Initial commit: HPR Knowledge Base MCP Server
- MCP server with stdio transport for local use - Search episodes, transcripts, hosts, and series - 4,511 episodes with metadata and transcripts - Data loader with in-memory JSON storage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Lee Hanken
378
hpr_transcripts/hpr3664.txt
Normal file
378
hpr_transcripts/hpr3664.txt
Normal file
@@ -0,0 +1,378 @@
|
||||
Episode: 3664
|
||||
Title: HPR3664: Secret hat conversations
|
||||
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3664/hpr3664.mp3
|
||||
Transcribed: 2025-10-25 03:01:33
|
||||
|
||||
---
|
||||
|
||||
This is Hacker Public Radio Episode 3664 for Thursday the 18th of August 2022.
|
||||
Today's show is entitled Secret Hat Conversations.
|
||||
It is hosted by some guy on the internet and is about 18 minutes long.
|
||||
It carries an explicit flag.
|
||||
The summary is, you'll need your tin hat for this one.
|
||||
Hello and welcome ladies and gentlemen to another episode of Hacker Public Radio.
|
||||
I'm your host, some guy on the internet.
|
||||
Today I'm just going to go through a quick little rambo something I've been thinking about for a while now but I never got to share.
|
||||
I know you guys go read into your kitchen cabinets or where you keep your tin foil.
|
||||
Go get a nice, big, you know, nice, nice long roll of it and go ahead and find a YouTube video on how to fashion a hat from it.
|
||||
Now from this point, you're going to need that hat.
|
||||
They're going to be probably future conversations where you're going to want that hat again.
|
||||
So just, you know, be careful not to get rid of it.
|
||||
You're going to just store it away somewhere where no one else can see it because they'll probably ask you questions you don't want to answer about it.
|
||||
So if you're listening to this episode on a speaker, go ahead and turn it down or pause and go get a set of headphones.
|
||||
Sorry, sorry about that.
|
||||
Yeah, go ahead and get yourself a set of headphones.
|
||||
We are going to discuss cell phones today.
|
||||
Now, one of the things I've been thinking about is how the cell phone is like our greatest...
|
||||
or let me not say out, let me just say my...
|
||||
The cell phone is my greatest attack surface.
|
||||
It's a proprietary device that I cannot walk out of the house without,
|
||||
not because I need to have the cell phone as much as the next guy.
|
||||
I think I need to have the cell phone, you know, for work mostly and there's obviously family as well.
|
||||
But that's the rub right there, that's the catch.
|
||||
Because they've convinced so many people around us to have these things,
|
||||
if you, the one guy, does not carry a cell phone,
|
||||
that somehow puts you at a tremendous disadvantage in society
|
||||
because you aren't able to, you know, receive communications.
|
||||
You can't talk to people and they can't send you messages you don't need,
|
||||
like, you know, cat videos and whatever else or, you know,
|
||||
tell you about the meeting that could have just have easily been an email.
|
||||
You can't learn about the meeting, that is also mandatory by the way.
|
||||
Now, just putting the cell phone in everybody's hand,
|
||||
does it make it the attack surface?
|
||||
What makes it the attack surface is the fact that we have never upgraded our phone systems,
|
||||
so for instance, the phone number, the thing that is supposed to be unique to everyone can be spoofed.
|
||||
So someone can call you from your mother's number,
|
||||
even though they're not your mother and they're not at your mother's house.
|
||||
They can be anywhere in the world and just use her phone number to contact you.
|
||||
You get what I mean?
|
||||
And I know you might be saying, okay, your mother's that,
|
||||
that's gonna hear the voice and know it's not your mother.
|
||||
But what if it's from your bank?
|
||||
What if your bank calls you suddenly and tell you there's an issue
|
||||
and, you know, they've got some information that seems like they're really your bank?
|
||||
You haven't been made aware of that recent data leak
|
||||
because companies aren't required to report it immediately,
|
||||
at least not in the US.
