Podcast Summary
Hacking for Fun and Ethical Purposes: Traveling on a budget is possible with creativity. This episode of Darknet Diaries shows the dual nature of hacking: it can be both ethical and unethical, with Alex sharing their experiences as a professional hacker.
Traveling can be expensive but with some creativity, one can have fun on a limited budget. In this episode of Darknet Diaries, Alex, a hacker, discusses how they were asked to hack Tony Abbott, the former prime minister of Australia, just for fun. Alex also has a blog where they document different things they have hacked, including once when they got permission from a friend to hack into their stuff. By profession, Alex works on the red team, committing cyber crimes, but instead of selling data on the dark web, they show how they did it. This episode shows that hacking can be used for both ethical and unethical purposes.
Why sharing boarding pass on social media is risky?: Don't post your boarding pass online as it contains personal information that can be used for identity fraud or burglary. Stay alert and protect yourself from malicious activities and potential risks.
Posting pictures of boarding pass on social media platforms like Instagram can be dangerous because the bar code on the pass contains significant flight-related information, including booking reference number, which can be exploited by hackers for identity fraud. Despite airlines not emphasizing the secrecy of boarding passes and booking references, people should be cautious while sharing them online to avoid falling prey to malicious activities. Posting such information online can also invite robbers to break into one's home, knowing that the person is away on holiday. It is essential to understand the potential misuse of such information and take necessary precautions to keep it secure.
Airlines' negligence towards passenger data security: Airlines must prioritize passenger data security and educate them on keeping personal information confidential. Using only the booking reference and last name for login is not secure, and airlines should take necessary measures to safeguard sensitive information.
Airlines print your booking reference on your boarding pass, which can be used as your login ID on their website's Manage Booking page. However, this is not being treated as sensitive information, as airlines are not advising passengers to keep it secret. Logging into the page with just the booking reference and last name is not really hacking, but rather security through obscurity. Although Alex was able to log into Tony Abbott's Qantas account, there wasn't any sensitive information or privacy problem found except for his frequent flyer number. Airlines should be more cautious regarding the security and privacy concerns of their passengers and educate them on keeping personal information secret.
Viewing a website's page source using 'Inspect' is legal and can reveal hidden information including sensitive data.: Be cautious when sharing boarding passes online as they can contain personally identifiable information that may pose privacy risks if exposed.
Viewing page source of a website using the 'Inspect' option is not illegal and anyone can do it. Though it is not an elite hacking skill and is primarily used by programmers to understand websites' HTML, it can help uncover hidden information not visible in the browser. For instance, JSON data is frequently hidden in website source code and reveals sensitive personal data like passport number and birth date that should not be disclosed publically as it poses a privacy risk. Hence, be mindful of such information when sharing boarding passes online as this might be exploited for malicious purposes.
Protecting Private Information on Social Media: Avoid posting boarding passes on social media as it can reveal private information. Understand the legal nuances before taking any action, notify authorities in case of breach and work towards fixing it. Be cautious and considerate while handling private information on social media.
Posting boarding passes on social media is not advisable as it reveals private information. Accessing such information without authorization may be construed as a crime, hence taking legal advice before publishing it is crucial. Although legislation is written in a complex jargon, it is important to understand the legal nuances before taking any action. Alex's research helped in understanding the legality of accessing passport numbers and the consequences of publishing factual information. It is wise to notify the concerned authority in case of any breach and work towards fixing it. Therefore, it is important to be cautious and considerate while handling private information on social media.
Reporting Security Problems Responsibly and Seeking Legal Advice: When it comes to reporting security problems, it is essential to act responsibly and seek legal advice before interpreting the law. Motives matter, and it's crucial to ensure authorities are informed appropriately to avoid any legal repercussions.
Interpreting the law is tricky. Reporting a security problem should be done responsibly. Motives matter when it comes to legality. ASD is the Australian equivalent of NSA, where people go to for stuff like this. ASD assigned a security rating called Security Level Sensitive to the e-mail which had information about the former prime minister's passport number. Calling the former prime minister and hacking his boarding pass isn't the right way, being responsible and reporting it to the authorities is. It's always better to seek legal advice before interpreting the law. Making sure that security would be addressing something with the former prime minister was the right thing to do.
