472 lines
34 KiB
Plaintext
472 lines
34 KiB
Plaintext
|
Episode: 1424
|
||
|
|
Title: HPR1424: ohmroep hpr live mini, 03-08-2013, Censorship and Hacking in the Netherlands
|
||
|
|
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr1424/hpr1424.mp3
|
||
|
|
Transcribed: 2025-10-18 02:08:37
|
||
|
|
|
||
|
|
---
|
||
|
|
|
||
|
|
NIDO has arrived. NIDO is going to be making this podcast even more interesting
|
||
|
|
because NIDO is on the early morning radio show making a mini edition of
|
||
|
|
HECK public radio at 5 p.m. or maybe half past four. That would be even better.
|
||
|
|
How many version of the HPR for your talk edition? Yes indeed. So that's a good plan.
|
||
|
|
Yes, hello. Welcome here to the early morning edition. Hello and welcome here to the early morning
|
||
|
|
edition to HECKR public radio live at home 2013. I'm here. I'm NIDO media and I'm here with
|
||
|
|
Brenno the winter. Hello. You are here on the event as a volunteer. You're also here
|
||
|
|
on the event as one of the core organizers. You're even one of the press relations
|
||
|
|
here just as I am with the HECK public radio. But the reason why I wanted to talk to
|
||
|
|
you for a moment is because you also are one of the speakers here. Yeah, it's just
|
||
|
|
just pick a wristband and at the moment you're even the police force of four
|
||
|
|
years ago and you're here for just one day. But let's forget that for a moment.
|
||
|
|
Let's talk a bit about your talk which you had last Friday, right? Yes indeed.
|
||
|
|
Last Friday I spoke about censorship in the Netherlands and things that the
|
||
|
|
Dutch system will do to you at the moment when you are basically expressing
|
||
|
|
yourself in a way that the Dutch government just doesn't like. If you're critical or
|
||
|
|
if you showed shortcomings, they will come after you. Shortcomings? For instance,
|
||
|
|
take a journalist like Alberto Steigmann. He is an investigative journalist and he got
|
||
|
|
prosecuted for showing that the Dutch airport Schiphol is very unsafe and he
|
||
|
|
could get access to the plane of the Queen instead of saying thank you or the way of
|
||
|
|
saying thank you was he got prosecuted and there was an appeal. He was acquitted.
|
||
|
|
Then they took a tiny little detail of the case to the Supreme Court for more
|
||
|
|
clarification and that tiny part of the case has to be redone now in appeal.
|
||
|
|
Now this all happened in 2007. So just imagine how long he is down the road with this
|
||
|
|
whole story and how much money it will cost you in lawyer fees etc. Basically for
|
||
|
|
nothing more than showing that the international airport Schiphol is not a safe
|
||
|
|
airport. It's very interesting. I've heard about this case from if I'm
|
||
|
|
mistaken please correct me but from what I heard what he basically what he did
|
||
|
|
was he walked up to the he found out through various means mostly the
|
||
|
|
internet where the plane was located and then he basically just walked there
|
||
|
|
put his hand on it, made a picture and walked away. Well he filmed there
|
||
|
|
actually he had actually hit a camera there and the thing he got onto the
|
||
|
|
airport with a fake badge fake ID card belonging to the airport I believe to
|
||
|
|
KLM and basically nothing was checked so when his colleague was driving
|
||
|
|
with the fake KLM card which was not his he was in the back of the car in the
|
||
|
|
trunk and they didn't bother to check and he found it out by consistent
|
||
|
|
observation of the airport and how they didn't do their job with all the
|
||
|
|
observations nobody bothered to to come to him so the airport here was at
|
||
|
|
fault and and where we have to you know go through these draconian measures he
|
||
|
|
just got into the airport and then he got prosecuted ultimately yes I got
|
||
|
|
prosecuted myself for showing that the Dutch transportation card wasn't safe
|
||
|
|
for four years I've been doing research writing many articles many articles
|
||
|
|
also that the Dutch state was lied to by the company that built this
|
||
|
|
card and they made all sorts of promises when they turned out that card could
|
||
|
|
be hacked they made all sorts of promises and they were all lies they were simply
|
||
|
|
not true and I showed that and when I did that at that point basically I was
|
||
|
|
told to come to the police and was facing six years in prison for me as a
|
||
|
|
journalist do all my work so yes what did they charge you with after my
|
||
|
|
ask they charged me with hacking and they charged me with having tools to
|
||
|
|
hack and they charged me with manipulating a value card ultimately to my
|
||
|
|
aid came the European Court of Human Rights because they had early
|
||
|
|
verdicts that forbid the state to prosecute a journalist under certain
|
||
|
|
