Podcast 11: They Gray Legacy Of Adrian Lamo







Hey there, digital defenders and keyboard warriors! Are you tired of hearing the same old advice on staying safe online? Want to dive deeper into the nitty-gritty of what keeps our digital world ticking and, more importantly, ticking safely? Well, you’ve landed in the perfect cyber spot. Welcome to our blog — a companion to our wildly insightful ‘Digital Desperadoes’ podcast, where we unravel the web’s darkest tales and bring you the down-low on the need-to-know of cybersecurity solutions.

In our latest episode, we peel back the layers of cyberspace and its unsung heroes (and villains). With the omnipresent threats lurking in the digital shadows, it’s more crucial than ever to gear up with robust cybersecurity solutions. But what goes on behind the screens? Who are these mysterious figures typing away in the dim light, and how do their minds work? Buckle up, as we take a rollercoaster ride through the alleys of the internet with our color commentary maverick, Brad Hawkins of SaferNet, and our story guide, Jim Brangenberg, who promises to keep us all in check.

As you weave through this wild tale with us, remember that cybersecurity isn’t just for the IT crowd. It’s the armor for your everyday digital life. Our sponsor, SaferNet, provides exactly that armor, ensuring you’re wrapped in the warm, secure blanket of internet safety no matter where you roam online. So, let’s jump right into the cyber saga of Adrian Lamo, the Homeless Hacker — a story of intrigue, ethical conundrums, and a journey through the complexities of cybersecurity solutions that shape our understanding of the internet today.

Transcript Begins:

Jim Brangenberg: Welcome to the Digital Desperadoes podcast featuring dark tales from the web. Patrick McMurphy back here today to tell us another dark tale and he’s joined by Brad Hawkins founder and CEO of SaferNet, but he’s our color commentary guy.

He’s always asking those tough questions about who these cyber criminals are. I’m Jim Brangenberger and I’ll serve as your story guide. I’m really just a, I’m the referee of this whole match. This podcast is brought to you by SaferNet online at SaferNet. com. You know, it’s great to have an app controlling your phone internet time, but how do you control time and access on your computer or tablet? Wouldn’t you like to just be able to set a timer and say, I’m only going to work eight hours today? And you set the timer and eight hours later, it shuts off. SaferNet can shield you against online threats, but it can also limit the time on your computer. SaferNet provides simplified cybersecurity for businesses and families with a VPN, internet controls, virus protection, 84 website filters. Everywhere you go, you’re secure online. Get secured now. Sign up at SaferNet. com. That’s SaferNet. com.

Patrick, which dark, hideous tale are you telling us about today? Which naughty guy do we cover the story of today?

Patrick McMurphy: So today, Jim, we’re looking at Adrian Lamo, aka the Homeless Hacker. He is one of the most divisive figures in the hacking world. He really blurred the lines in terms of morality. A lot of his life kind of gets into conspiracy, but you’ll find out why in a bit. So Lamo was born on February 20th, 1981 in Boston, Massachusetts. His parents, his father’s Colombian, Mario, and his mother, Mary Ashwood, is of Colombian descent, but she is a U. S. citizen. And so despite being born in Boston, he does spend his childhood years in Colombia.

Jim Brangenberg: Oh, so we’re wondering why this guy got corrupted. I mean, we’ve all seen romancing the stone. We’ve all seen romancing the stone. We know Bogota, Colombia, not a great place to do legitimate things. I mean, we all saw it in the movies.


Patrick McMurphy: So Adrian, from a very, very early age, he has a strong interest in computers, like really nearly everyone we’ve covered. He’s learning

about computer networks, programming, and the internet, just really on his own. Now, when he was a teenager, he moved to San Francisco, California, and he attended high schools in the area.

He never graduated. His, his fascination with computers, he had no interest in formal studies. He just wanted to get into computers. And so, his initial hacking activities began with what is known as grey hat hacking. And just to kind of look at what grey hat hacking is, again, it’s – So we have black, black hat hacking, which is the stereotypical criminal hacker.

We have a white hat hacker who is someone who’s with law enforcement. They hack things for law enforcement. They track down other black hat hackers. But right in the dead center, you have grey. And it is what it sounds like. They’re kind of blurring the lines, stepping between both worlds.

