India's Most Famous French Hacker Speaks

Brut India

The long-mysterious ethical hacker Elliot Alderson spoke to Brut about why he's always testing Indian apps for weaknesses, all the way from France.

Transcript

00:00When you know that the personal data of millions of people are vulnerable, it's like a duty.

00:27Especially in a governmental application.

00:30I have a lot of Indian followers on Twitter and I'm trying to stay updated on the latest Indian news.

00:58All the social networks started to talk about this new application, this Twitter alternative.

01:05And everyone was asking to me, OK, can you test this application and see if something is wrong with that?

01:28It's not a big secret, but it's still personal information.

01:40Everyone is free and I don't have any issue with that.

01:43If you think this is the issue and raising is fine for you, but maybe it's not an issue for other people.

01:52And the funny thing is, when these kind of people are doing this kind of feedback, the company always fixes the issue.

02:02So if it doesn't matter for them, it matters for the company.

02:07When you know that the personal data of millions of people are vulnerable, it's like a duty.

02:28You have the duty to say something and to make them fix.

02:33My story with India started with the official Adar mobile application.

02:39This application was just a total nightmare in terms of security, so I tweeted about it.

02:58When you lost the power on your data, you don't know how your data has been exploited.

03:06Typically, with very few personal data, we can create a profile of yourself, find what you love, find all your relationships.

03:21I can target you with specific news, with specific content on the internet.

03:28I can try to sell you specific things.

03:31And your life will be totally different because I will have an automatic way to profile you and to target you.

03:51I can target you with specific news, specific content on the internet.

03:57I can try to sell you specific things.

04:01And your life will be totally different because I will have an automatic way to profile you and to target you.

04:09I can target you with specific news, specific content on the internet.

04:17I saw someone subscribe my email to a lot of newsletters.

04:22I received hundreds and hundreds of emails at the same time.

04:28This is a very small attack and it doesn't really matter.

04:32A lot of people tried to reset my password on Twitter.

04:36My bank account had been attacked once, but it was okay.

04:42Someone went to my home once also.

04:47It was a good protection to be public and to be in the press and say,

05:01okay, I'm not hiding, I have nothing to hide and I'm really here for good things and to make positive things.

05:09It's good to have a public face to the hacking world and to the hacker stereotype.

05:16A hacker is a normal person.

05:19If you want to raise awareness on one topic, you need to be public.

05:24It's super complicated to be anonymous and to say to people,

05:28okay, cybersecurity is important, blah, blah, blah.

05:31They want to have a face.

05:33I mean, this is human nature.

05:37When you have a pop-up on the website, read what you have in the pop-up.

05:45You don't have to accept everything.

05:48In general, you can deny the privacy policy pop-up and the website will work.

05:55So it's fine, decline it.

05:57It's not because a website is asking you something that you have to tell the truth.

06:03If a website is asking you your name, your address, and in reality the service doesn't need your address,

06:10you don't have to give it to them.

06:14So just write something random and it will be okay.

06:27Hacking something is trying to understand how a system is working.

06:31You want to find the limitation, abuse the system in order to find another use of the system.

06:38As an ethical hacker, you want to find this limitation, to find the ways to abuse the system

06:47and to disclose that to the owner of the system.

06:50I think my hacking journey started by trying to understand how watches were working.

06:58I was 12 years old and I received a lot of watches in newspapers or this kind of magazine.

07:06All the time I was trying to understand how this watch was working

07:13and I decided to dismantle everything.

07:20For me, being a hacker is not a computer thing at all.

07:24Hacking is really... you have another view of the world.

Category

Transcript

Recommended