On this episode of the Riton Podcast, Jerimiah Alexander, sits down with Andrew Binder, Navy Veteran, social engineer and hacker.
Be The Riton Revolution.
Jerimiah Alexander 0:08
Alright guys, welcome back to the Riton Podcast today we’re joined by Andrew Bindner, and he has a really cool fancy title. At the end of the day. He’s a hacker for the good guys. And not just a hacker and maybe in the traditional sense, but I’m gonna let him kind of explain his past and career, whatever, but we’re excited to talk to you and have you here with us. Kinda, let’s let’s get the elevator pitch on Mr. Bindner here.
Oh, eh, you know, thanks for having me, Jeremiah, I really appreciate it. But, yep, the fancy title is senior red team, consultant. And ultimately, I do all the stuff that the bad guys do. So we go out and we hack computer systems, and we do social engineering and we break into buildings. And if it’s got wheels, we’ll take over it. And if it’s got a computer system, we’ll modify the ones and zeros to get it to do what we want and then to our will. You know, and yes, it is a whole lot of fun. But ultimately, it’s just because we we like to think we look at things a little differently. So let’s see a bit about my background. 20 plus years ago or so somewhere in there, I started out in the military went to the Navy, go Navy beat army. know you’re probably gonna catch a lot of shit for your podcast for that, but
Jerimiah Alexander 1:32
Oh no our guy’s Air Force.
But I was. So I was a cryptographer, doing wireless intercept crypto encryption decryption type things for
Jerimiah Alexander 1:44
Is that just as messages come through, you catch them and then decipher and basically, is that what that would mean?
More or less
Jerimiah Alexander 1:51
And then you did that for the Navy?
Jerimiah Alexander 1:54
Nice. So I mean, that’s kind of that sounds like like active duty. Kind of like you’re, you’re, you’re catching the bad guy signal, right? Not just some random signal, you’re, you’re getting that Intel for our guys on the ground are kinda that that explain it?
Yes, more or less. That’s, that’s the easy way to put it. Yes, we’re intercepting the bad things and trying to sift through and do that. I mean, there’s there’s heavy regulations on what we could and couldn’t do and what we could and couldn’t report on. And we always made sure that we were not intercepting U.S. communications or whatever, if anything, anytime that ever happened, we immediately scrubbed everything, everything was gone deleted. And, but yeah, it was all in pursuit of the bad guys. In some of the communications that we would intercept, like, there was times where I tracked network signal all the way to like Jakarta to stop a child smuggling ring. And you know, it, it definitely by the end of the day, even though you couldn’t talk about what actually transpired and how you did the things, you walked away from it with a real sense of accomplishment, and knowing what you’re doing was really helping people, both at home and across the world.
Jerimiah Alexander 3:11
Did you learn those skills in the Navy? Or did you did you come to the Navy with some of those skills already are a little both or?
No, I learned? Let’s call it a 10th. Of what I know, the technical side, networking, communications, those types of things. Yeah, that I learned in in the Navy, but there isn’t, I mean, especially when I was getting off of active duty and transitioning to reserves. The NSA, I worked with them, I worked with a bunch of the other three letter alphabet soups in the Washington DC area. And they had programs. So you know, they teach you the kind of the little one thing here to do the special program or go work in this special access space and do that. But ultimately, I stopped caring. But I don’t think that’s probably the proper way to say it. But I started dabbling, and doing things that I probably shouldn’t have. And that’s where the real skills get developed. And now, of course, that there’s, you know, there’s a lot more for certification. This is an actual profession, that’s white hat, you know, base, you can do it as your normal job, but we have a lot of people transitioning from it, or even going through college and getting their hands on the knowledge that we all shared in backchannels. And by word of mouth and just demonstrating this stuff to ourselves. You know, so it’s available now, but back then it really wasn’t. So we did some, you know, questionable things. to, you know, to learn what we’re doing is more or less just we wanted to take something apart. We wanted to go and see how it ticked. We wanted to know, can we can we take whatever this is? and turn it into that? Or can we gain access into this over here? Or how does this actually work? I mean, that’s the true definition of a hacker is that we just were nutty professors, and we’ll just tinker with anything until it’s broken, or until it does something really cool.
Jerimiah Alexander 5:19
That’s something different. So you said there is there are schools now for people that want to do your kind of work like literally, like a, like a degree and social engineering, or I don’t even know what you would call it, but
it’s usually a degree in computer security.
