanswer is I like it, I just like
working on a lot of cool thingsat the same time.
Speaker 1 (01:18):
Yeah, that is.
I really relate to that.
I find myself in that samesituation no-transcript, first
(01:51):
house, having our first kid, oh,and I'm starting my PhD all at
the same time, right, like indoing a podcast and a nine to
five, you know it's.
It's like how many more thingscan I put on top?
You know, before, before, likeI crumble, right, so I'm trying
to do a bit better of a jobabout that.
You know, like trying to stayon top of getting some exercise
in daily and, you know, cuttingoff, cutting off the projects
(02:13):
after, like November, you know,and picking them back up in like
February, you know, trying tojust figure out what works best,
to work most optimally, I guess.
Speaker 2 (02:22):
Yeah, I mean, I think really what we're talking about
here, it's kind of interesting.
I think it will relate to someof the themes we might discuss
later throughout the episode andI don't think we set out to
start with this discussion butit's really interesting talking
about these ideas of tenacityand like persistence and
resilience and how do youaccomplish big and difficult and
meaningful things.
One of the things I think isreally interesting is a lot of
(02:45):
people who haven't say, writtena book, like people ask me that
all the time.
Like, what's it like to write abook?
Tell me about the process, whatwas inspiration?
What got you started on thatstuff?
And it's really interestingbecause that is a good question
to ask, a good series ofquestions to ask, and I do think
it's the right way of like fora non-author to be thinking
about well, what does thisjourney mean?
(03:07):
But there's this really glaringelement to the question that
stands out to me as people askthat, which is it's all about
inspiration, right, like whatinspired you to write this?
What was the moment you knewyou need to write it?
And that is true.
You have this moment ofinspiration, maybe, where the
idea comes to you, and the samefor entrepreneurship, the same
for creating anything thatdidn't exist before.
You have this moment whereyou're like I can do this thing,
(03:30):
or this thing needs to be done,or maybe there's the
inspiration, that or the moment.
That's not inspiration, butit's like the commitment.
I've been kicking around thisbook idea for a while.
I've been kicking aroundstarting this company for a
while.
I've been kicking around makingthis change in my life for a
while.
Now I'm gonna do it.
But what's overlooked in allthose is that the inspiration
and that moment of commitment.
Those only get you started andthey barely get you started.
(03:53):
They are what get you off thesideline and into the game and
what it takes to complete theeffort, to finish the race, if
you will, is that's habits.
So when you set out to dosomething big you want to start
a company, start a podcast, likeyou're talking about, you want
to build a house, buy a house,invest in real estate, like
whatever the things are if youwant to do, it's like you got to
build these habits of beingable to consistently, over a
(04:17):
long period of time includingwhen it's boring or tiring or
you're burnt out being able tocontribute to those efforts.
That tenacity, that's thehacker mindset in so many ways
Like that's what hackers do isthey're just, they're persistent
, but that's what it takes.
It's not about inspiration.
It's about discipline, habitbuilding and consistency over a
period of time.
Speaker 1 (04:38):
Yeah, that's very true.
That's very accurate too.
You know, and I was talking toa friend of mine who I've known
for many years at this point andhe was trying to get into
cybersecurity or is still tryingto get into cybersecurity.
He's really just at thebeginning of his journey with
that and he was complainingabout, you know, he can't focus,
can't like stay engaged in, youknow, the material all the time
(05:00):
that he needs to and whatnot.
He's very inefficientessentially with his, with his
study time, right, and Ibasically broke it down for him
exactly like that, like you haveto learn how to hack your own
mind and you have to play gameswith your mind and you have to
continuously do it.
Like for me, when I'm studying,or when I'm writing my PhD, my
dissertation, you know like Ihave music playing in the
(05:21):
background, right, because itneeds to like occupy that part
of my brain that won't be quietso I can focus on writing, you
know.
And like I even like take itback to like when I was training
for marathons, right, like I'mout there, I'm not the fastest
runner, so it takes me foreverto complete like 20 miles, you
know, it just takes me anembarrassing amount of time and
the only way that I can do it tolike run for long distances
(05:45):
like that, because I'll getbored, my mind will get bored
and I'll talk myself out of it.
Like, why am I running this far?
Why am I running this long?
This is stupid.
You're tired, your feet hurt,your legs hurt.
You should just stop.
You're gonna pay for thistomorrow, all that sort of stuff
.
Right, I actually countbackwards, like I started
looking at my watch.
I'm like, okay, right, Iactually count backwards, like I
(06:06):
started looking at my watch.
I'm like, okay, this many stepsequal to this 0.01 of a mile,
and I got this left to go, andyou know all that sort of stuff.
So then, that's how many steps?
Like all these games.
Right, there's no reason for meto think about any of that
stuff, but I have to find a wayto preoccupy my mind to reach
that goal.
Like that's the only way that Ican do it.