Brad Hawkins: I’ll pretend like I’m helping you, but I’ll, I’ll rob you blind in the middle of it. Is that right?

Patrick McMurphy: Exactly. Oftentimes, yeah, oftentimes they can be political, very political individuals. Often what they do is illegal but not necessarily always harmful. They do a lot of vandalizing, things like that.

And so. Adrian wanted to start it as a grey hat hacker and he began with that and his main goal at that point in his life, he wanted to highlight internet security flaws because he saw massive flaws in the internet. As the rise of the World Wide Web happened, as we knew it, he felt that many overlooked a lot of the glaring security issues that he saw within networks.

And so what he would do, he began something called non destructive hacking. So he would break into corporate systems around California, but he would never cause damage to them. What he would do is that he offered to fix security flaws for free. And if the company ignored him, he would alert the media. That was his whole MO at this point.

Brad Hawkins: So that’s, that’s how he made money, is he just basically blackmailed them?

Patrick McMurphy: Well, it’s not, it’s not, not necessarily because a lot of companies, even today Microsoft has something called a bulk bounty program where people hack Microsoft products, like even things like Excel. And if you find a security flaw and you go to Microsoft, there’s rewards up to 50, 000

dollars. So it can be a legitimate lifestyle, but if you’re going into corporate networks and doing it, that’s definitely illegal.

Jim Brangenberg: Gotcha, but he’s helping. He’s trying to help. He’s doing it out of the goodness of his heart. He’s like you guys have an issue, let me just tell you here’s the issue, and if you don’t fix the issue I’m going to tell everybody you got an issue so that you’ll really have an issue. I mean, that’s what he’s saying. He’s just helping, right?

Patrick McMurphy: Exactly. Yeah, he’s a nice guy. What Adrian wants is that he wants a corporation to hire him to a red team. Now a red team is also called a red hat hacker. Now not to overwhelm with hackers at this point, but what a red hat is, it’s just a white hat that works for a company with a specific goal of penetration, testing of systems, to make sure they’re watertight. That’s all he wants. He wants to be recruited at this point.

Jim Brangenberg: So apparently hackers have no real flavor for color. So they got white hats and black hats and gray hats and red hats, but what about blue and yellow and green? I mean, I just don’t understand this. You know, it’s a matter of time. It’s a matter of time. We’ll have a different kind of, we’ll have different color hackers.

Just remind you that this podcast brought to you by SaferNet, check it out online, SaferNet. com, SaferNet. com. It will change your life and make working on your computer, your phone, your tablet, everywhere you go, a lot safer. You could even use that hotel wifi if you’ve got SaferNet on your devices. Back to you, Patrick.

Patrick McMurphy: So Adrian at this point moves out of California and he adopts a transient lifestyle and earns the nickname in the hacking community, the Homeless Hacker, which is where we know him by his moniker. So he travels across the U. S. using buses. He only uses the internet, like public Wi Fi, and continues hacking this whole time.

So he’s hacking corporate networks. And he’s notifying companies of vulnerabilities. Most of them are just getting angry with him because there’s, there’s not really bug bounties in place as there is now. He attacks Reuters, he attacks Yahoo News, he gets into Microsoft networks, again, all offering big security holes, or saying that he’ll report to the media.

And so, what happens here with Adrian is that he actually becomes media famous because he starts reporting all these flaws to various news outlets. So he

appears, there was a show they made called Hackers Wanted, he’s on that. He appeared on Good Morning America. He appeared on NBC. The funniest thing about the NBC or not skit, but the NBC appearance is that it had to be removed from the airway because during the segment, he hacked the NBC network to show how easy it was to do for him. So they couldn’t show it live, or they couldn’t show it at all.

Brad Hawkins: Ha ha ha. Shows the vulnerability right in the middle of an on air conversation.

Patrick McMurphy: Exactly. Exactly. Drops off.

Jim Brangenberg: That’s hilarious. I just, you know, and the people, it was, was it a Good Morning America? What show was he on in the morning?

Patrick McMurphy: He was, he was on Good Morning America and some NBC, another NBC segment.

Jim Brangenberg: Oh my word, that’s hilarious. I would have loved to have seen that episode. We need to find that episode and watch that one.

Patrick McMurphy: Absolutely. And so he really gets into bad people’s bad books around February 2002. He got into the New York Times network and he added himself to their expert sources database, which basically allowed him to use their LexisNexis account, which is an account for, effectively, it’s for data analytics.