conditions and then and the certain conditions and then basically that
|
||
|
|
that that was the end of the case so I never had had to go to court but a
|
||
|
|
statement did a hank call a digital illiterate person who is member of parliament
|
||
|
|
that is also a journalist showed that a medical system was failing and it was
|
||
|
|
showing medical information and it was only protected with five numbers and
|
||
|
|
the password were the same five numbers and then the the public prosecutor
|
||
|
|
called that top-notch security so five number pin card is a top-notch
|
||
|
|
security system in the Netherlands now for the this the public prosecutors
|
||
|
|
officer apparently it is and they thought that that there was not a reason to
|
||
|
|
hack the system and the court disagreed but he hacked the system twice to show
|
||
|
|
to a television system and he was convicted for the second hack not the first
|
||
|
|
hack but for for the second hack so the time when he went to the to the
|
||
|
|
to the broadcasting stations and he said like I can do this and it works like
|
||
|
|
that and then when they had a camera on it you should have gotten the camera
|
||
|
|
in the first place so it it's a strange case and there was room for a
|
||
|
|
bill definitely he was clumsy but my point is why would you bother to go after
|
||
|
|
him why would you do that it's just not it is not just not relevant enough
|
||
|
|
it's a good question I'm afraid I can't really give you an answer which
|
||
|
|
which would satisfy which would satisfy you in that regard no and and it
|
||
|
|
sends the signal that if you find a book in a system and you go public or you
|
||
|
|
approach somebody that the public prosecutor will say thank you by ruining
|
||
|
|
your life if you are convicted in the Netherlands you will not be able to
|
||
|
|
do a lot of jobs you need a certain declaration of no obstruction and
|
||
|
|
a criminal conviction would definitely be one of those assumptions so you
|
||
|
|
ruin a lot of people's lives and especially if you look at hackers many of
|
||
|
|
them are young people they make little mistakes they they are sometimes
|
||
|
|
little bit too wild and when you go with the full force of the of the government
|
||
|
|
and I I stopped calling government government but state then basically
|
||
|
|
you you send out a wrong signal don't talk about this this is and it to me it
|
||
|
|
freedom of speech showing something that is not correct is part of freedom
|
||
|
|
of speech and I'm not the only one with this opinion also the international
|
||
|
|
court of human or the the European court of human rights and sides with that
|
||
|
|
vision so it's it's strange not not to not to let these youngsters do their
|
||
|
|
thing and applaud it you know and even if they make small mistakes be a little
|
||
|
|
bit more forgiving you know they they do it in good faith in good intentions
|
||
|
|
don't be don't be too negative about it that that's one of the things that
|
||
|
|
I said and the other thing is they did try to make a process called responsible
|
||
|
|
disclosure and responsible responsible disclosure and I believe you have
|
||
|
|
talked about this on other app sorry you thought about this talked about
|
||
|
|
this in other episodes and yes yeah we there's probably an episode
|
||
|
|
or it or I will make sure there will be one on the later time responsible
|
||
|
|
disclosure basically means that you can go to a company or to an organization
|
||
|
|
say like okay this and this is your problem this and this is how I found it
|
||
|
|
out and they may agree not to press charges against you that's basically
|
||
|
|
what about the document states and then they give some guidelines where what
|
||
|
|
you you should be looking at and one of the things is you cannot try
|
||
|
|
something multiple times one of the other things you cannot do is social
|
||
|
|
engineering or brute force attacking and the strange thing is that those
|
||
|
|
technologies are really or techniques more are really needed to to
|
||
|
|
basically you know show that there's something wrong they are the basic forms
|
||
|
|
of attack most of the times and brute force attack that's that's that is the
|
||
|
|
reason why everybody's telling you don't you short passwords because hacker
|
||
|
|
or a cracker somebody who wants to get into your account well he can just try
|
||
|
|
it a million times it doesn't matter to him he has the resources and he just
|
||
|
|
needs to wait until he has guessed right password and that's the way you can
|
||
|
|
get it that's and that's one of the biggest problems within security of
|
||
|
|
course there are systems which are which are hardened against such kinds
|
||
|
|
of tax there are techniques you can do to protect against those kinds of
|
||
|
|
attack factors but I must agree with you they're seldom in use.
