Social Engineering Blogs

An Aggregator for Blogs About Social Engineering and Related Fields

Byron (and influence through the media)

If you’re following the Toronto news today, one of the main stories out there is about a former team member of mine, Byron Sonne. The news coverage (CNN, Yahoo) paints Byron to be one step this side of Timothy McVeigh… explosives, threatening police, etc.

And that doesn’t even mention that the picture that they’re using makes him look that way.  (As an aside: in my 11th grade journalism class, we spent a lot of time talking about how pictures frame the news story that you’re reading.  Before you ever even start the Globe and Mail coverage of this story, you’re greeted with a blurry, grainy picture of Byron looking like he’s about to blow up a building.   Regardless of whether the facts  support the charge, our minds are primed with all of the times that we’ve seen a terrifying looking psychopath looking very similarly to this picture… and we read the story with that bent.)

Unfortunately, the reality seems a little less glamorous. If you read Byron’s Twitter account, you’ll find that Byron was being little more than the opinionated activist that he is. “An agent provocateur”, as someone told The Star. He talked about investigating the fences and posted video of the fences. He talked about how the cameras were being set up in locations that were likely to be used by activists. And he was pointing out that the amount of money spent on “security” for this conference was a little out of range.

One of the things that Byron has been most pilloried for in the news was the talk he gave a few months back on radio surveillance (a decent account can be found here).

Amazingly, Byron even posted the slides to that supposedly “provocative” talk on his Twitter feed. (I’ve put the same slides here for the BitTorrent challenged). Read them… there’s nothing in there that suggests anything but a security professional talking about insecure radio transmission.

Let’s give a different picture of the guy that used to work for me. Byron’s a very smart and well-rounded engineer. While he wasn’t the top producer on the team, he was someone who I valued a great deal from a management perspective. He was vocal and would push others to come to the table with their best (even when he wasn’t up to their level). He was the member of the team most willing to call out others in a meeting. It wasn’t just internal… he was even willing to call out a vendor in a blog post. (Note that since I wrote this, nCircle took

Influence and Failing Kindergarten

Had a great chat with my friend Drawk Kwast recently that he recorded for his list of users (which was an honor given the people he usually interviews). As expected, we rambled all over the map and talked about a million different topics around influence, living an adventurous and successful life, and always being willing to have fun and do the things that most people won’t do.

The thought that stuck out to both of us during the chat was the idea that we’d fail kindergarten if we were subjected to another year – that the things that has made each of us successful to this point would have caused utter failure in the current school system. We both have a nearly chronic inability to follow the rules, stay in single-file lines, refrain from asking “why?” about a million times too often and ensure that we always make the sky blue when we color.

As Drawk said: “we’d in the corner eating the paste.”

I realized later that I should have corrected him… so I will now… “we’d be in the corner figuring out how to take the paste, turn it in to some crazy 5-star dish involving liquid nitrogen and debating about how to market a nationwide line of “frozen paste” shops.“.

It’s a trait that a lot of my friends seem to share.

The MP3 is worth a listen – Drawk had some great stories on there and I talked about random stuff that some people might find interesting.

(Aside: if you haven’t picked up Drawk’s “Domination Basics” ebook, you need to – it’s free and one of the better reads of the last year. The last person who I convinced to read it immediately sent me the message that “OMG! Drawk Kwast is the UberMan!!!!”. All I can say is that you should read it yourself and find out what all the exclamation points are all about.)


Return-to-Barry-White Human Exploitation

Spent a weekend in early October hanging out with Tom and Kim at their rapport and anchoring bootcamp.  And I was talking in email with my friend Cris Neckar afterward where we were talking about the large number of pre-existing anchors that exist within someone’s already vast consciousness.

Cris’s comment was that using pre-existing material for anchors is “sort of like exploiting around DEP” – basically, the idea of a “Return-to-libc” exploit.  You have pre-existing functions that perform the task that you’re hoping to do.

This reminded me of something that Tom did to me during the weekend.  Tom walked up to me this weekend and said:

“So, you’re a hypnotist right?  You’ve been in trance before, you know what that feels like, don’t you?” And, as soon as I think about it (which I have to do to understand his question), he achors it.

Tom then proceeded to spend the rest of the weekend enjoying firing off the trance anchor at opportune times.

So, in our email conversation, Cris and I were talking about some good elicitations to anchor that many people would already have:

“Hey… remember that scene from Say Anything where John Cusack was standing outside with the boom-box on his head?  How romantic was that?  What was the most romantic movie scene you remember… one that just made your heart melt?”

Or: “As you wish” (for anyone who has seen the Princess Bride).

Or: “What’s the song that gets you most in the mood?”

In other words, the “Return-to-Barry-White” exploit. 

Note: I’m well aware that this isn’t at all new.  Neither’s ret2libc, really.  But it’s a great example that hopefully drives some new ideas and new thinking.