Speaker 2 (06:25):
Yeah, you know what you're doing when you describe,
that is, you are preoccupyingyour mind for sure.
You've figured out the way youthink and how can you optimize
your habits or your processaround that.
So that's phenomenalself-awareness.
There's an element to whatyou're describing which is, I
think, really key to achievinganything difficult, which is
break it into smaller pieces.
(06:45):
Right, so you don't run 26.2miles in one step, you run it in
like whatever, that is, like30,000 steps or something.
And so, looking at it, like youknow, not even how do I get to
the half mile mark, halfmarathon marker.
It's like let's get to mile one, Great 25 to go, and then it's.
(07:05):
You know, I'm, you know,inserting the framework on the
way you described it, butbreaking it down into its small
things.
All right, I don't have to run25 more miles, I have to run one
more mile and then I'll checkin with those.
Maybe I'll have a water, thenmaybe I'll give myself some sort
of like you know, positivereinforcement or something.
Yeah, breaking big goal into itssub components is the way to do
(07:26):
anything that's hard, likewriting a book, as an example,
as something similar, where bythe time you're done writing a
book, you've gone through thatmanuscript like I actually don't
know exactly the number oftimes, but I would say probably
like 2030 times at least.
You've gone through everysingle word, the whole thing,
and then done it over again andeach one of those you feel like
I'm almost done.
I'm like you know, I got onemore chapter to go and.
(07:47):
But if you thought about it aslike, and then I have like two
dozen more of this, you youprobably wouldn't do it.
But if you could just look atthe thing that's just on the
horizon in front of you, like Ijust got to get part one
finished today or part onefinished this week or whatever,
(08:09):
that's week or whatever.
Speaker 1 (08:09):
That's way more achievable and it's not as
daunting and you just build ahabit, you do that over time and
that produces really bigoutcomes.
Yeah, yeah, I mean, it makes alot of sense.
That's the same mentality that,like, the special forces use
when they're going through theirtraining, right, like I don't
know if you've ever like lookedinto that or anything I
definitely have, but you knowthey always say, like if you
want to quit, cool, quittomorrow.
Don't quit right now.
Like don't quit in the moment.
Go go back to your bunk, thinkabout it when you wake up.
If you still want to quit, youknow, get through the warm,
(08:31):
we'll see.
If you still want to quit, thenyou know, like all that sort of
stuff, and you know even evenlike when I was doing wrestling,
like our coach told us he'slike this is going to be the
hardest thing that you've everdone.
Right right off the bat we bat.
We all thought that he wasjoking and, of course, like it
was absolutely the hardest thingthat we ever did physically.
And you know he even told ushe's like, just make it to the
next drill.
(08:51):
There's, there's new drillsevery five minutes.
Make it to the next, next one.
You know and reassess, right,like, don't quit right now,
don't quit in the moment, andthat's.
I think that's the thing that alot of people get caught up in,
right, it gets too difficult.
You don't know what the nextstep is, you can't see it, you
can't see the finish line and itkind of overwhelms you and you
just quit, you walk away from it.
(09:12):
It's like, oh, I can't do it,but there's millions of other
people that wrote books you know.
Speaker 2 (09:17):
So, like you can do it no-transcript wand and like
(09:53):
poof, you know they're in.
And it doesn't quite work thatway.
I mean some, in some cases itdoes.
Systems are so badly built thatit's like literally a couple
keystrokes.
But uh, for the part it's just,it's probing and pushing and
trying different things andhitting dead ends and chasing
red herrings, and you just do itover and over and over and over
and over again and eventuallyyou find that thing that may not
(10:17):
itself yet be the exploitablevulnerability, but it leads you
to the next thing and everyhacker that I ever talked to
about like what do they loveabout this?
They talk about some version ofthat, like that dopamine that
comes from that.
They're like, oh it's, it'salmost like a drug, it's like
you know, getting closer to andthen finally finding that
vulnerability.
It's like so meaningful andfulfilling and it's the, it's
(10:39):
the hard things make the payoffricher.
Right, if it was easy toachieve things like, it wouldn't
be that meaningful.
But because things can be hard,the things that are hard, those
things are the really, reallyrewarding efforts that we can
pursue.
Speaker 1 (10:53):
Yeah, no, it's like having that mentality of like,
well, what if I can do it right?
What, what if I can actuallyaccomplish this?
You know, I, I, I don't knowlike, like I started with right,
like something's wrong with mybrain where if it's too easy or
I get too used to something likeI have to switch it up and make
it really hard.
Maybe when I'm done with myresearch, I'll go the offensive
(11:14):
side of security.
I've always done the blue teamstuff.
I've always been on thedefensive side, the engineering
side, but now I'm starting toget the itch, you know, again to
to get into the offensive side.
So it's like, all right, let's,let's get this PhD done and
then I'll.
Then I'll dive into that rabbithole.
Speaker 2 (11:30):
And both sides will make you better, right?