|
||
|
|
Now come to come to the worst part of this document it is totally
|
||
|
|
voluntarily so there's no guarantee that things in practice will work this
|
||
|
|
way and even if a company says all stick to the responsible disclosure agreement
|
||
|
|
the justice department may still come after you so you might still end up in
|
||
|
|
prison even if you show a data leak and it's not me saying this the public
|
||
|
|
prosecutor rushed to Twitter to announce that so it's been announced that
|
||
|
|
that they will come after the good willing hacker and they need to do so
|
||
|
|
because there are statistics on how they fight cybercrime and not really
|
||
|
|
that good and in major cases you see them feel so that's my Facebook and
|
||
|
|
hopefully it's a response of one of the speakers that we want to talk to
|
||
|
|
later on but let's stick to the radio and like what that okay no no problem
|
||
|
|
well to go back a bit what you mentioned earlier you yourself had hacked
|
||
|
|
the OV chip card and you told me you had a conviction or not a conviction
|
||
|
|
yeah they dropped a charge yes a charge but one of the charges was hacking
|
||
|
|
can you tell me what a charge of hacking means in the Netherlands because we had
|
||
|
|
a few weeks ago on the hyper public radio we had a discussion about what
|
||
|
|
actually is hacking and we were therefore I believe two hours and we agreed
|
||
|
|
that we can't really give you a definition which counts for hacking in general
|
||
|
|
but we can only could only get something which counted for the for the
|
||
|
|
for the heck public radio group so we're not even we're not even we're not
|
||
|
|
we're not even sure of what hacking means within the community at large
|
||
|
|
what's the charge of hacking mean it's manipulating and system in the
|
||
|
|
way it was not intended to basically and the system is anything that basically
|
||
|
|
has a microcontroller in it at this point they want to make it even broader
|
||
|
|
so that's that's the creepy part they want to even go further than this
|
||
|
|
but so far it's it's basically anything so for instance let me give you an example
|
||
|
|
please if you read the the the the text of the law well and you take a
|
||
|
|
cell phone you're filming on the street policeman comes by and this happens
|
||
|
|
sometimes in the Netherlands and policeman picks up your phone stops the
|
||
|
|
filming and the leads the the the filming that would be hacking already
|
||
|
|
because he's manipulating the virus in a way that I didn't want him to do
|
||
|
|
that so you would be the one who was hacking in that particular case the
|
||
|
|
the policeman would be hacking okay okay since you brought in the policeman I was
|
||
|
|
just making sure how extreme the Dutch law is it's it's people think of the
|
||
|
|
Netherlands as a pretty liberal nation and I tend to disagree with them it's
|
||
|
|
it's it's a very broad definition so basically with anything with a
|
||
|
|
microprocessor if somebody showers I don't want that that would be hacking
|
||
|
|
and I want times and one time had somebody who wanted to pick myself
|
||
|
|
when they discovered I was filming something they shouldn't be doing and then
|
||
|
|
when he he grabbed my phone that will be theft with violence that will be good
|
||
|
|
up to 12 years in prison by the way but let's not talk about that and he his
|
||
|
|
finger went to the camera and I said to him if you are going to touch this
|
||
|
|
camera I will press charges because you're hacking then and the guy got so
|
||
|
|
afraid that he left the camera with a face up so every time when he was moving
|
||
|
|
over it you could see his face and I had perfect evidence of what he did and
|
||
|
|
he shouldn't have been though have been doing etc so that that that's pretty
|
||
|
|
funny so it's a very broad definition so you're easily violating this what I
|
||
|
|
did was basically manipulate the system where the card had the chip in it
|
||
|
|
mm-hmm
|
||
|
|
there's the over chip card let's let's go a bit into the over chip card what's
|
||
|
|
what's what's the deal with the over chip card we've done a bit about it but let's
|
||
|
|
let's just go well let's let's do this this the fast version what can you
|
||
|
|
do with the over chip card it's a public transportation card similar to the one
|
||
|
|
being used in London and basically the same as being used in
|
||
|
|
Boston a couple of years ago and I believe Bart in San Francisco uses the same
|
||
|
|
it's a myficulosic chip that has been cracked already in 2008
|
||
|
|
politicians were as usual techno optimists so totally in denial of the
|
||
|
|
problem but very very aggressive moving forward with the project and at a
|
||
|
|
certain point there was this hearing in parliament where a professor of
|
||
|
|