Jerimiah Alexander 5:36
Yep. And so they there’s multiple different avenues that people can go down to, you can either go down a highly technical route, in which case you’re, you’re learning how to break into systems, and you’re learning how to test an audit security. Or you can go down the policy route, learning how to put checkmarks in the box, or you can go down a legal route, learning how to advocate for legal rights for what we’re doing. For instance, the EFF Electronic Frontier Foundation, I believe it is, they’re a huge advocacy group of lawyers that fight for every one for all the, you know, even legitimate things that you would want to do hacking on your own car. I do a lot of stuff with with farming. So did you know that farmers like they buy this like, you know, huge $100,000 tractor and they’re, they’re not actually able to work on it.
Jerimiah Alexander 6:33
They’re not able to work on it just because of electronics, or,
yeah, because the End User License Agreement there, they’re not allowed to open it up and make modifications to the software. If there’s problems, they got to pay out huge bucks to have somebody come in and fix it. And I mean, that’s where a lot of companies make good profit on their money on their return. And so like the EFF is fighting for all that. So that there is legality you own it, you paid for it, it’s yours, you can go on it and play with it.
Jerimiah Alexander 7:03
Blow it up, right. So you went in the Navy gained some skills there, you got out and kind of sounds like really educated yourself. And by doing and trying and through a network of other people. And then what was your What was your next step after the after the Navy? What did you Where did you work? What are you doing?
So I went to go work for a bunch of different places, but mostly working government contracting out in the Virginia area. So anything within the alphabet soup, we were contracted to work with it, but I mean, the most fun I probably had was working for the Marine Corps red team. And at that time, like our contract was, was gorgeous, that it was an experimental contract for a thing. And it was go after any marine anywhere in the world at any time, for any reason, with the stipulation that it had to be on a government system, you know, we’re not allowed to touch their bank accounts, their home stuff, we’re but we were allowed to do whatever we wanted. So we evaded acts, we evaded being caught for eight months before someone actually caught on to us. And we got into all kinds of military bases. And essentially, what happened was, somebody just managed to catch me while I was digging around at the Pentagon. Oh, wow. That’s the better part of what really comes out of that is that when we go through these exercises, and even when we even now, like, I don’t work on the government stuff anymore, I work on the clients I work on, you know, things that are more private, you know, hospitals, banks, colleges, they pretty much anything under the sun. And if anyone wants to pay us to, you know, tag on things, we’ll we’ll do it. You know, we’ll hack for food. But ultimately, what we’re doing is we’re finding all of the holes. And we’re saying, Hey, this is vulnerable, that’s vulnerable. This is a big risk to you guys, you know, weak passwords here. And we were able to get the domain admin and and get all the keys to your kingdom and stuff. And then we hand them a report, and then we help walk them through repairing all those holes. So we come in as the bad guys do everything the bad guy does, but then we teach them how to fix it, or help them develop policies to make sure that they’re not falling back into the same patterns and things like that. So, you know, we’re basically walking through the door and then We’re shutting the door behind us.
Jerimiah Alexander 9:39
Nice. And I don’t think I mentioned I met Andrew through. We have a mutual friend. I’m married to her. My wife Trish works with the same company that Andrew does. I remember it’s kind of funny because there was a client That was like, Well, what if so would penetration testing, I guess, is that the common term for seeing if you have weaknesses are those holes you mentioned? So they were like, well, what if you don’t find anything? And my wife being the person she is, was like, well, we won’t, we just won’t charge you. If we can’t find anything. I think the client really thought that they were like, you’re like, Alright, well, we’ll see, you know, and think two hours later, someone from your group had already like, it was it was like they were one of the worst offenders they had run into. And they were just confident that there were no chance. You could even get in there.
That client was it was me.
Jerimiah Alexander 10:41
That’s why I bought the story. I thought it was like, she had said, You were like, two hours? And it was like, Yeah, what do you want to know? And they were like, what do you find? He was like, What do you want to know? Like, it’s I have too long of a list to just give you one thing, it was easy. One what I think part of what’s going on, that’s really cool that you guys do that’s different. Maybe then when someone hears hacking, right, everyone, imagine someone you know, banging away at a computer for hacking. But and you you caught on to it, or you you mentioned earlier, you’re doing more than just behind the computer, you’re physically entering into places that you’re not supposed to be in to prove that you can gain access, what what’s like the craziest place that you can talk about data that you were able to gain?
I tell you what, I’ll give you a couple of choices. I can tell you about the casinos that my team and I did. That was a fun one. There was a energy plant for the state of New York,
Jerimiah Alexander 11:48
That’s bigger deal than people note, I would think probably like the power is a pretty big deal.