So he could just siphon all their data analytics. So he told New York Times, look, this is how vulnerable you are. I’m an expert source according to your database. New York Times called the cops, there’s a warrant issued for his arrest, and he eventually surrenders in September 2003. And so, 2004, he pleads guilty to a number of computer offense, this includes, it’s basically just hacking into networks, more or less. But he gets two years probation, six months of home detention, and a 65, 000 fine.

Brad Hawkins: How do you get home detention when you have no home?

Patrick McMurphy: That’s a good question. I have no idea. That’s a great question, Brad. I do not know.

Jim Brangenberg: You’re doing the research. I mean, go on. Where, where was his home?

Patrick McMurphy: Yeah. Do you know what?

I never noticed that in the research.

Jim Brangenberg: He probably has to go live with his mom in her basement. That’s where all hackers go.

Patrick McMurphy: He lived on a Greyhound bus for six months.

Jim Brangenberg: Wow. Wow. That’s incredible.

Patrick McMurphy: So he gets convicted. Yeah, convicted for Compromise and Security at basically multiple large corporations.

Jim Brangenberg: Bunch of chickens. He was trying to help them out!

Brad Hawkins: At, at, at the same time, is he making money through that process? So does he have plenty of money at that point?

Patrick McMurphy: Not really. He would get every SWOT and he would get a bug bounty, but mostly it’s just people saying that no, we’re not going to pay you anything. And then he goes to the media and I’m sure he’s getting paid for his media appearances.

Then of course not by NBC anymore.

Jim Brangenberg: At that point, I assume for those of you listening, struggling with Patrick’s accent, what he’s saying is a bug bounty. So he’s gone in and found a bug in their software, not a literal bug, but a software bug, and he’s offering to fix it for a fee. Now, in today’s world, there are bug bounties out there where people, if you find a flaw, they’ll pay you to find out where that flaw is so they can get it fixed.

Bug bounty just, that was the interpretation there here in English.


Jim Brangenberg: Podcast brought to you by SaferNet. When you have a VPN on your internet access speed, your internet speeds up dramatically. Introducing SaferNet VPN to our great audience out here. SaferNetVPN. com, your ultimate cybersecurity solution.

Protect your business with ease. Enjoy the power of a virtual private network with internet controls, virus protection, website filters, all in one app. An app for your phone, your laptop, your desktops, your tablets, everywhere you go. Stay safe online, try SaferNet VPN online, and surf safely. Sign up at SaferNet. com, that’s SaferNet. com.

Patrick McMurphy: Right, so yeah, so post prison life this is where we get into the muck, and a bit of the conspiracy as well. So, after prison Lamo decided that, you know, he did not want to go back to prison, so he kinda, he’s still grey hat hacking but he does it very quietly. He’s not informing media, things like that.

And what he becomes is that he becomes a significant contributor to Wikileaks. And so eventually you guys may remember was that Chelsea Manning released a list of Wikileaks donors. Now, no one knew at the, at that point, it was Chelsea Manning leaking them. But Lamo gets leaked as a donor and he’s so furious that he turns in Chelsea Manning for being, for being the one who leaked the list.

Brad Hawkins: So Patrick, about what, what year is this?

Patrick McMurphy: So this is, this would have been, that would have been what, 2012?

Jim Brangenberg: I was going to say, I was going to say 12 or 13. Yeah.

Patrick McMurphy: Yeah. 12 or 13, I believe. Yeah. And so, I mean, people will mostly know Chelsea Manning for leaking the collateral murder video that was infamous at the time. So you really have two people who are leaking documents the whole time, pitted against each other. So really, when Lamo was asked about why he informed on Manning, he cited potential dangers to lives. However, he did face a lot of backlash and accusations of treason even from the hacking community. So it was really split down the middle here in the hacking community.

It’s probably one of the most divisive arguments they’ve ever had. Now at this time I always laugh at this point, so Lamo said he got really into body hacking. And what body hacking is known to, as the rest of us, is drug addiction. He basically experimented with a bunch of drugs and called it body hacking.

His main one was Kratom which is kind of known for one of the big drugs that ripped up San Francisco and is still ripping up San Francisco. It’s an absolutely

poison drug. But after the Manning incident, when really a lot of his peers have turned his back on him, his drug use escalates. And he claims that at this point his life has changed.