cybersecurity into sorry digital security said this is basically an open
|
||
|
|
wallet and then the politicians that invited him called him overly negative so
|
||
|
|
there you have it you know it's it's kind of strange and at that point I decided
|
||
|
|
there will be a day that I will be traveling on this this hacked card and I
|
||
|
|
did so in 2011 when there was already one criminal case of somebody who
|
||
|
|
did it and there was also software available for windows that made it very easy
|
||
|
|
to do so so what I started to do I hacked a transportation card
|
||
|
|
basically could you could you describe the process rather than say to I hacked
|
||
|
|
because it's very simple what I did was I bought a card I put five euros on it
|
||
|
|
legally and then basically you placed it on on a arvadeer sorry no I could
|
||
|
|
I could already my fair no yeah no it is already I'm getting tired here at oh my
|
||
|
|
guess and then you try the thing is with the card you have to authenticate
|
||
|
|
against the card so the card will tell you if you had the correct one the correct
|
||
|
|
code or not so not the card is authenticating again towards the system it is
|
||
|
|
the other way around so you can try indefinitely all combinations in
|
||
|
|
that's what what the system basically does and because of many flaws this
|
||
|
|
process doesn't take more than 45 minutes and then you get all keys that are
|
||
|
|
on this card it's a 4k card with I believe 20 keys and those are called
|
||
|
|
A keys and 20 B keys and the B keys are for writing and the A keys are
|
||
|
|
for reading and as every IT person knows that's a stupid difference because if
|
||
|
|
you want to write you have to be able to read yes so I found that out and then
|
||
|
|
I realized okay I only need half of the so the software was open source so with
|
||
|
|
a small adjustment that worked for me as well and then then at the
|
||
|
|
certain point I started basically traveling on it by changing the value on
|
||
|
|
the card and then I realized when I was doing that I don't want to change the
|
||
|
|
value if I'm in the train for instance I want the train conductor to believe
|
||
|
|
that I checked in yes because you need to check in and then maintain to check
|
||
|
|
out and then the system will calculate how much money you have to pay yes and
|
||
|
|
of course half of the time the polls don't work so you need to check in except
|
||
|
|
on so you need to go to the next station then you need to run out of the
|
||
|
|
train go all the way to the entrance of the station leave your card and then
|
||
|
|
go back and maybe if you're lucky then he says okay it's okay exactly it's
|
||
|
|
it's a hassle and so how did you fix that problem well I altered the state
|
||
|
|
of the card where I was not checking to I am checked in and if you are
|
||
|
|
checked in the train conductor won't look any further okay so it's basically
|
||
|
|
to buy me revalue I'm inside the system no no no it's more than a binary
|
||
|
|
value because you also have to add the train station at the
|
||
|
|
code and the time that you checked in well I made with friends I made a
|
||
|
|
little program to do so put it on the card and let the train conductor
|
||
|
|
have his way he thought that I checked in I knew I didn't so basically
|
||
|
|
that you have it and the whole system basically fell apart on that then
|
||
|
|
I went public with the story and I did it in two ways first I told
|
||
|
|
that I could change the value of money on the card and this was a big bang
|
||
|
|
this was opening of all the news everybody was talking about it I was in
|
||
|
|
Amsterdam got on a tram the tram conductor wouldn't let the tram drive before
|
||
|
|
he could check my hands to thank me this was people were crazy and there
|
||
|
|
was this emergency debate in parliament that would take place two weeks
|
||
|
|
later then the following morning I came like why would I check in if I can
|
||
|
|
check myself in and I show that on television and now the debate was moved
|
||
|
|
backwards to the day the day after so that was on Thursday and if
|
||
|
|
when anything was a debate of about the war in Afghanistan was moved
|
||
|
|
aside for this debate it they were dead nervous so they talked about it
|
||
|
|
they decided not to introduce the card and then later on they decided
|
||
|
|
okay we'll move ahead because the chance that people are up using it is
|
||
|
|
really slow now the interesting thing to know is that the card readers within
|
||
|
|
two days were sold out in the entire Western Europe hemisphere and parts
|
||
|
|
of the US so and then the politicians were like well we don't know if people
|
||
|
|
are abusing the flaws because the software was really out there you know I had
|
||
|
|
more advanced software because because of little changes that you made for
|
||
|
|