Alex's Journey to Reporting a Vulnerability and Publishing a Story: Reporting vulnerabilities can help improve website security, and anyone can be a victim of cybercrime. Seek permission before publishing sensitive information and use available resources to find the right contact person.
Alex discovered a vulnerability on the Qantas website and reported it to the security team. Alex also wanted to publish the story on their blog, and to get permission for the same. Alex faced difficulty in finding the right person to seek permission from, but with the help of a journalist friend, Alex found the contact details of former ministers of Tony Abbott. Alex called the current prime minister's office to inquire about Tony Abbott's contact details. Alex was able to contact Tony Abbott's office and obtain permission to publish the story, with Tony Abbott's name attached to it. Alex's motivation to publish the story was to highlight the ease with which anyone can become a victim of cybercrime.
How Persistence and Resourcefulness led to a significant outcome: Determination, patience, and resourcefulness are crucial traits that can help achieve objectives and create opportunities. Sharing knowledge and being open to feedback can lead to unexpected opportunities.
Persistence and resourcefulness can lead to significant outcomes. Alex's determination aided in highlighting the security issue in Tony Abbott's boarding pass on Instagram, which eventually resulted in Abbott receiving a new passport number. Alex's passion for IT and willingness to share knowledge led to a half-hour conversation with Tony Abbott, where he sought advice on learning about IT. Additionally, Alex's eagerness to post about the situation allowed Abbott's personal assistant to review the post and make suggestions. Despite initial setbacks, Alex was able to achieve their objective through determination, patience, and resourcefulness.
Pushing Buttons: A Path to Tech Proficiency: Fearless curiosity in exploring technology by pushing buttons and learning from mistakes can lead to success in the tech industry, but must be balanced with caution and respect to prevent harm.
Fearlessly pushing buttons and learning from mistakes is a great way to become proficient with technology. The innate curiosity to see what buttons do is a useful trait, and even bad experiences like data loss can provide valuable lessons. Additionally, attending events like Defcon and interacting with others in the tech community can also be beneficial in gaining knowledge. Pushing buttons and figuring out how things work can ultimately lead to success in the tech industry. However, it is also important to understand the importance of respecting technology and being careful not to accidentally cause harm or data loss. The blog post about the dangers of posting boarding pass pictures was a successful lesson for many in the tech industry.
How TProphet Travelled The World For Free: By using credit card points and optimizing rewards programs, you can save money and travel the world without breaking the bank. Follow TProphet's advanced travel hacks and turn points into tickets.
TProphet has found a way to travel the world for free or at minimal cost by using points to book flights through credit cards. He banks on the points given by the banks and saves a considerable amount. Being an extreme couponer, he has applied the same approach to traveling, which enabled him to fulfill his goal of visiting 100 countries on all seven continents. By using the hacker's perspective, TProphet's travel blog, seat31B.com offers more advanced travel hacks that go beyond amateur-level tips, giving readers ideas to save money while traveling. Points banks can be turned into tickets that are worth way more than paid for, and airlines offer points or frequent-flyer miles as a marketing strategy.
How to Travel to St. Helena on a Budget: Upgrading to first class may offer luxury, but flying business class can still provide comfort and affordability. Use airline mileage points to save on pricey flights and enjoy nice amenities in any cabin class.
Traveling to St. Helena requires a flight to Walvis Bay, Namibia which is around four and a half hours away. Upgrading to first class offers luxury items and access to exclusive lounges that cater to the elite, but it's expensive. TProphet took a personal lie-flat suite from Seattle to San Francisco, then another first class to Hong Kong. From there, he flew business class to Johannesburg as it's the only cabin available. A typical person would pay roughly $11,000 for the flight from Hong Kong to Johannesburg. However, TProphet used 70,000 Alaska Airline Mileage Plan points and paid around $22. First class seats provide more luxury items, but both cabins offer lie-flat seats and pretty nice food.
Maximizing rewards through credit card sign-ups and strategic planning.: Signing up for airline and business credit cards, along with strategic planning, can lead to low-cost luxury flights through redeeming points and accessing airline partners not available with regular points.
One can get a large amount of Alaska Airline bonus miles by signing up for their credit cards, after which all expenses can be put on the card to earn one mile per dollar spent. One can also get additional points on signing up for Bank of America business card and meeting the minimal spend requirement. With good credit and strategic planning, it is possible to redeem these points for luxury flights at very low taxes and fees. For instance, the interviewee used his points and extreme couponing to fly to Johannesburg for just $22.00 in taxes. Additionally, using Chase points through their Expedia portal can get access to flights with airline partners like Airlink not available with regular points.