So you go the blue route for alittle while and then you do the
red route red route for a while.
That's going to make you abetter blue teamer, and the fact
that you've been a blue teamerall along is going to make you
better a red teamer, and youkeep combining those things.
I mean, one of the things thatis a really important facet for
any aspect of life but let'stalk about in the hacking realm
(11:53):
right now is the ability tostand and analyze the viewpoint
of others Like this is whathackers are so good at this
they're able to look atsomething and think what was the
developer thinking when theybuilt this system?
Like, what was the engineeringprocess they were going through?
Why did they build it that wayand when?
Being able to put yourself insomeone else's shoes, that is
how you can then think aboutokay, well, and then how would I
(12:15):
?
Maybe?
Where are the gaps in thatthinking?
Social engineers do this all thetime, right?
That's why, like a socialengineer, if they're trying to
get into a building, they mightwear a reflective yellow vest,
because what does the person onthe other side of the table
think when they see someone walkin carrying a ladder, wearing a
yellow vest.
Oh, that person is probably amaintenance person.
They're probably supposed to behere.
Let me make their life easier.
(12:35):
Their hands are full of thisladder and all these tools, and
that's why that's so effective,because that social engineer has
put themselves in the shoes ofthe person they're trying to
deceive and try to think aboutin this person's moment, the way
they think, the way they dotheir job.
How are they going to see me?
And that is a really, reallyimportant thing to do.
So what you're talking aboutthis idea of like having
(12:56):
pursuing different elements,different angles of really the
same profession all that's goingto do is make you better, and I
think there's a lot of peoplewho feel like, once I switch
from one thing to another, nowI'm like at the basement again.
Now I have no experience, nowI'm a novice again, as if that's
a bad thing.
Being a novice is phenomenal.
First of all, that's wherecuriosity is so abundant.
(13:19):
But, yeah, you get this nowvariety of perspectives, which
is just going to make you betterat everything else that you do.
Speaker 1 (13:24):
Yeah, yeah, that is very true.
I feel like there's a stigmastill in the industry right,
where it's like it's almostdifficult for people to switch,
even within security itself.
You know, like trying to gofrom blue team to red team and
whatnot, like they just don'twant to spend the time and the
money trying to give you thatspace to learn and grow into
(13:47):
that role.
You know they want you to, Iguess, like already be the
expert, to already be.
You know the person in the roomthat knows and has the answers.
How do you get beyond that?
Speaker 2 (13:56):
Yeah, that's.
That is a tough one, becausewhen you look at a lot of job
descriptions today, they'regetting better, but a lot of
them are just preposterous.
Right, they're like you knowyou need it's an entry-level
role and you need 15 yearsexperience and a PhD, and you're
like well, which is it?
Is it an entry-level role or isit a more?
(14:17):
You know what are we talkingabout here.
So the first step is that thepeople who are hiring these
types of roles need to be alittle more realistic about what
they're looking for.
I get the idea of wanting tolike find the unicorn.
Every company wants that inevery role they ever hire.
They're like we want thisperson to excel in these ways
and we want to meet our budgetrequirements in these ways,
(14:37):
which probably don't align tothat, and it'd be great if they
also, as a secondary thing, wereelite at this other discipline.
That's unrelated to that corejob, like a lot of companies.
That's the way a lot of jobdescriptions read, and so I'm
not blaming that on any hiringmanagers, for security in
particular, because that's justlike a normal thing.
But the first step is we needto be more realistic about what
(14:58):
we're expecting to get out ofpeople.
So that's on the hiring side,on the side of the person who is
now themselves trying to getthe job.
What I'd recommend let's say,someone listening to this finds
himself in that situation andthey are applying to an
entry-level role, but the entryrequirements of the role are not
entry-level.
They're an entry-level personor maybe it's the role.
(15:20):
We see this all the time whereit's like this person needs to
have, like you know, 20 years oftech leadership and then they
also need to, and then theydescribe like the person who
does the hands-on engineering,and it's usually one path or the
other.
By that point it's not both.
So what I recommend for peoplewhen you find yourself in that
situation is you really canstand out in that interview by
(15:42):
helping the person you'reinterviewing with understand
what they're looking for better.
So that is arrived at throughclarifying and open ended
questions.
So they're going to sit downand they're going to say some
version of okay, tell me aboutyourself, or whatever.
Whatever they open with Doesn'tmatter.
That's your opportunity tostart being the investigator and
(16:03):
start saying okay.
I noticed in this jobdescription it states X, y or Z.
Could you explain to me thereasoning behind this, like
what's actually driving that?
And just keep asking thoseopen-ended questions.
Open-ended questions cannot beanswered with yes or no.
They require an expansiveanswer, and when you ask those,
you get the other personstarting to explain what it is
they're really trying toaccomplish.
(16:23):
Like what's?
You get the other personstarting to explain what it is
they're really trying toaccomplish.