one part but in general you know if you were a little bit patient could
|
||
|
|
wait for 45 minutes then basically you have a correct card and the correct
|
||
|
|
card basically means you have control over how much much money is on the
|
||
|
|
card and whether you are checked in where you checked in and at what
|
||
|
|
time yes and one of the one of a friend of mine without telling me when he
|
||
|
|
realized that the debate had moved moved to the day after he was with
|
||
|
|
somebody in the pub and they said like okay they don't get the real issue
|
||
|
|
here this is the criminal business case where people can abuse it so what they
|
||
|
|
did they made a website called over chipcard discounted.nl and they
|
||
|
|
made a fake and phony web shop where you could order cards and then somebody
|
||
|
|
tweeted me hey Brenno have you seen this during the debate so I was like what the
|
||
|
|
fuck and I hadn't got the time and it was at the Sunport realize okay this is
|
||
|
|
fake so I wanted to tell this to a member of parliament that was standing by
|
||
|
|
me and he said like what what is this so I thought like okay it's a good
|
||
|
|
joke so I said like well this is the first web shop abusing the and he went
|
||
|
|
like I want to speak to the minister right now again and there was more
|
||
|
|
debate and then the eight o'clock news opened with it and 24 hours earlier
|
||
|
|
this whole website had never been thought of and now the joke was ready and it was
|
||
|
|
opening of the eight o'clock news so you you on one hand that showed the
|
||
|
|
tension on the other hand all of a sudden it made very explicit what the problem
|
||
|
|
is at hand but and what I was fighting but then politicians do what politicians
|
||
|
|
do so they start to be little the issue so at the Sunpoint to company behind
|
||
|
|
the card set like yeah but it's a very complex heck to execute and I was at
|
||
|
|
this television station and said like it bullshit you know even an old
|
||
|
|
an old person can do it without any computer experience you know if you're
|
||
|
|
digital a little bit you can do it so then the owner of this public and
|
||
|
|
network set well you know take a reporter show it so we went to an old
|
||
|
|
folks home find somebody who was very old didn't know jack shit about computers
|
||
|
|
and he hacked one of the cards and traveled on it so we showed it the game and
|
||
|
|
then we showed the book in the in the tele machines that where you can
|
||
|
|
charge the cards at the Dutch railway station and it would crash with a certain
|
||
|
|
setting a buffer overflow so I found the Dutch railway and at first I
|
||
|
|
wouldn't believe me again so I'm like okay I'll show you and then I just
|
||
|
|
shut down the entire train station of Utrecht Central so they had to restart
|
||
|
|
it and as soon as they restarted the machines again I would shut them
|
||
|
|
down again so sorry sorry we believe you now but of course it was very funny
|
||
|
|
imagery on television where you see people like totally so that drove the
|
||
|
|
point home and at that point an investigation was started it found out that
|
||
|
|
the company had more too much power in the system things should have been
|
||
|
|
done differently and basically it doesn't the project doesn't deliver what
|
||
|
|
it should deliver and it still doesn't deliver if I'm correct because we're
|
||
|
|
still using the same myfair cards which are still the heckable cards which are
|
||
|
|
still not well they are they even fix the stellar problem no they
|
||
|
|
they've introduced a new card now the the Infinian SLE 66 and that that
|
||
|
|
chip is is a Java Java cards now let's not go into that this
|
||
|
|
because they say they they basically now detect if somebody is brute
|
||
|
|
forcing and they they basically make the chip stop responding I'm still in
|
||
|
|
the process of finding out how they do it but they are now introducing an even
|
||
|
|
newer chip the SLE 77 and that can do a different kind of encryption and
|
||
|
|
over time they will switch over time so at the moment if I'm buying over
|
||
|
|
the chip card I will still have my post was that if they would have solved
|
||
|
|
it let's say overnight or as soon as possible that would cost more than
|
||
|
|
a hundred million euros and they are already somewhat over budget by 120
|
||
|
|
million euros so the project is more expensive than than thought of so it
|
||
|
|
failed you could you could argue you could argue that this is a
|
||
|
|
failed project yes but back to my lecture yes yes yes I'm sorry I just thought
|
||
|
|
it was a good example to walk into and to see what actually happened yeah
|
||
|
|
then the prosecutor comes after you I'm a freelance journalist so a lawyer
|
||
|
|
is very expensive for me and then the threat the threatening way of the
|
||
|
|