Yeah. Yeah. So in that, that one, I love to refer to this one is fat guy in a little coat. I’ll tell you why that’s. So myself and two other my co workers we went out. And we, you know, we spent the day, literally walking around the outside of the property and coming at it from all different angles using Google Maps, trying to find anything we could, and a process we call a OS int or open source intelligence gathering. So anything we can find on the internet have their huge server databases that actually catalog everything that’s on the internet that’s openly accessible. So we try using that we try to spot all their cameras, we’ll fly a drone overhead, we’ll, you know, we’ll do whatever. So we can identify doors on people. And, you know, we’ll sit there with long range scopes and, and try to and try to, you know, actually like take pictures of badges and things like that from a distance, maybe walk up and try to access the doors. So that night, we came back in just trying to break into the building. And we, we we went around and we tested all the doors and we had a lock picking gun and we tried manual picking in the lock that gun and we couldn’t get in. And like two hours on premise. There’s people working there all night long. And we just couldn’t get in it. But no one challenged us no one did anything. And eventually on our site, just last ditch effort walking by and I’m pressing up on all the windows to drain and see if any windows are open. And I come to find out I slide up this one window just a little bit is perfect when I push her all the way up and just kind of left it there. And nobody said anything. Try to listen for stuff and didn’t hear anything. But it’s all the way up here. And now mind you, this is November and it’s snowing outside in New York. So I’m wearing big puffy coat. I’ve got my backpack. I mean, I take my backpack off. I sit on the ground didn’t even think about the windows only, you know, just big enough for my shoulders to get through. climbing through the window. And it’s that guy in a small coat. So I’m trying to shimmy through the window. Because there’s there’s no way to actually learn this. No one teaches you how to break into a building you’re just assuming.
Jerimiah Alexander 14:20
But I actually like it was like the worst entry that you could possibly imagine. There’s blinds vertical blinds on the other side of the window. I managed to squeeze myself through the window I put myself down on someone’s desk. It just so happened that everyone was across the room in a in a different meeting in another room. So the the place that I was coming in there wasn’t anybody there. walked around opening the door and then the three of us had access to the building. We were in the building for four hours we left remote callback terminals. We Went dumpster diving we picked the locks on their their security bins and started pulling out papers we did all kinds of fun stuff we started going through people’s cabinets and picking those and opening those up and taking records and we found the I.T. space and we saw we we started taking laptops and stuff with us as well. But on our way out with all the lights come on with it all man here we go. This is this is not going to be good. And here comes the security guard around the corner. And you know first thing out of my mouth was wow there actually is still somebody here tonight looking at you know just I’m just joking around and my my coworker security guard comes yeah burn candle at both ends, arn’t ya. Yep, life of a consultant never done just walked right on mine. Oh, wow. But on our way down, we actually got off on the wrong floor. And as we turn the corner, we found the space a space that’s labeled NERC, which is energy compliance. So we had very specific instructions, do not open this door, do not touch it, if you see it, take a picture. So we’re snapping selfies and all that in front of the door. Because on the side of that door, if we opened it, it would have been an FBI investigation at that point. Because it would have been illegal for us to go into that space. But you know, if we could have taken down half of New York, at that point, because of just where we’re located in the company and everything else, my themes, not half, but a good chunk of state of New York for their energy, we could have taken them offline. So we ended up having a whole lot of fun.
Jerimiah Alexander 16:43
Yeah, that sounds good. Yeah, I think that’s kind of like, at some point, at least a half, half half the people I know that’s like the dream job. I’ll tell you our guy doing the video and recording in the back. I can see him nodding his head. Yeah, yeah, that you know, the acronyms make sense to him. And he’s on he’s on board with it. So I like it. Well, I mean, you told me I was gonna have to pick but man a casino sounds like an interesting story to I have to hear how you got in casinos seem pretty, pretty tight. Like, I’m going off the movies. Mind you, I don’t really know how tight a casino is. It’s a lot of money rolling around. So common sense tells me there’s probably quite a bit of security for all of that money.