Tips for Earning First-Class Flights with Credit Cards: Signing up for credit cards to earn points for first-class flights requires strategic planning, attention to annual fees, and booking almost a year in advance due to limited availability. It's not for those with debt.
Earning points for first-class flights through credit card sign-ups is not an easy task as one has to find availability, know the booking process, search on different airline websites and call agents to book flights. One needs to be strategic about signing up for credit cards and pay attention to the annual fees. These first-class services are not meant for everyone and require a considerable amount of effort and planning. Booking has to be done almost a year in advance, as Cathay Pacific releases only a handful of seats. Additionally, the game of earning points isn't for those who already have debt, as one may end up paying more in interest to the bank than saving through the flights.
Maximizing Credit Card Points for International Flights: Use credit card points for premium cabin international flights and calculate the value per point. Researching and booking flights can lead to significant savings, but prioritize personal priorities and bandwidth.
To get the most value out of credit card points, it is important to use them to book premium cabin international flights instead of regular class tickets for domestic travel. When redeeming points, it is also important to calculate the value per point and use them on more expensive flights for a better value. Understanding all the options available and being willing to put in the effort to research and book flights can lead to significant savings and even free flights. However, it is also valid to prioritize convenience and use websites like Hipmunk to quickly find the cheapest flight. The key is to find an approach that works for individual priorities and bandwidth.
How to travel like a VIP without breaking the bank: Hiring a professional travel hacker can assist in redeeming travel points for extravagant first-class flights with exclusive VIP services, including free amenities like food buffets, drinks, massage chairs, and high-speed WiFi.
Professional travel hackers can help you redeem travel points and miles to book extravagant trips on first class flights with exclusive VIP services such as fancy lounges, turndown services, and expedited security. TProphet's company, Award.Cat, is one such example. These services are especially useful if you do not want to learn the whole process on your own. The first class lounges have all the amenities for free, including high-speed WiFi, food buffets, free drinks, and even massage chairs. However, these trips may have their own issues, such as battery drain. Regardless, travel hacking can help you travel luxuriously without breaking the bank.
How to have a good trip despite a terrorist attack using airline points.: Planning ahead and using airline points can provide more flight options to your destination and save you money, even in the face of unexpected events.
Even in the face of a terrible terrorist attack, one can still have a good trip if they know how to navigate the airline points system, plan ahead, and stay flexible. The speaker used his knowledge of British Airways Avios program to book a flight on SriLankan Airlines to the Seychelles and was able to get out of Sri Lanka after the attacks. He also planned ahead and booked his return trip on Qatar Qsuites. Planning your trip far in advance and using airline points programs can save you money and provide more options for flights to your destination.
Tips for Luxurious Travel on a Budget: You can enjoy personal living space, mood lighting, and more on a budget with Qsuite flights. Use points, check Award.Cat, and visit seath31B.com for more tips on traveling like a pro.
TProphet shares tips on how to travel luxuriously for less. He talks about Qsuite flights that offer personal living space, mood lighting, fully lie-flat beds and multiple TV screens. He also shares how he was able to arrange his flight back using just points and how he managed a 14-hour layover at Qatar by paying around $70 to spend the night in the first-class lounge with little hotel rooms and fancy breakfast. TProphet recommends checking Award.Cat, their paid service, and seath31B.com to know more about how to travel on a budget like a pro.
Legal and Illegal Methods to Get Free Flights: Be aware of legal and ethical implications when trying to save money on flights. Pay credit card bills on time to earn points, participate in legal bug bounty rewards, but avoid misusing corporate discounts, refundable tickets, and hacking portals.
There are legal and illegal ways of getting free flights. TProphet follows the letter and spirit of the rules to visit 100 countries. However, some hackers misuse corporate discounts, book refundable tickets, and steal points by hacking airlines or credit card rewards portals. These gray and black hat methods are illegal and airlines can cancel the return trip if caught. Credit card points can be earned by paying off credit card bills on time. United airlines offer legal bug bounty rewards in the form of points for finding vulnerabilities in their systems. Always be aware of the legal and ethical implications of the advice you follow to save money on flights.