police coming after you it has a lot of impact so right now I understand very
|
||
|
|
well how nasty it is if the government is are is after you and this makes me
|
||
|
|
very emotional angry upset about what what we are doing to young youngsters that
|
||
|
|
are basically doing the right thing so and that that that's the whole that
|
||
|
|
and that is the essence of censorship that that somebody comes to you and
|
||
|
|
and basically makes you not right or do something even though you're doing
|
||
|
|
it in a right mind and now even the company that is behind the object card has
|
||
|
|
said to me that they regret it filing charges against me but that's a little
|
||
|
|
bit late and I mean apology accepted of course and and they they had
|
||
|
|
a lesson but it's very late in the process and the thing with the government
|
||
|
|
is it's a machine that is kind of uncontrollable so I rather talk about
|
||
|
|
state because then people remember that the state also has a nasty face they
|
||
|
|
can put people in prison they can hinder them in their endeavors they can
|
||
|
|
take away your children and they can they can do really nasty things and
|
||
|
|
sometimes it's very very complex beast to control let me give you an example
|
||
|
|
there was this 15 year old boy Hans Röder he found a floor in Habbo Hotel
|
||
|
|
Habbo Hotel is a website where you can game a little bit and children
|
||
|
|
come and they they for them it's fun I know I know the I know the I know
|
||
|
|
the website there says it's a it's a popular target for another group of
|
||
|
|
people who are doing stuff there which is not really that great but let's
|
||
|
|
continue with your example please yeah and the 15 year old found a book in
|
||
|
|
the administrative module so you can get the addresses and information of
|
||
|
|
little children very easily and these boys basically this boy basically
|
||
|
|
helped this company the company thanked him and the next thing that the
|
||
|
|
company did was like yeah we need a little bit of extra information so that
|
||
|
|
we can find them in the log files so that's what they did that what he did
|
||
|
|
he gave the information to the log file for to use in the log files and they
|
||
|
|
searched the information and then they then they pressed charges against him so
|
||
|
|
they were the company was evil now the public prosecutor said okay I'm not
|
||
|
|
going to prosecute this then the company took the public prosecutor to court
|
||
|
|
to force them to prosecute when they realized that they might lose all of
|
||
|
|
a sudden they retracted the case now this boy was it was 15 years old when
|
||
|
|
this happened and now he's 18 and now he's off the hook so for three years this
|
||
|
|
case has been a dark cloud over his head and basically for doing the right
|
||
|
|
thing I don't want to live in a country where we treat youngsters like this for
|
||
|
|
doing the right thing so again this is the the chilling effect of a state
|
||
|
|
doing nasty things so that so that is very nasty nasty and and and full of
|
||
|
|
misery yeah and you had you had a lot of the lot of examples of this
|
||
|
|
happening do you have a light at the end of the tunnel because I'm getting
|
||
|
|
really depressed here no I don't at this point that the thing is that that at
|
||
|
|
this point we're on the road where unless we start to wake up nothing will
|
||
|
|
change you can say like we have freedom of speech in the Netherlands but that's
|
||
|
|
in the constitution and we can't enforce the constitution in the Netherlands
|
||
|
|
there's no court to do so if you violate the constitution there is that's
|
||
|
|
not a crime in the Netherlands if you make a law that is contradicting the
|
||
|
|
constitution that is totally okay because as soon as a law comes into place
|
||
|
|
it is deemed to be in accordance with the constitution so we would need to
|
||
|
|
fix the constitution to have firm law or we need to have a public prosecutor
|
||
|
|
that dares to say I'm not going to prosecute that not a good idea yes okay I
|
||
|
|
have one other example of censorship that I really really want to talk
|
||
|
|
about and when your show is over my show begins I will call this boy and
|
||
|
|
bring him on the radio but there's this boy Ilya who stopped his study when he
|
||
|
|
was at 24 because his brother and little sister had been taken away by the
|
||
|
|
Dutch government child protection services took them I've read many documents
|
||
|
|
out of the case and seems to me that there is a mistake mate it's an honest
|
||
|
|
mistake probably but the thing that the model only speaks Russian seems to
|
||
|
|
be the biggest issue at the hand here and the boy filmed when the police came
|
||
|
|
and took the children out of house and went public with it and when you see
|
||
|
|