|
||||
By the time you hear about a data leak, it probably happened last year or two years ago, even.
|
||||
You know what I mean?
|
||||
So somebody's running around with really, really personal information about you
|
||||
that truthfully, the only way they could have gotten that level of information
|
||||
is if you personally gave it to them or they stole it from the person you personally gave it to.
|
||||
So here's the thing, you calling me from my bank,
|
||||
you've got information about me that only my bank would know about.
|
||||
I mean, really personal stuff.
|
||||
And I now believe this is the bank.
|
||||
It's the correct number.
|
||||
You've got the correct information.
|
||||
I mean, why else would you have that information unless you're from the bank
|
||||
and you're calling me from the bank's number?
|
||||
So when you're telling me, you need me to verify who I am
|
||||
and you're going to send me a code.
|
||||
And I send you back that code.
|
||||
And now you have confirmed who I am.
|
||||
And oh, now there's no longer a problem
|
||||
because I have verified who I am
|
||||
and now you just, you know,
|
||||
inform me on yada yada blah blah
|
||||
next thing you know my bank accounts empty, completely empty.
|
||||
And of course, when I go down to the bank to try to figure out what's going on
|
||||
because I talked to someone and so on, they told me it was fine.
|
||||
Uh, that person doesn't work here.
|
||||
blah blah blah blah.
|
||||
Suddenly, we got a major issue here
|
||||
and there's no possible way to fix it
|
||||
because the system was desiring so long ago
|
||||
it was never updated.
|
||||
Anybody can do this.
|
||||
Anybody can just go around with whatever information they've stolen or purchase.
|
||||
Maybe they didn't steal it personally, but they can purchase it from someone that stole it
|
||||
and just spoof a number call you and do whatever they want.
|
||||
So now I want you to take that bank scenario, fold it up nice and neat, put it in your pocket.
|
||||
Keep that with you because you're going to need to remember that for future conversations.
|
||||
Right? That's the bank topic
|
||||
and you've now got it in your pocket.
|
||||
We found a way to try and open the cell phone itself up
|
||||
as much as we possibly can to try and eliminate the cell phone itself being the problem.
|
||||
But it is the system that the cell phone is created for that is still the issue, the software.
|
||||
So you get a pine phone, the most open device that we have at this time
|
||||
that is still a development device.
|
||||
By the way, I like to point, keep that in the minds of everybody.
|
||||
Don't just run out.
|
||||
Think you're going to get a pine phone, open it up at the box, attach it to a network
|
||||
and begin using it like you could your iPhone or whatever else you have.
|
||||
It still requires some knowledge to use.
|
||||
So you got this open device and even the developers of the pine phone tell you
|
||||
there's even though this device is as open as we could possibly make it.
|
||||
There's still things within the device that cannot be made open.
|
||||
Like I believe it was the modem or whatever.
|
||||
That cannot be made open because, you know,
|
||||
the people who license you to use this technology,
|
||||
tell you that it must not be open, you know, for whatever reason.
|
||||
You know, they just make up anything, national security to have it.
|
||||
That's a good enough reason.
|
||||
Isn't that the reason for anything nowadays though, right?
|
||||
Like if we don't want you to know something, it's for national security.
|
||||
So don't question it even if you start questioning national security,
|
||||
that makes you the bad guy.
|
||||
Alright, so we're back on track.
|
||||
You got the open device, the most open-aid device could possibly be.
|
||||
And let's pretend that it's actually market friendly.
|
||||
You can just buy one, put in a SIM card, you know,
|
||||
attach it to the network and begin using it like any other device on the market right now.
|
||||
It still will not help you because you're still using a flawed network.
|
||||
People can still perform the exact same tricks on your open device
|
||||
as they could on your close source device.
|
||||
So one way or another, the attack surface has not changed at all
|
||||
because you're still using the device.
|
||||
You still got to get the message about the mandatory meeting
|
||||
that could have just easily have been a memo tucked inside of an email,
|
||||
an encrypted email, and sent to all the people that's supposed to have it.