What's the problem they'retrying to solve?
Why are they filling this role?
Why are they putting resourcestowards this?
And then you can help them shiftthe conversation, if you are in
fact suited for it.
Like they might describe thewhole thing, what they're really
after, and you're like oh, itturns out I'm actually I really
can't, I'm not good for that,but most likely you're good for
at least some of it.
And that's where you canreshape it and say okay, here,
(16:44):
what I'm describing, you say, isyou need blank, and here's my
expertise as it pertains toblank.
But here's why I think youshould think about it in a
slightly different way.
And there's some risk of that,because the hiring manager might
be like I don't want to thinkabout it a different way at all.
Who are you to suggest anythinglike that?
(17:07):
You might have the opposite,though, where the person is now
realizing they're thinking aboutit differently.
You have helped them thinkabout it differently.
If you're the person who'shelping them think about the job
differently, you areimmediately at the top of the
pile.
So that's how I would recommenddealing with that complex
situation.
It's not easy, but I think it'sa great way to approach it.
I mean, a lot of people want togo into a job saying here's
(17:28):
what I'm good at.
Hire me for that.
And yes, you should have that.
But I think it's much morepowerful to really truly
understand like, will this evenwork for you?
You might find out yeah, I'llexcel at this job, but I don't
actually want to work in thiscompany, or I don't want to do
this job or whatever.
It's as much up to thecandidate to figure out whether
they want to work at thatcompany or not as it is for the
(17:49):
company to decide where theywant to hire that candidate.
Speaker 1 (17:51):
Yeah, interviews definitely need to be both ways,
you know, and it's difficult todo that too as a candidate,
right, because you always feellike, at least in my shoes, I
always feel like I'm like put ata disadvantage, almost.
You know, like hiring managers,I feel like some of them will
kind of, you know, choreographthe interview in a way that like
(18:13):
hides some of the things thatwould determine or persuade me
otherwise of not going there,right, and they just always,
very conveniently, you know,leave out things like oh yeah,
we actually have no budget, wejust want you to just sit here.
You know, that sort of thing,which is, you know, for someone
like me, it's, it's like gutwrenching, it's like, okay, you
know, I made a mistake going tothis place, right, that's like
(18:36):
the worst, that's the worstfeeling, you know, because
you're not being challenged atall and you're not allowed to,
you know, change anythingyourself, which you know.
Speaker 2 (18:45):
For me, that's like not who I am no-transcript, and
(19:40):
you might be the only player inthat game now.
But, more importantly, I mean,think about it this way right,
let's say someone goes and doeslike 50 interviews,
(20:12):
no-transcript, positive thingsthat eventually do return to you
.
And like the thing that Ialways tell our team, like the
members of our businessdevelopment team, for example,
whenever they are like, whenwe're talking about coaching,
like how do you talk about whatwe do to our customers, our
(20:32):
prospective customers?
And for me, the mantra alwayscomes back to is just help this
person.
Like every meeting you go into,you're not trying to sell them
anything, you're just trying tohelp them.
If you can help this personunderstand their problem
differently, figure out a waymaybe they can go solve it,
including if that way is to nottalk, to not work with us,
(20:53):
that's fine too.
But if you come from this likeand you're genuine about it, you
genuinely wanna try to help theperson you're talking to, then
good things will happen.
And I think for a lot of themthat's a surprise.
They're like aren't peoplesupposed to talk about sales in
terms of, like, click rates andopen rates, persuasion tactics
and stuff, and it's like yeah, Imean I guess there's probably a
(21:13):
lot of sales engineering youcan do around that, but I just
think it's just helps them Like,if you, if you start everything
with that ethos, good thingswill happen and that's, I think,
a great way to think aboutsales, that's a great way to
think about selling yourself interms of getting a role, and
that's just a great way to likehumans want to treat each other
getting a role and that's just agreat way like humans want to
(21:34):
treat each other.
Speaker 1 (21:37):
Yeah, recently fairly recently, you know, last year I
went onto the professionalservices side of security and
it's it's great to see that Iguess I'm doing the right thing.
You know, when I start theconversation off with saying
like, hey, tell me what yourbiggest challenges are, right,
I'm not like even sellinganything.
You know, I give them mybackground as like a initial
intro or whatever, and then I'mjust tell me what your issues
are and if I can't help you, youknow I'll send you somewhere
(21:58):
else.
Like, I know a lot of people inthe industry, I'm sure I can
find someone to help you.
You know, that always seems topan out a whole lot better than
just trying to sell them aservice or a solution or
whatever it might be.
And even the most successfulsalespeople that I've worked
with throughout my career they Imean they spend like five
(22:19):
minutes at the end of theconversation just being like, oh
yeah, like you know, I got thisthing over here.
If you want it, we can do it,but if not, no worries.
