All of this stuff comes all back around. So, let's go back to this keypad. Problem with his keypad is it's one-code. A lot of companies are going to have you press a code to get into the building. As long as everyone has a different code, we're all going to wear about evenly, and especially if you got to put a card in and a code which they pretty much don't have those anymore. But if you had to do that sort of stuff, they're going wear evenly. So, what's your use case? I think I might have a Black Hat talk. They had electronic lock closer to this. Conveniently, you could remove a panel and get access to it. Someone thought about the security in that there was a delay time after you had three failed attempts. Okay. But the time to reset the chip was a lot less than the delay time. After the last failed attempt, it would put out an audible beep. I think was five attempts. So he do four attempts and reset, four attempts and reset. I don't have any pictures of this. I won the best talks at DefCon. Any of guys like playing with electronics and little kids and things like that? There's a company just up the road here, SparkFun Electronics. The CEO did a talk. His wife, who knows that he's the ultimate nerd, bought him a safe, real cheap, like 10 bucks. Problem with the safe is no one new the combination. So, he put together an old erector set basically screw together a little- it's a whole bunch of metal pieces with punched holes, so you can screw things together and make all sorts of different things. He put one of those together with magnets so he could stick it onto the safe. They, with a 3D printer, printed something that would go over that particular safe's dial. They had a lever that would push the handle, and they just tried and tried and tried. The problem is he had, I think was three, three code combination, 100 for each one, that's a lot of tries. His whole concern is, how do you do that in a 45-minute talk? He had one going while he was giving the presentation and the room erupted when the thing beeped, it broken. Okay. Well, most people aren't fine tuned. So in reality, when you've got a code, the number plus or minus one will work. So, when you've got a 100 digit dial, you've really got 33. Okay. Additionally, the first disk has one true slot and a whole bunch of false ones. What he determined is that the false ones were a lightly different width. A human would never figure that out by turning it. But when you've got, I think it was 8,000 steps per rotation, it would be like four step difference between those. So through one quick rotation and measuring, he could determine the first number, which now is only down to two numbers. They're able to shrink the time so on so forth and got it down to, I think just over an hour. He goes, "So how do you do that in a 45-minute talk?" "Is luck." But it took about 35 minutes. Okay. These little kits allow you to do a lot of things like that, 3D printing, allow you to do a lot of things like that. All right. So, if I was to make a safe, I'd do maybe two-digit number, larger dial more numbers. Don't make the real slot and the fake ones different sizes. In the past, it didn't matter. Now, prior super-duper safe cracker could get it, but things like that. Other ideas are all off start getting into the password stuff which- you want to do that? You guys are too quiet. [inaudible] home save it's like what's the value, right? Well, if I break into your nest and figure out that you're gone for eight hours to take an hour in your basement why that thing spins away, what's the value? I don't know. It's just a bunch of pictures in there. It could be. I don't know. But the gun safe pry doesn't have pictures in it. It's true. But he has to get in first to know it's [inaudible]? Yeah. Okay. So it's a little itty bitty safe. But then there could be gold bars in there. There could be gold bars in there. Unless, I get one of those little cameras and I put it on my dog's collar so I can see my dog is doing during the day when I'm at work. If anyone hacks into it, they can see everything in my house. There's the intended use and then there's what other people will do with it. That's another thing a lot of people don't think along. I'm designing this for this for I can use it for other things. I will never put a webcam near my house. I think I already mentioned to you guys I never put an Alexa. I don't want any electronic device listening to me 24/7 because of the unintended consequences of access to that stream of data. Yeah. We're going to do it. So headline about a month ago, Alexa called the police because of a domestic violence incident in the house. It was able to detect that. We all go, "Hey, that sounds great." What else is it picking up on and going to report to somebody else? When does that change? It's like, okay, we trust our government but at a certain point in time if they determine that they don't like you, whether that's because you're conservative or an ultra-conservative a liberal an ultra-liberal, a particular race, a particular sex, any of that stuff, can they use that? It's pretty much assumed right now that the government is recording everything on an app. Everything. Phone calls, texts, tweets, Instagrams, Snapchats, everything. Oh, and if it comes with security, they've either broken the security so they get it anyways, or if it's difficult to do a general break and they think that you're a terrorist communicating with someone else through an encrypted app, they will break it on your device only. That's a lot of Snowden's material was these are all the programs the government has something where they convinced people to put backdoors in. Other things they just figured out how to break them. Let's see. You buy that thing from Amazon. Conveniently, it gets dropped off at the CIA house where they put malware on it and then ship it to you. Yeah, that's happened. No, you can't do that with everyone, you can target people. They have a little bit of access to everything not everyone does have all that access. I don't have clue how they- That's a man-in-the-middle attack right there. That's a difficult one. Yes. I believe that with Cisco routers were interrupted in shipping routes. So at delivery they're were interrupted at the warehouse where it was discovered that the CIA was putting backdoors in the firmware. Did the CIA have to intercept it or did they convince Cisco to put a back door in? [inaudible] Yeah, yeah. So there was Seagate, I don't know if this has proprietary information but I don't work there anymore. Seagate, all their manufacturing is done in China or almost all of it. The hard drives being shipped to Taiwan, which they kind of don't get along, had malware in the firmware. They would send back certain information. Seagate didn't add that, someone got paid to do it. Now, remember sometimes the security's only as good as the least amount of money someone will take who has that information. So Dropbox. Anyone use Dropbox? Google Drive, all this other stuff, is it encrypted on your device or is it encrypted on their device. Where does the encryption get down on Dropbox? Centrally, in the probe. So the communication link is encrypted, that encrypts the internet. It gets to their servers, it gets decrypted, and then encrypted to be stored on the device. The security is about as good as what you get with a Linux system. Any admin can access anything on there. Do you care? A lot of email companies have given up on this recently but all that free email, you don't have to pay for the email service that used to scan everything. They know what you're talking about because those ads on the side are targeted. Make more money that way. Yes. Also the not classify spam could also do the same. Yeah. Yeah. So, there are companies that operate like Dropbox except it does the encryption on your machine. So their admin can't access it. They are very clear. If you use that and you forget your password, you're toast.