|
||||
But because management can't be bothered to learn, you know, new things.
|
||||
A bunch of one trick pony desk jockeys that must just demand you go to the building
|
||||
and attend a lecture about complete horse excrement.
|
||||
You have to have that cell phone with you.
|
||||
And of course, you know, there's also family, all the people you love.
|
||||
They love using cell phones because social media, et cetera, et cetera.
|
||||
I'm not going to go too deep into all that.
|
||||
But think about it.
|
||||
Now, for those of us who have learned to use things like element,
|
||||
I mean, think about how much better the world could be if we just started adopting a matrix protocol.
|
||||
Imagine if, say, for instance, banks and other things were using this protocol
|
||||
to communicate directly with users.
|
||||
Say, say, for instance, society decides that, um, okay, users, if you want to,
|
||||
you could register an account name with your local government, right?
|
||||
And that account name is yours.
|
||||
It's, it's, it becomes a part of your ID, your identification.
|
||||
This is now attached to your registered number with the government,
|
||||
because names don't matter.
|
||||
You're just the number to the government.
|
||||
Make sure that, that tin foil hat is on real tight now.
|
||||
All right.
|
||||
You don't want any of this information to be leaked out.
|
||||
You don't want anybody to be able to peek into your brain and see this information right away.
|
||||
All right, all right.
|
||||
I'm, I've calmed down now.
|
||||
We're back, we're back on track here.
|
||||
So you got your ID that is on the matrix protocol.
|
||||
You got a handle, if you will.
|
||||
You can use any client you want, element, whatever else is out there that you want to use.
|
||||
And you can receive encrypted communication because this thing has security built into it, right?
|
||||
So your bank is on that network.
|
||||
They've got their own instance, their own servers or whatever.
|
||||
And you can federate with it.
|
||||
So you can receive direct messages from your bank.
|
||||
That's an encrypted channel that only your bank has access to.
|
||||
And you know, trade keys or whatever.
|
||||
And this is only if you want to, right?
|
||||
If you don't want to, then you don't have to, right?
|
||||
You can still stay with the phone system until eventually that goes away.
|
||||
But right now, there's also a more secure method available.
|
||||
And with this new, and we're only using element because right now, or, or matrix,
|
||||
because I can't think of anything else right now.
|
||||
All right.
|
||||
That and the misses took the baby to the store.
|
||||
So I got a limited amount of time to go ahead and get this thing recorded without a toddler climbing on the top of my head.
|
||||
And the misses chatting with me about coupon. She found online.
|
||||
Pro tip, when your misses decides to go to the store and you want to record an episode,
|
||||
give her a call shortly after she leaves the door and say,
|
||||
hey, honey, I just transferred over a couple hundred dollars over to the joint account.
|
||||
Use that to go buy something.
|
||||
That'll keep her gone longer than if they get an episode out.
|
||||
All right. Now, where was that?
|
||||
We were talking about having this, this ID that the bank has.
|
||||
The bank sends you their, you know, key, the encryption key or whatever was the public key.
|
||||
So that now you send your public key to them.
|
||||
The keys form this link of communication.
|
||||
Now all communication between you and the bank are secure.
|
||||
Or however, element does it because I'm not entirely sure how the encryption works with the,
|
||||
excuse me, not element matrix protocol.
|
||||
I'm guessing that you exchange keys like with SSH,
|
||||
but if you don't, maybe it's handled automatically.
|
||||
I'm not sure.
|
||||
One way or another, the keys are changed.
|
||||
Communication is encrypted.
|
||||
And here's another wonderful thing, even if it wasn't encrypted.
|
||||
Even if it was just, you know, well, we wanted to be encrypted.
|
||||
Let's just keep it as encrypted.
|
||||
However, the encryption happens, you're not communicating.
|
||||
Say somebody tries to pretend to be your bank.
|
||||
Well, you have a contact list with your bank in it.