Unknown Speaker 17:26
I’ll tell you the story. And then I’ll leave you with a few tips because we learned so much about the gaming industry and how they want people for like, you know, for like swapping chips and stacking cards and all that jazz. We learned so much about all their monitoring capabilities. A lot of them have gait monitors. And by gait, I don’t mean a physical gate. I mean, you as a person walking your actual walking path. So you know
Jerimiah Alexander 17:57
how your your walk goes. Yeah,
yeah, exactly. So if you’re normally walking one machine is sit down, walk over another machine sit down, it actually tracks you throughout the entire thing. Like you think your cell phone tracks you like now these guys have got the corner or mark on. But yeah, I mean, there’s I went to one Casino in Colorado, I swear to God, they had more cameras than I’d seen at NSA. I mean, it’s just just a wall of cameras. Everywhere is insane. But when it comes to social engineering people are they have their tics, and we are genuinely programmed to be nice, we’re programmed to be helpful. Our jobs regulate, you know, helping people directing flow of traffic, making sure that the customer always has their thing or you know, that that the business is always flowing smoothly. And so I went in there one night and just started gambling and you know, sitting you know, sitting at a slot machine, and I had a pocket recorder and glasses with the camera inside of them and stuff. And so we took pictures of badges, we figured out what their uniform looks like. We you know, we figured out we kind of mapped the whole area, the casinos, those types of things. The next day, I went out to Walmart bought something that looked really similar to their their uniform because it was decently basic. I made myself a name tag real quick. And then I was standing at kinkos because my tools, I usually have a laminator and a printer and everything was me and they got damaged on the plane. So I’m standing at kinkos making a badge and sitting there with an exacto knife. compassion, they’re all just looking to be like
Jerimiah Alexander 19:54
Your like, I’m going to break into the place next door. Don’t worry about it.
But yeah, you know, sure enough, I put on the clothes and the badge and I walked in and nobody questioned me, nobody did anything didn’t even get checked for ID because I looked at the part went into the control room where all the cameras were. And I was like, Hey, hi, my name is Andrew I, I just started here. And they said, I could come in a few hours early before everything gets, you know, before my shift starts, and I have to go hit the tables, but they said I could, you know, kind of learn about what’s going on and the operations and, you know, see what, what’s going on with your cameras and stuff. Those guys were so, so helpful. Yeah, just I mean, seeing everything in their control room was just unbelievable. And they were like, they gave me all their documents on like, how to spot and catch cheaters and all these other things. But we had a lot of fun with that one, and went all the way up and down, every floor of that casino got into all the offices went down into the money cage. The money came when we looked at the money cage and went. Now, this is way too much exposure and decided to leave. So we just left that on the counter that said we were here that that was definitely a lot of fun. That was probably the most nervous I’ve actually been on on the engagement just simply because there’s so many cameras, there’s so many sensors and everything else. But so a little tip about the gaming community is Don’t, don’t go Don’t go gamble on Monday, Tuesday, Wednesday, Monday, Sunday night, Monday, Tuesday, Wednesday.
Jerimiah Alexander 21:45
so all the slot machines, if you’re if you’re in slot machines, they they have a statistical payout. So they can actually change the randomness of each of the machines, not just one machine individually, they can, they can control the whole entire Bank of machines. So on or so on Monday, Tuesday, Wednesday, and Thursday, that that’s it Monday, Tuesday, Wednesday, Thursday, they actually change the payout to be a little higher. Because as you get there and you’re on a roll, you’re likely to stay over the weekend. And then they take the randomization and they turn it down. So when all that money is coming through the casino, the payout is a lot less. And proof to point on that one was we sat there and monitored the door with a cell phone camera just over our shoulder while we sat and played and we’re smoking and drinking. And somebody came by and punched in the code to the door. And we eventually they came out and we walked in right behind them and they left the machine logged in to the what they call their jackpot machine. So we shut down an entire Bank of of slot machines that had a payout of like $11 million. Oh my god, and we turned the payout to 100%.
Jerimiah Alexander 23:06
turn it back down and turn them all on again.
Jerimiah Alexander 23:10
How often do you decide you just want to go break into the casinos or make a bunch of money? Because I’m sure you’re you’re under paid for what you you could go do so do you do you have these nightly wrestles that you could make a killing being Ocean’s one just by yourself?
I honestly I would not try it outside of it. Well, I’ve done some questionable things. Let’s put it that way. But I have not. I wouldn’t do it as a full time profession as that’s an incredibly different lifestyle. I mean, you can’t leave a trace can’t leave a fingerprint can’t do anything. I mean, they know we’re gonna be there. So if there’s a problem they go, hey, yeah, we got you on camera doing this or you know, we’ve heard you actually get confronted by officers or you know, police guards or whatever, whoever’s there. And it’s fun to go and do we know we’re definitely under contract and that we can get a letter that says basically like get out of jail free. This here’s my point, the person that I’m working for, here’s what I’m doing. Yes, we’re under contract. But if they catch us the game is over. So if they do their job, right, they’re good. I mean, actually, that’s that’s partly why I have a beard is if I go in and I get caught or stopped one day, I can go in shave change out my glasses go back and they don’t recognize me for madam, new guy.