You know, like that sort ofmentality and having that having
that interest right, because itcomes down to having a genuine
interest in the person in frontof you, rather than seeing them
(22:40):
as a dollar sign or, you know,making some sort of money off of
them or whatever.
You're just here to help themand when you're genuinely there
to just help, you know, I thinkit comes off a whole lot, whole
lot better, a whole lotdifferent, and it works out
better for everyone.
Speaker 2 (22:50):
I mean people want to work with, do business with,
partner with, et cetera.
People they like I'm in theprocess right now of
interviewing for a new taxstrategist.
I mean talk about a snooze of aprofession to be interviewing
people about, right, and I'venarrowed it down to maybe three
or four.
They all seem very, verycapable.
(23:11):
They all know the tax codebetter than I do.
So then it's like, okay, wellthen, what you know, and now I'm
realizing, like of these threeor four, all roughly equally
qualified, fees vary, but it'snot like you know orders of
magnitude and variation.
It comes down to like the guythat I like talking to, like the
guy who understands my business, who was asking clarifying
(23:35):
questions, who's like curious,not just about like the numbers
but about oh, why do you make,why'd you make that particular
business decision, what'sdriving next, et cetera.
It's like that's the guy I wantto do business with, cause he's
like he's interested and he'sengaged and I like him.
I think just I know it's maybenot as actionable of advice like
be likable to other people, butbeing likable starts with
(23:56):
wanting to help other people.
Like if you genuinely careabout other people and helping
them, you can overcome anyinterpersonal conversational
deficiencies that you might haveif you just want to help other
people.
Speaker 1 (24:09):
Yeah, that's a great point.
So you know, tell me about yourbook that's coming out.
I think I'm registered to findout when it goes live.
But tell me, tell me what thisnew book is.
Speaker 2 (24:19):
Yeah, the new book is called Inner Hacker and the
concept of it is for a generalaudience, so I wrote this for
everyone, not just securityprofessionals.
I want people to be able tothink like a hacker, and what I
do in this book is I've first,of course, explore what that
means Like.
What does it mean to think likea hacker, what are hackers?
And then examine well whathappens when you do think like a
hacker.
So what happens when you thinklike a hacker is it helps you
(24:42):
think independently, it helpsyou think differently about the
situation.
Whatever the situation is Maybeit's starting a company,
getting a job, getting promoted,starting a charity, changing
your career, whatever If youapply the hacker mindset, you
could think about that situationdifferently.
And when you think about itdifferently, that reveals these
overlooked opportunities, thesethings that other people have
(25:04):
missed, and that's what makeshackers successful when it comes
to finding exploitable securityvulnerabilities in, say,
software systems.
But that's a mindset, right.
That's not about technicalskills.
That's about how you thinkabout something.
And so in this book I analyze, I, through storytelling, explore
well, what does that mean, whatare the different elements to
(25:25):
how a hacker thinks, and then,most importantly, how can
someone apply it Like it's onething to be like you should
think like a hacker and peopleare like, okay, that sounds
interesting, now what?
And so this book is sort of thenow what.
So I mean, obviously there'sthe convince.
I'm trying to convince why youshould do this, and then I, it's
very actionable in terms ofteaching people how to do that.
I mean, I get to spend everyday around hackers.
(25:46):
Hackers are my friends.
I go on vacation with hackersand I just I think the hacker
mindset is a superpower and whatI'm trying to do with this book
is to teach that superpower toeveryone who is interested in a
new way of thinking.
Speaker 1 (25:58):
Yeah, it seems like everyone has that to some extent
or they have.
You know, that need rightBecause, like, just going back
to like kind of how we startedthe conversation, where you have
to find a way to hack your ownmind to get yourself through the
roadblocks that you encounter.
You know, like when I was, whenI was starting my dissertation,
(26:19):
I was having huge writer'sblock, you know, and my chair
literally had to break it down.
He's like just give me aparagraph.
You know, give me foursentences.
Can you give me four sentences?
You know, like on this firstlittle intro, just talk about
yourself for four sentences.
Oh, okay, I can do that.
It's like, okay Now, like talkabout this, this topic.
(26:39):
What's the first part of it?
You know, like what?
Why does it matter?
You know, and once, once, I wasable to like kind of hack my
own mindset.
Now I'm a hundred pages in andI'm not close to being done,
unfortunately, but you know,like it got me there, it got me
through it and now I'm able towork my way through, you know,
those problems that I wasencountering.
(26:59):
I love that.
Speaker 2 (27:00):
Yeah, it's interesting because some of the
things we talk about at the topof the show are directly
reflected in this book, like theidea of like doing one more
thing, how to build habits, howto basically be more tenacious,
cause that's, that's one of thekey elements I mean I've I've
had through the course ofinterviewing and writing this
(27:20):
book, and I gave a Ted talkcalled why you need to think
like a hacker and sort of so,working on that, all these
things they helped me likedistill down what does it
actually mean to think like ahacker?