|
||||
And if they're not on that list, they're obviously not from your bank.
|
||||
As far as we know, currently you are not able to just pretend to be somebody else on matrix.
|
||||
Unlike you could don't like say Facebook or whatever,
|
||||
where you could shout out to a hooker once again,
|
||||
who told us about, you know, member cloning Facebook accounts,
|
||||
where people say that the account was hacked when in actuality,
|
||||
it wasn't hacked.
|
||||
It was more of a social engineering attempt where they cloned in account,
|
||||
use some of the same images, et cetera, et cetera.
|
||||
Just go check out a hooker and look for the show there.
|
||||
A lot of great stuff.
|
||||
Back on track, you can't do that with matrix at least not right now.
|
||||
And it's open.
|
||||
So even if somebody wanted to attempt that kind of thing,
|
||||
you'd see where the flaws are,
|
||||
and you can actually point them out and stop it from existing as long as it has now
|
||||
with our current phone systems,
|
||||
with you just being able to spoof any number,
|
||||
or clone any number,
|
||||
and pretend to be home ever else,
|
||||
with the stolen information you're running around with.
|
||||
So right now, if there's a second or a third,
|
||||
Ken Valley account that starts contacting me going,
|
||||
hey, I lost my password.
|
||||
Could you send me the password that I am about to send to you
|
||||
so that I can get access to my old account?
|
||||
You know how that stuff goes out there now with all these scams?
|
||||
How they do that?
|
||||
What is it, the TOTP codes?
|
||||
Well, it's not going to work here,
|
||||
because I actually have the original Ken saved,
|
||||
and I could just contact him, hey, Ken, did you lose your information?
|
||||
And are you trying, which I know he's not, you know?
|
||||
I know that would not happen to him anyway.
|
||||
I only talk to people who are involved in the Geeks fear,
|
||||
so it'll probably happen with, like, say, a niece
|
||||
and nephew or cousin of mine,
|
||||
where they'll probably sign up today,
|
||||
lose their credentials tomorrow,
|
||||
and have to create a new account,
|
||||
and then just say that they were hacked,
|
||||
and, you know, they just actually forgot everything.
|
||||
And this is the part of the episode,
|
||||
where if we had sponsors,
|
||||
you'd probably throw in a sponsor for a password manager,
|
||||
or something like that,
|
||||
but since we don't, you know, go figure it out.
|
||||
Plenty of episodes out there about them.
|
||||
Go check one of them out.
|
||||
But I mean, just stop and think about it for just a second.
|
||||
If we could actually improve our communication,
|
||||
where we no longer need cell phone numbers,
|
||||
but we actually had handles or IDs,
|
||||
and we could eliminate the whole spoofing
|
||||
and account copying that that currently happens
|
||||
with the cell phone numbers,
|
||||
and I give you the example by Facebook,
|
||||
so you can better understand,
|
||||
if you're not a complete, you know, hacker, tech junkie,
|
||||
whatever you want to call it,
|
||||
if you're just new to this,
|
||||
if you just found out about HBR yesterday,
|
||||
and you popped in and listened to this episode,
|
||||
that's why the Facebook reference was in there.
|
||||
For everybody else, you understand.
|
||||
You'd have far more security,
|
||||
just because you eliminate an old deprecated system
|
||||
that's closed source,
|
||||
and we don't even know if there's being new development on it.
|
||||
I don't know how our network systems work,
|
||||
but I can find out more about Matrix right now.
|
||||
You can hear what I mean.
|
||||
It's like right there.
|
||||
I can just go to it and start learning about it.
|
||||
I can find out who's working on it.
|
||||
I can contribute documentation.
|
||||
I can donate money to it.
|
||||
You get what I mean?
|
||||
So it's fantastic.
|
||||
Pro tip, that's how you become a super hacker.
|
||||
You find a project that you really like,
|
||||
contact somebody that works there, say,
|
||||
hey, I'll give you, you know,
|
||||
a hundred bucks right now,
|
||||
put my name on a wall somewhere,
|
||||
and say, I contribute it.