Jerimiah Alexander 24:43
I’m gonna get you to write me some of those letters for my wife
to get out of jail free.
Jerimiah Alexander 24:47
Yeah. But Andrew wrote the letter I don’t know. Well, that’s so what is the we’ve talked about the the kind of cool part of it and that but obvious You’re doing this for the for the better of the community, you’re doing this to help. It sounds like I mean, on one level, you’re doing it to help companies. But really you’re doing it to, like, help me right? If I go to the hospital and check in, or whatever, like you’re, that’s your who you’re helping is Is everyone. So So what is the benefit? You know, I’m gonna call us end users. I don’t know if you can end user a hospital, but oh, no, yeah, absolutely. Yeah. So I’m the end user at the hospital. What? Why? Why do I owe Andrew a vote of thanks for his work?
Yeah, so actually, so the client that your wife was mentioning earlier, you know, the kids, you brought up that one, they had gone through multiple series of penetration tests. But when I got there, yeah, I had access to everything, including all their databases, all their databases have all of the you know, the patrons of the hospital, all their P.H.I., all their P.I.I., any medical records, credit cards, anything is stored in their systems, I had full access to it. So by helping them secure those holes, and writing procedures for them to be able to check and make sure that those are blocked. It’s kind of a two sided coin, yes, I get to go in and play and then I get, show them how to fix it. And then ultimately, the end user is protected. Because it’s not a matter of if somebody breaks in, it’s a matter of when somebody breaks in. And that’s something it’s been a long time running through our community of, of, you know, how we evaluate risk, you know, it’s like, well, no one will ever do that. Well, we haven’t had someone in, you know, 10 years in the history of the company ever break in? Yeah, just just wait, it’ll happen eventually, or you just never caught them.
Jerimiah Alexander 26:51
They might have come and gone even though they were there.
Yeah. So you know, when those happen, all of your data is generally scraped, it’s taken off the network, and it’s exposed out to the internet. It’s, you know, whether you want to call it the black market, or the Tor network, or the deep web, or whatever, you know, security buzzword term somebody wants to put in the fact of the matter is, is that at the end of the day, your stuff is now exposed, there are a couple of really good things that have been put in by the government to protect you as the consumer. But it does make your life a little harder. So like for some, for instance, if somebody gets a hold of your credit card, and they start racking up your credit card, there’s 1000s and 1000s and 1000s of fraudulent purchases. And it can go very fast, by the way, it can go from here’s a $30 purchase to a here’s a $900 purchase, here’s your now 10 grand in debt. First thing is don’t panic. There are protections through FDIC and through banking and Visa, MasterCard, everyone has it and they go, fraudulent case. Okay, well, here’s your money back, your debt is forgiven. And here’s a new card and everything else. The problem is you got to sit there for, you know, anywhere from two weeks to 30 days for them to fix everything. So if you’re getting stacked up on, like paying your mortgage or not being able to pay for food, that’s kind of an issue. But eventually it won’t solve itself you are protected. When it comes to your having your social security number put out there that especially when it’s your Social Security, birthday, access to your money or your personal information. People can open up loans and stuff like that in your name. You wouldn’t even know about it until you actually go check your credit score.
Jerimiah Alexander 28:45
That’s obviously what’s wrong with my credit score. Someone’s definitely hacked. Well, I was thinking I’ve heard you know, just in talking to my wife that you know, your personal info because I thought I think credit cards I think that kind of stuff like you’re saying, but I’m what I’m hearing kind of over and over again is like your personal information is worth more out there floating around, then your credit card information is and I was like trying to figure out how but it sounds like that’s the How is they just start a life under your name and take out a loan under your name or get three credit cards under your name. And so that’s why not not that goes from one credit card they got from you, are they now they can have who knows how many?