It's a pretty cool process.
I got to go reach out tohackers that I respect and
admire and ask them thatquestion what does that mean to
you?
And I basically distilled itdown to these four traits that
(27:41):
hackers are they're curious,they are non-conforming, they're
committed and they're creative.
So those the four Cs, as Ithink about them, hackers are
curious, their hackers areinquisitive, they want to
understand how things work, whyit works that way, all that
stuff.
The second is that hackers arecommitted or, sorry, are
non-conforming, meaning thatthey're not willing to follow
(28:02):
along where the herd is goingjust because the herd is going
there.
They want to thinkindependently and say well, I
know I should do X, but what ifI did Y?
So that's non-conformity.
And then hackers are committed,which is to say that hackers
are willing to invest the time,the effort, the love, the
passion, the person power,whatever the resources may be
required, to pursue theirtargets.
And then, finally, hackers arecreative, meaning that hackers
(28:25):
come up with these reallyelegant and beautiful and
innovative approaches to solvingproblems, like, oh, no one had
thought to combine A with B, butwhen you combine A with B, it
creates this thing that's likeexponentially more impactful
than either A or B.
And hackers do that stuff everysingle day, and so it's been a
really enjoyable journey thendigging into each one of those
(28:48):
and thinking about well, whatdoes that mean and how can I
teach that?
What are stories thatillustrate that?
And that's basically what thebook does.
Speaker 1 (28:55):
And it's all really built off of habits?
I think it does.
Would you think that you knowthat hacker mindset comes from
just having the right habits?
Speaker 2 (29:05):
I think so.
I mean, I think hackers arelike any group.
You know, people exist on aspectrum and I'm sure there's
the people in the hackercommunity who would say they
have terrible habits and somewho have incredibly disciplined
habits.
But that would be aself-assessment of themselves
within their own spectrum.
When I think about what ittakes for someone to be
interested in and successful athacking as a profession, it does
(29:28):
require habits.
They have to be willing to gokind of do the same, attempt,
the same types of things overand over again.
Maybe they're changingdifferent types of systems or
going after it in a differentway or trying to, you know,
arrive at a different outcome.
But yeah, it's a lot of buyingsomething that hasn't worked 70%
of the time, 80% of the time,90% of the time you're willing
(29:49):
to do it again anyway.
And I often think about thismetaphorically, as like you
think about Olympic athletes andwhat makes an Olympic athlete
that level of elite starts with,of course, genetics.
They had to be predisposed in acertain way to even be eligible
to build themselves into acertain thing.
But once you move beyond that,then it's like they've, of
(30:12):
course, got to have invested thetime and effort and like
building their body in a certainway.
But there's this one detailthat's really interesting about
Olympians is that they'rewilling to do the boring thing
thousands of times, like they'rewilling to eat unseasoned
chicken breasts three times aday for 10 years, and most
people aren't willing to committo do something boring or
(30:34):
unappealing repeatedly for along period of time, and it's
more than that.
But without that, someone willnever become an Olympian.
Just the same way, someone willnever become a successful
hacker if they're not willing tobe tenacious and persistent and
adapt and pivot and, just youknow, keep pushing forward.
Speaker 1 (30:52):
Yeah, yeah, it's like what Jay Cutler says when he
was trying to be Mr Olympia.
You know he ate not for flavor,not for taste or anything like
that.
Right, it was just literally.
It was literally the nutrientsthat he was putting in.
You know, like how clean it wasand whatnot, and he even talked
about.
He's like, yeah, I eat 12 timesa day.
You know, every two hours I'meating and I don't enjoy
(31:14):
anything that I'm eating.
None of it, like it's justthere.
I couldn't even imagine thatwould be a tough one.
Thankfully it's not my job.
Speaker 2 (31:22):
Yeah, I mean something like that you're.
The reason someone like that isable to do that is because of a
larger mission, something thatthey're striving towards and
they've they've started with theoutcome.
Like this is how you break anybig thing down and you build it
towards habits.
You start with the outcome youwant to achieve and then you
determine what would themeasurements need to be along
(31:44):
the way in order for thatoutcome to be most likely to be
delivered?
So, whatever the goal is,there's going to be some sort of
measurement that would met.
Like you know, someone says Iwant to be rich someday.
Okay, well, what's themeasurement?
What does that mean?
And you define that as either,like you know, dollars in a bank
account, or total net worth, orpassive cashflow, or whatever
it is that.
However, someone defines that,and then you say, okay, well,
(32:07):
now I've defined let's forsimplicity sake, let's say it's
dollars of passive cashflow fromreal estate investment.
Okay, well, what do I need todo in order to build a portfolio
that gets to that?
And then you can break that down.
And then you say, okay, well,in order to do that, I have to
have this many properties.
Okay, what does it take toacquire a property, what
requires this type of action?
You can take that all the waydown to your daily habit and in
(32:31):
that case, the daily habit mightbe I'm going to analyze five
deals per day and make one offerper day.