|
||||
Boom, look at that.
|
||||
All jokes, all jokes aside.
|
||||
But seriously, if we could have a more secure
|
||||
way of communicating with one another,
|
||||
I don't even phone call some of my friends anymore.
|
||||
The people that I actually talk to
|
||||
and hang out with outside,
|
||||
I don't even call them anymore.
|
||||
We chat on Discord,
|
||||
because I know better than to tell them about
|
||||
element and signing up for it.
|
||||
I know how that's going to end.
|
||||
Discord is easy for them to sign up for,
|
||||
unless you were invited to the server where we chat,
|
||||
you can't just really break in and,
|
||||
you know, listen to the conversation.
|
||||
And because most of them also understand
|
||||
the same way you don't just send,
|
||||
you know, private information
|
||||
through a text message,
|
||||
like you don't see any social security number
|
||||
or anything stupid like that,
|
||||
through a text message.
|
||||
So you also know better than to do it through Discord, right?
|
||||
But Discord is a more secure way to call each other to chat
|
||||
and speak with friends.
|
||||
It's also easier.
|
||||
You ever tried to do a three-way call?
|
||||
You know how three-way calls work,
|
||||
especially when one person has to leave
|
||||
for a moment or two,
|
||||
because they got a call,
|
||||
and then when they're done with their call,
|
||||
they call you back and say,
|
||||
hey, now put us back on three-way,
|
||||
so you have to do it.
|
||||
It's a hassle.
|
||||
With Discord,
|
||||
I just leave the chat,
|
||||
go ahead and do the phone call thing
|
||||
and then pop right back into the chat,
|
||||
because it's still established.
|
||||
You know what I mean?
|
||||
Super easy, super simple.
|
||||
Imagine if we could do that with regular cell phones,
|
||||
get rid of the cell phone number
|
||||
because the cell phone is actually just a computer.
|
||||
How about just use it more like a computer?
|
||||
All right, you know,
|
||||
almost say it's a word's there,
|
||||
but you know,
|
||||
just use it more like a computer.
|
||||
It'd be so much better if we could do that, right?
|
||||
It kind of reminds me before I get out of here,
|
||||
because I'm about to reach the 20-minute mark
|
||||
and for these kind of rambles,
|
||||
I want to keep them under 20 minutes.
|
||||
There was a guy talking about the calculator
|
||||
and how the old design of the calculator
|
||||
was just, you know,
|
||||
not, it's not modern
|
||||
and we shouldn't be using it.
|
||||
We should actually be using something
|
||||
that looks more like an IDE
|
||||
instead of the old school calculator.
|
||||
But I'm pretty sure what's it called?
|
||||
Texas Instruments would probably sue you
|
||||
into oblivion if you tried that.
|
||||
So, have a nice day, ladies and gentlemen.
|
||||
That'll be our next rep patents
|
||||
and, you know, coffee rights and all of that.
|
||||
We'll break out the tinfoil hat again for all of that.
|
||||
You guys take it easy?
|
||||
And thank you for listening to another episode
|
||||
of Hacker Public Radio.
|
||||
I'm your host, some guy on the internet.
|
||||
Now, it's safe for you to take off that hat, fold it up,
|
||||
put it somewhere safe for the next episode.
|
||||
You have been listening to Hacker Public Radio
|
||||
and Hacker Public Radio does work.
|
||||
Today's show was contributed
|
||||
by a HBO listener like yourself.
|
||||
If you ever thought of recording podcasts,
|
||||
then click on our contribute link
|
||||
to find out how easy it really is.
|
||||
Hosting for HBR has been kindly provided
|
||||
by an honesthost.com,
|
||||
the internet archive, and our sings.net.
|
||||
On this otherwise stated,
|
||||
today's show is released
|
||||
under Creative Commons,
|
||||
Attribution 4.0 International License.
|
||||
Reference in New Issue
Block a user