Well, you know, for them, they may get a payout of a couple $100 or a couple $1,000. And as long as they’re, you know, the identity theft is real. And it can be a real pain in the butt and it can it can wreck your credit for years while you legally go through the process of trying to correct the issues. But for them, you know, like when I say them, I mean the real bad guys, you can go out and buy I mean, you’ve got on right now and go by stacks of valid credit card numbers with their pin numbers, or passwords to accounts that actually exist. You know, you you can you can buy some really insane stuff. You know, they’re making a payday by selling it and not actually using it themselves because they eliminate the trace of having their their fingerprints attached to that, you know, the digital transaction stuff so. But for those who buy it, yeah, sure, maybe somebody who is an identity theft person, like that’s their, their main goal in life is just to live life off of other people’s expense. The bank won’t catch him, the credit card companies won’t catch them, they’ll just decline the card and shut it off. They’ll just reach for a new card and a new one, keep going. You know, so your credit card, the banks will just eat the money. But your personal information is you. And that can be a royal pain to get corrected.
Jerimiah Alexander 31:02
Well, I’m glad that you guys are out there doing that. Because that Yeah, that sounds like I don’t need any help reckon any, my my bad decisions are all my own. At this point, I would like to, I would like to keep it that way. was something else I was? I was hearing that was along with the penetration testing. I can’t remember I was gonna say there was something else about that. It’ll come to me here in a minute. So. So we went over your history a little bit, we talked about kind of what got you to where you are now. In this position? What’s like, what’s next? So where do you go next with kind of your skill set and all that? Obviously not into robbing casinos we’ve been over that
is definitely a No, no, I have a wife and kids. And I don’t want to I don’t intend on giving that up anytime soon. So
Jerimiah Alexander 32:02
what’s funny that it’s funny you say that because I there’s a there’s a company that we work with Dave over there with you guys. Last name starts with a B, he he’s working with us on it too. But destiny rescue is the name of the organization. And I met him at a tactical game. So people are like, you know, running around basically doing CrossFit with guns. And I was there. I was there as part of that. Yeah, it is cool. And I was talking to a guy and he’s one of the guys that found a destiny rescue, they go and save children overseas that have been sold, or whatever, into the sex industry. And they need what’s called burner agents pretty frequently, where basically, you know, and they asked me to do it, you know, they because they’re like, you have enough of a skill set, and blah, blah, blah, to be able to do this. And I was like, Well, what does it entail? I would love to help for sure. Like, talk to me about what it? What goes into it. And then you go over there, basically, and you have to ask for for sex with little kids. And so I was like, I don’t believe I could do that to be quite honest. And they’re like, no, like, when you’re doing it for the right reason you could and then I found out it’s like an $11 billion a year. industry that we know about. And it’s funny because you said like, you’re like you didn’t say I’m not gonna rob banks because I don’t want to get in trouble or because it’s wrong, or you’re like, I have a family, I love my family and I can’t like put them at risk. And that’s what I said, I was like, I would love to help. There’s a lot of ways I can help but I have $5 Man, I can’t be going overseas and Bustan sex slave rings up you know what I mean? And not think that’s gonna follow me back home. It’s interesting. Our reasoning is usually as guys we’re desperately want to get into the thick and the trouble and you know, and be fun like that. But, you know, at the end of the day, you’re like, well, I really like my family. So I think I’ll, I’ll pass on that activity.
So it’s funny that you mentioned that and that is you know, obviously there’s there’s a very dark underbelly of the world and how things operate, whether it gets reported on or not what people want to think about it. It’s there and it exists and it’s disgusting. Yeah, to, to say the least, it’s disgusting. But anyone who has any type of even just multicoloured a mild curiosity about helping out for specially for things like that. There is an open source project called buscadoor. It’s a it’s an operating system that you can download. And it has it’s specifically built for open source intelligence gathering, and like building criminal files and everything else. I want to say two years ago at DEF CON. So before the pandemic which is one of the one of The bigger half hacker conferences, that happens in Las Vegas, usually around July, August, I think they, the people who had started the project actually started opening cold cases with the PD departments and even some stuff overseas. And they were making a point system like a capture the flag type game, out of trying to find open source intelligence to track missing persons or, you know, gather data on various situations and things like that. So, you know, even if all the worst that you can do, technically, is just use Google, like, you can find just about anything you want. And these tools make it really easy to kind of collectively put all that data together and, and help drive somebody in the right direction. It was it’s called buscadoor
Jerimiah Alexander 35:56
Okay in it. And where would I go to just just log on and look for, for buscadoor? And it kind of walk me through how to download it?
Yeah, that’s buscadoor Linux, and they have a big website for it and stuff. I don’t know if you have tags on your, on your, you know, your podcast here, whatever. But you can, I’ll send you a link to it if you want it.