I don't know if those areactually what the metrics might
be or the habit might be, butlet's just, for simplicity's
sake, let's say it's that If youworked it backwards and you
said that analyzing five deals aday and making one offer a day
every day means that eventuallyI will build a portfolio that's
(32:54):
going to lead to that, now youcan say now I don't need to
worry about the outcome, I don'tneed to worry about the
measurements, I only need tofocus on the habit.
And that's what someone like MrOlympia story you're telling.
That's what he's doing.
Is he's saying look, I know, toachieve my bodybuilding goal,
it requires me to eat 12 times aday, every two hours after this
(33:15):
, many calories of thiscleanliness, and he can focus on
each meal just doing that thing.
And it's attached to thatlarger outcome.
And that's that's how youconnect the dots between the two
and people who truly have thatmission that they're they're
pursuing and are willing to dothat reverse engineering down to
the daily habits.
That's how you get there.
Speaker 1 (33:29):
Yeah, it's breaking it down into easily consumable
pieces.
It's like, oh, I got to do thisone thing every single day.
It takes me an hour to do it.
Okay, I can do that.
It's a lot easier to fall intothat habit than it is to do the
other 20 things that couldenable you to be successful in
that area.
So you know, where do you seethe industry going right now,
(33:55):
with AI and LLMs, you know,becoming prominent, right?
I mean, last time you were on,I don't even think Chad GPT was
around right.
So, like, everything is justaccelerated, right.
And now it's becoming moreimportant than ever.
Actually, the topic of yourbook has become more important
than ever For people that are ina situation where AI may offset
(34:18):
their job or put theirlivelihood at risk in some
degree.
Maybe companies are moving tooquickly towards AI and it's
offsetting their employee baseright, and they're probably
going to be moving back rightpretty soon.
But where do you think theindustry is going in the next
couple of years with justeverything going on in the world
?
Speaker 2 (34:38):
Yeah, I mean, it's interesting to see the hype
cycle happening around AI, andthis hype cycle has its unique
characteristics, for sure, butit also shares a lot of the same
characteristics with each ofthe preceding hype cycles we've
been through.
Iot was a hype cycle,blockchain was a hype cycle
Bring your own device hype cycle.
Cloud was a hype cycle Allthese things like.
(35:00):
At the early emergence of thesetechnologies, there was this
general sense of like,everything is different now.
Everything is different now.
That's exactly what it feelslike different now.
Everything is different now.
That's exactly what it feelslike with AI.
Everything is different now,and there's some truth to that,
but the fundamental truth isthat the principles are the same
how we build better, moresecure systems.
Those truths are universal andthey're timeless.
(35:23):
The application of thoseprinciples is what's different
now.
So that's one thing Idefinitely want to in any
discussion around AI, I want tomake sure we're grounded in the
fact that, like this is we'vebeen through this and we will go
through this again.
You know, five years from now,we're going to be like remember
when AI was that big thing?
Well, now it's.
I don't know, quantum isprobably going to be the next
hype cycle, but there's going tobe some hype cycle after this
(35:45):
where AI is just like and alsoran, but it's some other thing.
That's the main topic.
So there's that for us for sureto consider.
But as we are in the frothiestpart of the hype cycle right now
, things are changing, and forbetter and for worse.
So the way things are worse isthat if AI is further
(36:05):
democratizing attack techniquesso by that what I mean that's a
fancy way of saying it'senabling lower skilled attackers
to be able to do more, and thathas always been true.
I mean, the dark web is full oforganizations selling very
sophisticated attack tools thata low sophisticated adversary
(36:27):
can buy and then just run.
They don't need to havedeveloped this thing themselves,
they just pay for it and thenthey go execute it.
And so this is similar in that.
I think a perfectlyillustrative example is when you
think about all those scamtexts that all of us get all day
, nonstop.
They're starting to get betterright Forever.
The red flag well, first of all,it's been like some random
(36:48):
number texting you some randomthing Right out the gate.
You're like I probably don'tknow who this person is, but
there's a red flag within that,even if maybe you're the kind of
person who does get a lot ofrandom text messages from a lot
of random people, maybe justmeet a lot of people at
conferences or out at bars orwhatever and there was always a
red flag that was like justweird phrasing.
And there was always a red flagthat was like just weird
(37:08):
phrasing, broken English, weirdpunctuation, and you're like no,
this doesn't, this doesn't seemright.
Well, now they're gettingreally good, like I got one.
I got one yesterday that was somy, you know, as everyone's
cell phone number, it designateslike what region of the country
that phone number comes fromand the text had been like hey,
(37:30):
I'm coming to insert that areanext week.
We should get together.
That sounds like a text messagethat a person, a real human,
would send to another real human.
And I think that a message likethat was so good because
someone not a native Englishspeaker, probably went to a chat
GPT or equivalent I'm notblaming chat GPT, but some LLM
(37:51):
and said you know, I want to saythis.