the when you see the imagery it is shocking it is really really shocking and
|
||
|
|
you hear children crying they you hear them say I want to go to mommy in
|
||
|
|
Dutch yes very important because that apparently means that the children do
|
||
|
|
speak Dutch and do you know I know yes indeed for showing this to the world he
|
||
|
|
was not allowed to see his brother and sister sister for months and he started
|
||
|
|
campaigning against what happened here he got a little bit of help of a couple
|
||
|
|
of journalists I'm one of them and the thing is the Dutch government just
|
||
|
|
doesn't say why this happened now this case has been ongoing for a year and
|
||
|
|
they went to the European Parliament and testified now child protective
|
||
|
|
services just recently has written a report in the report it says that the
|
||
|
|
boys are the boy and girl cannot go home because of the campaigning the
|
||
|
|
campaigning is not in the benefit of these children so the boy that stands for his
|
||
|
|
little brother and sister now is punished for being public and being open about
|
||
|
|
what happened there and the advice is not to send them home the second thing is
|
||
|
|
he shouldn't have gone to the European Parliament so executing his
|
||
|
|
constitutional rights is all of a sudden a reason for the Netherlands to basically
|
||
|
|
keep your children away that is the sheer definition of censorship and any
|
||
|
|
journalist should be very very angry the only fix I see for these type of
|
||
|
|
issues is that we stand up against it and say this is not the country that
|
||
|
|
we want to build this is not the country that I believe in I love my
|
||
|
|
country dearly I really do and she should start beginning to see the
|
||
|
|
consequences of what we are doing yes wow I'm like totally
|
||
|
|
clever casted by the story it is it is shocking and the thing is we don't
|
||
|
|
think about it enough because you know if you're here your child protective
|
||
|
|
services there's always this feeling there must be something ongoing but it's
|
||
|
|
a machine you start and cannot stop and I understand what happened here very
|
||
|
|
well you know child protective services starts to panic they don't know
|
||
|
|
what what is happening now and how to deal with it and then they start to
|
||
|
|
make one mistake of not a mistake of the not a mistake of the not a mistake
|
||
|
|
and at the end of the day everybody is in a position that they don't want to
|
||
|
|
be in there are many good people working at child protective services I've
|
||
|
|
spoken to many of them I've spoken to judges they explain to me that they
|
||
|
|
do not dare to rule against child protective services so the family has
|
||
|
|
lost every case and when they win an appeal which they have done twice child
|
||
|
|
protective services basically starts a new case and find new reasons to keep the
|
||
|
|
children away and it's such a mechanism legs proper control yes another
|
||
|
|
example and that is closer to hacking and why it's important that we hack
|
||
|
|
system and test them over and over again is indigo indigo is a system
|
||
|
|
me in use at the Department of Security and Justice for people that are
|
||
|
|
how do you call that immigrate immigrating to the Netherlands and if you
|
||
|
|
if you seek asylum you'll be in this system
|
||
|
|
so this is not the platform which is like Kickstarter this is totally
|
||
|
|
different system exactly yeah it's a government system so filled project as
|
||
|
|
usual and the thing is they have markers and one of the markers is you're
|
||
|
|
ready to be removed now there was this activist from Russia that fled to
|
||
|
|
the Netherlands after he was released from prison he lost his case and he
|
||
|
|
appealed and were mistake after mistake was made and at a certain time he got
|
||
|
|
the label ready to be removed so he was imprisoned they forgot to set the
|
||
|
|
label that he was suicidal so he hung himself in the jail cell and basically
|
||
|
|
nobody was to blame so everybody is to blame so nobody gets to blame and now
|
||
|
|
because of a simple computer glitch a person is dead an activist that
|
||
|
|
was basically just coming to the Netherlands to be protected for his freedom of
|
||
|
|
speech and be campaigning against Putin I think that's very sad very sad
|
||
|
|
subsequently they started the investigation 300 people were also marked
|
||
|
|
removable where they shouldn't have been marked at so the system is a massive
|
||
|
|
fuck up and we don't realize that we haven't thought this properly through so
|
||
|
|
this to me this is a big deal I agree and I mean and this is why I want to see
|
||
|
|
there are 3000 people here who are happy to well there would be at least 2000
|
||
|
|
of the 3000 people here would be happy to look into such a secure system or
|
||
|
|