Jerimiah Alexander 36:17
Yeah. We’ll put it. We’ll put it here. We’ll see if we can do that. Awesome. I like that. And so I sorry, I, I interrupted you, you were talking about kind of like what’s next for you? All right. You know,
the next thing for me is to train. I, you know, I’ve been in the field for 20 years, I have, and I’m never gonna stop learning. And I don’t ever want to stop the tech. I remember you saying like,
Jerimiah Alexander 36:49
you learn something every day, you were like, upset with the day. And it was like about what you did. Even you were like, I’m not happy if I’m not learning every single day. And I thought, Man, you’ve been doing it so long. How could you learn every single day? And it’s just, man, it’s amazing. I don’t know what I don’t know, right? There’s so much to know, that it’s out there if you seek it out. So I love that attitude. And that idea of just like, continuing education is in our hands in so many different ways.
To me, it’s not just, it’s not just training myself. I, you know, at this point being so senior in my career aids for me to train the next fleet of cyber warriors. So I, we have seen, so Morgan and I, when I say we, my boss and I, we actually have a meetup group that meets twice a month. And we have people from all over the United States from coast to coast, they come in, and we we help train them, we guide them through different projects, or hack the box or capture the flag scenarios or things like that. They’re just sharing tools, sharing knowledge, you know, even even though I may be so senior, because our field changes so much. And it can be almost a violent on how fast it changes. Somebody who comes into the field who’s only got a year or two of experience, or even less than that can be like, Hey, have you guys seen this tool? You know? And it’s like, Hey, you know, that’s cool. We didn’t we’ve never seen that before. So yeah, we, the training, and research is probably the, my path from now on?
Jerimiah Alexander 38:28
Well, that’s how we get better writing on
I’ll die with a computer in my hands. And I’ll be right, amen.
Jerimiah Alexander 38:36
I like that. Because, I mean, you had to learn it, like you have a collective, you know, couple decades or more worth of knowledge, and it took you that long to gain all of that knowledge. And I’m gonna throw an arbitrary number. So within two, three years, you could educate somebody with, you know, a majority of what you learn in a start from that point, whereas you started, you know, with not a bunch and so who knows what can be done. And I feel like that’s the right thing to do. Because if anyone’s under the impression that the bad guys, this, I don’t know how this ends, like you’re in a good business, right? Like, this is as good as like building confidence. or working for the taxes. It doesn’t matter. It’s always coming. It’s always coming. So yeah, and if we’re, if we’re not on top of it and pushing, and then we’ll, we’ll lose, right? Because someone is always gonna be there to do the bad stuff. So.
So yes, I can teach someone in a couple of years how to do this job. I’m very lucky man in the fact that my wife and I are both in the same field. But I’ve been doing this for over 20 years. She’s been in this field for three. I think she’s coming up on her four year mark. I will constantly go to her and say, hey, how do you do that thing? Where when she was first getting started, she would run to me, hey, how do I do that thing and now we get to collaborate and share. We we actually don’t have Was it called Netflix and chill?
Jerimiah Alexander 40:04
You’re like, we don’t
We have IOT and chill. And so we’ll go to the Best Buy or some electronics store and we’ll go get some like consumer grade camera or, you know, some little dancing electronic thing that’s got wireless capability or something, and go grab a couple bottles of wine and that will sit at the bench all night long, and just drain the bottles of wine and tear apart the electronics and go to town like a bunch of nerds that we are.
Jerimiah Alexander 40:30
That’s awesome. No, that’s, I mean, you kind of lucked out, right? That’s not everybody that has their spouse that loves to do the things that they do I, you know, Trish, I’m lucky enough she loves to shoot and I, I’m always I’m always playing that card. I’m like, yeah, I’m shooting in the wild, if you want to. Would you like me to take you shooting, you
You know, kid shoots to doesn’t she,
Jerimiah Alexander 40:51
all of them do. But Samantha in particular, she shoots a lot. She loves that she competes. And all that she’s the one I told you that had already shot out. When she was 13. She was already shooting out to a mile like pretty consecutively like, I don’t want to say easily but like she didn’t really miss out a mile with one MLA targets like a 16 inch by 16 inch target at 1760 yards. And she was she could do that pretty much at will unless something crazy happens. So yeah, I’m fortunate I’m, I’m in the field I’m supposed to be in I do believe on it is fun. It makes it so much. I don’t it’s just so much more fun. When you like what you do, you’re looking for new and innovative ways to do it. versus just to go through the day. You know, when someone says, Oh, you couldn’t build a retical like that. I don’t just say okay, they told me I couldn’t do that. I’m like, I don’t know. Maybe I could maybe we could do that. How do we do that? We’re going to do that. You know, I mean,
You can skip the how too, just go do it.