I wanted to say in casualAmerican English how would
someone text someone that saidsomething like that?
And probably gave him a wholebunch of options.
I got another one that was itwas.
It said something like it was ajoke.
I was like almost mid joke,like hey, remember when we were
lost for three hours because yourefused to ask for directions?
There's a lot of people, men inparticular, who would be like I
(38:13):
don't remember this specificthing, but that is something I
did do, and so that's an examplewhere things are getting worse,
like AI is helping attackersbecome more sophisticated or
lower skilled attackers getbetter, but it's also helping
like things are improving, Ithink, for the defender defender
side, because various AI toolsare enabling us to do more with
(38:35):
the same person powers, like anexample might be, maybe like
data classification.
You've got this hugeunstructured data set and it's
this massive bale of hay andsomewhere in there is a needle
and being able to pick throughit manually, you just might take
forever, you might not be ableto find it, but AI can comb
through, it can organize things,and all of a sudden, you're not
looking at a whole bale of hay,you're looking at like a
(38:57):
handful of hay and now you canmuch more easily comb through
that.
So those are the kinds ofthings that I'm seeing change.
Speaker 1 (39:06):
Yeah, it's definitely becoming more difficult.
No-transcript.
(39:35):
This stuff is getting way tooway, too good.
I can't even imagine being youknow, someone you know at the
end of their career, at the endof you know retirement right,
getting getting hacked like thisor getting, you know, you know,
this sort of attack like this.
I don't think I would be ableto stay on top of it.
You know like, even as sharp asI am, like at some point I
(39:56):
don't know, I want to go golf orsomething for the next 10 years
and I don't think I'd be ableto keep up.
Yep.
Speaker 2 (40:01):
Yeah, I mean even as diligent, as as we all are right
, like there.
It could also just be even allare right, like there.
It could also just be, even asyou're in the profession today,
it could just be a matter oftiming, right Like the times I
find myself like almost fallingfor something, or when that
attack has come in, that, youknow, phishing attempt has come
in at the exact moment when I'mactually expecting something
(40:24):
similar, you know, like theclassic one, like something
about a package, and it's like,oh, I'm expecting a package
today.
Here's this thing about apackage, the package.
There's an issue with thepackage.
Now, fortunately, I always,like you know, check myself
before I go do that.
But eventually, you know,someone might get lucky where
the right technique was used atthe right moment, where even
someone who's incrediblydiligent misses it.
(40:44):
And that's the reality of theworld we live in.
Speaker 1 (40:52):
But they're getting better.
They're getting harder to spotand AI is definitely helping
with that.
Yeah, I'm sure that that attackvector is really going to ramp
up in the next couple of weekswith Apple's new iPhone release.
I mean, I remember the lasttime when I ordered a phone like
I got that exact thing.
Oh, there's been a problem withyour package with UPS, like, ok
, well, apple shipping it viaUPS.
You know, I'm supposed to begetting it today.
Let's go check through Apple.
Oh, it's fine, I'm going toignore this text, but yeah, ted,
(41:15):
it's been a great, greatconversation.
I really enjoyed having youback on Me too.
Speaker 2 (41:22):
Yeah, thanks for having me and for anyone who's
listening and is wanting to stayin touch with me or learn more
about my books or TED Talks ortalks or anything like that.
It's pretty easy Easy to get ahold of Just find me at
tedherringtoncom.
Speaker 1 (41:36):
Yeah, absolutely.
I mean, I was going to ask youbefore you mentioned it.
But, thanks, Thanks everyonefor listening.
You know, I really hope thatyou enjoyed this episode.
Go check out Ted's books.
They're fantastic.
I got the first one.
I'm definitely going to beginthe second one.
Fantastic reads for anyone,anyone and everyone.
All right, Thanks everyone,Thank you.
Popular Podcasts
My Favorite Murder with Karen Kilgariff and Georgia Hardstark
My Favorite Murder is a true crime comedy podcast hosted by Karen Kilgariff and Georgia Hardstark. Each week, Karen and Georgia share compelling true crimes and hometown stories from friends and listeners. Since MFM launched in January of 2016, Karen and Georgia have shared their lifelong interest in true crime and have covered stories of infamous serial killers like the Night Stalker, mysterious cold cases, captivating cults, incredible survivor stories and important events from history like the Tulsa race massacre of 1921. My Favorite Murder is part of the Exactly Right podcast network that provides a platform for bold, creative voices to bring to life provocative, entertaining and relatable stories for audiences everywhere. The Exactly Right roster of podcasts covers a variety of topics including historic true crime, comedic interviews and news, science, pop culture and more. Podcasts on the network include Buried Bones with Kate Winkler Dawson and Paul Holes, That's Messed Up: An SVU Podcast, This Podcast Will Kill You, Bananas and more.
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com