rather such a system what is supposed to be secure yeah these very kinds of
|
||
|
|
reasons the people here present would have said don't build a machine you cannot
|
||
|
|
stop don't build you know if you even have to build such a system that's a
|
||
|
|
different discussion but if you build such a system build a system where you have
|
||
|
|
got many escapes where you check check check check and check you know and where
|
||
|
|
you can't make these massive fuck ups but we've got these politicians
|
||
|
|
running around that we need more systems and we need every time they have a
|
||
|
|
problem there's a digital solution because they have no problems or something
|
||
|
|
yes so it just doesn't you know it just doesn't work like that we should
|
||
|
|
really stand up against these things and at certain points I like sometimes it's
|
||
|
|
better not to have technology or sometimes it's better to build extra escapes
|
||
|
|
and if you don't know how the system is working or can't oversee the
|
||
|
|
consequences probably the best thing to do is to re-evaluate your opinion but
|
||
|
|
the thing is with many managers and I consider politicians to be managers that
|
||
|
|
they have a solution and then they basically work towards a common problem that
|
||
|
|
we all should recognize that there's there and also the the fact that you there
|
||
|
|
is no way back that bullshit there's always a way back there's always
|
||
|
|
something you can do to show you know once politicians said to me it's not
|
||
|
|
possible to fix computer systems it's basically not possible to have more
|
||
|
|
secure systems because a lot of companies won't do it well I showed it to
|
||
|
|
them for one month in 2011 I showed the data leak each and every day
|
||
|
|
I called the month leak tober yes and people later came up to me and said
|
||
|
|
like we were so afraid you were coming to talk about our company because we
|
||
|
|
have data leaks and we know it and we are not secure enough these were
|
||
|
|
managers of the company so I was amazed that I wasn't a target of leak
|
||
|
|
tober I've had tens of those conversations when the month started I believe it
|
||
|
|
was already four or five October all the all the security companies got
|
||
|
|
massive amounts of phone calls they wanted security audits and it was I
|
||
|
|
believe five October when several companies announced that they haven't
|
||
|
|
hadn't any people left to do audits until June of the next year so all of
|
||
|
|
a sudden apparently there were a lot of companies that realized that they
|
||
|
|
should have been doing audits all the time and they never bothered to do so
|
||
|
|
because else they would have been in the industry around it already so I
|
||
|
|
single handedly created that industry so there is something you can do as
|
||
|
|
one person you know make make stupid managers look stupid you know that's the
|
||
|
|
best way you you you can deal with this all right before we close this up
|
||
|
|
is there some last words you would like to speak to the hacker public radio
|
||
|
|
audience yes I think that hackers and I consider most of them my friends
|
||
|
|
they should stop bitching about trivial issues and start to be critical
|
||
|
|
again especially towards states critical on how they are behaving and they need to
|
||
|
|
be you know vigilant because this is the community that can make a difference
|
||
|
|
now we are the people that that hold the key to the future because we understand
|
||
|
|
technology and we understand the danger of technology so help each other you know
|
||
|
|
and there to campaign against really big mistakes forget about the trivial
|
||
|
|
issues start to be angry about the big issues life is all about yes well
|
||
|
|
thank you for your time especially since this is in your show time so I'm
|
||
|
|
really happy that you had gave me this opportunity we will cut this out
|
||
|
|
later for the for the for the pop the question while we will we'll take care
|
||
|
|
of that thank you thank you
|
||
|
|
you have been listening to hacker public radio at hacker public radio
|
||
|
|
does our we are a community podcast network that releases shows every week day
|
||
|
|
Monday through Friday today's show like all our shows was contributed by a
|
||
|
|
HBR listener like yourself if you ever consider recording a podcast then visit
|
||
|
|
our website to find out how easy it really is hacker public radio was founded by the
|
||
|
|
digital dot pound and the economic and computer club HBR is funded by the binary
|
||
|
|
revolution at binref dot com all binref projects are crowd sponsored by
|
||
|
|
lunar pages from shared hosting to custom private clouds go to lunar pages dot
|
||
|
|
com for all your hosty needs unless otherwise stasis today's show is released
|
||
|
|
under a creative commons attribution share a lot
|