This is something I teach my daughters on a regular basis, like, yeah, you wanna do something. Sure, go for it. But we’re not supposed to. Whatever, go for it. Okay, well, it didn’t work. Cool. Let’s talk about it. Don’t do try to
Jerimiah Alexander 42:11
Dont do it again. Like don’t do the same thing again. That’s all I ask for failures. Yeah, do something fail again, in a different way. Yeah, I love that. Well, man, I appreciate your time. We’re kind of coming to the end of our, our time, and I have a few Okay, that we have some questions. You’re like hidden under here. Like they’re really hidden. So I don’t forget them. I just hacked this mousepad to get to these, it was pretty intense. So they’re just some fun, kind of, we’d like to wrap it so we just want to know what’s off the top of your head.
Jerimiah Alexander 42:45
So if you had a superpower, what would it be? Like there’s so many
off maybe you know, what if I had a superpower Actually, my wife and I have talked about this for years because just one of our when we were dating because one of the things that we had in mind was hers was in visibility. So she didn’t have to get seen by anybody. Mine was actually to make plants and trees grow at my will.
Jerimiah Alexander 43:12
because then I could just have like a wall and like hide instantaneously behind the tree or
Jerimiah Alexander 43:19
I like it I like it we that’s a new one. We haven’t had that one and visibility is high on the list.
I’m sure it is.
Jerimiah Alexander 43:27
power over the flora is is a new one so I like that if so past present or future if you could sit down with anybody can just have a beer with them. Who would who would you pick?
I don’t know about a beer but i’ll i’ll take Glenmorangie 18 year. You know what I’d actually like to I’d like to sit with I’d actually like to sit with one of the Presidents
Jerimiah Alexander 44:07
just I could see that. We had a lot of George Washington’s.
So whether you know anyone who’s who’s been in that position? I’d love to just pick their brain.
Jerimiah Alexander 44:17
Yeah, that’s, that’s intense. That’s intense. Um, if you were low vibe change here. If you had to eat one food for the rest of your life, what would it be?
Oh, that’s easy. lasagna.
Jerimiah Alexander 44:29
lasagna. That’s my man. I love lasagna. What I every time I read this question, I want to say if you eat one food for the rest of your life, why would it be pizza? I’m not allowed to ask that. So that’s my apparently it’s mine, lasagna’s close enough for me.
That’s, that’s fair. Yeah.
Jerimiah Alexander 44:45
If what would the name of your biography be?
Not this guy again.
Jerimiah Alexander 44:52
This guy again, you again, that’s a good one. Just you again. Okay. And if I just showed up before house with a million dollars, what’s the first thing you would do?
First thing I would do
Jerimiah Alexander 45:05
other than take the million dollars
you know, my wife has been bugging me for a barn for the horses and stuff out back. So I’m pretty sure we’d have a super secret hacker lab underground and then barn and everything else, you know, nice facade on the outside, but taking care of the horses at the barn and whatever. I didn’t mean, I probably give it up to charity. I’m happy. I love my farm.
Jerimiah Alexander 45:40
That’s the great thing about being happy. It doesn’t matter if you’re rich or poor, or crippled or in good health happy is a standalone thing. I mean, how if I could pick a superpower happy? might might be as good a superpower as I need to be quite honest. Doesn’t matter what
your ability to forget is that a superpower?
Jerimiah Alexander 45:59
Yeah, well, I mean, I tried to develop that superpower, but it did and stuck as well as I would have hoped. Well, awesome, man. I appreciate it. I feel like we could talk to you for hours. all the cool stuff that you do, and maybe we’ll, we’ll do a follow up talking about some other stuff. But you’ve been awesome. I appreciate you taking the time. I know you’re busy. I know my wife’s always trying to push you guys to do something new that you’ve never done before.
Oh, yeah. She always comes up with some of the best stuff. Yeah, clients are
Jerimiah Alexander 46:30
wonderful. They’re so awesome. She is wonderful.
So cool. Well, we appreciate you, man and come up to you talk. Come visit us sometime and we’ll go shoot man.
Absolutely. That’d be fun. Absolutely. Thanks.
Jerimiah Alexander 46:52
You too. Thanks.
Riton Optics 47:04
Thank you for listening to the Riton Podcast. Please like, subscribe and review. For more information on Riton Optics visit us at Ritonoptics.com That’s r i t o n optics.com