He went into psychiatric, he had psychiatric help and all this. Now, in my opinion, it was probably the drugs is why he needed psychiatric help. You can’t blame the other people at that point. You know, you’re taking Kratom. It’s gonna do something to you. And so, March 14th, 2018, in Kansas, he passed away, age 37.

The cause of death is unclear. It’s reported as suicide. There’s also suggestions of drug abuse. There’s a lot of multiple pill bottles found around his body. However, a lot of people in and out of the hacking community don’t think it was an accidental death. A lot of people think he was killed by either people in the hacking community or some contacts of Banning.

So it’s a very murky ending for a guy whose life was, I think he started with the right idea, but the more he got into things like Wikileaks and this boy versus boy, you know, who’s the good guy, who’s the bad guy, it just went downhill. And of course, the body hacking didn’t help at all.

Brad Hawkins: Wow. Seems like a very gray life.

Patrick McMurphy: Very, very, very

Jim Brangenberg: gray. It just said, and we don’t know, you know, he starts off, you know, with a little bit of Colombian in him. Maybe the Colombian mob took him out because he was pushing the wrong kind of drugs. You just never know. But it’s just sad though. I mean, all these people just – like the the purposeless. He didn’t even get a chance to make money working for the FBI. I mean a lot of our hackers at the end of their lives got to make money working for the FBI. He didn’t get it done, but I’ve seen videos of the people in San Francisco on these crazy drugs. It’s like they’re zombies walking down the street.

Yeah, they’re sitting still. I mean, it’s… poor San Francisco’s a hot mess Yeah, it’s absolutely – and the whole Chelsea Manning thing, that goes in a whole bunch of different directions we won’t go today on today’s Digital Desperado show.

But, Brad, my Windows computer updates security all the time. In fact, it’s quite annoying because they update when I’m trying to use my computer like, Hey,

you need to do this update all the time. Is it enough? I mean, is it, can Windows stay ahead of all the cyber security threats out there, Brad?

Brad Hawkins: Oh my gosh, there’s absolutely no way Windows or Apple can stay ahead of all the

cyber security.

Jim Brangenberg: Wait a minute, I thought, I thought Macs never got hacked because they were hackless.

Brad Hawkins: Yeah, that’s, that’s one of their wonderful marketing ploys. Yes, I, now truthfully they do have one up on Windows because they have a closed network and it is a safer environment. But it is not a safe environment.

I mean, you’re still at threat by having an Apple as well as a Windows. But yes, it is absolutely not, it’s always a good idea to stay up on your, you know, your updates and you do the proper things that you need to do, but it’s not enough. You have to do more than what these platforms just provide.

Jim Brangenberg: Absolutely! And just for you listeners in case you’re one of those people that says I know I got an update but i’m just going to postpone that till tomorrow.

I ran into a guy earlier this week. He hadn’t done one in six months, you know windows slows your computer down if you don’t do the update. They just intentionally throttle your computer down until you do the update. Just do the updates. It’s for your own good. They’re looking out for you. Anyway, they’re watching everything you do. Anyway, you might as well just update it, make it easier for em. .

But you know, you got to stay ahead of cyber threats and you need to do it with SaferNet. Businesses seeking top notch security without complexity, SaferNet is your solution. They’ve got you covered there. Go online, SaferNet. com, SaferNet. com.

Patrick, I’m kind of sad about this conversation today. This, this homeless hacker, it was kind of, it kind of ended sad. And I’m, I don’t know, I hope the next one you get for us is a little more positive.

Patrick McMurphy: Yeah, I wouldn’t say positive. It’s fun though. The next one is fun.

Jim Brangenberg: All right. Well, you heard it here. The internet and everything digital has a dark side. And so many dark players, but some white players and gray players and red players too. That’s what we’ve learned here today. It’s why you need SaferNet by your side with its VPN, its antiviruses, and website filters and so much more. Check them out online, SaferNet. com.

Thanks to SaferNet for supporting our efforts to bring the Digital Desperado podcast to your ears and giving these stories the exposure that they need. And for your own security and the security of those you love and those you work with, only click on the attachments from those that you trust and delete the rest, or you may become the next victim of a Digital Desperado!

Transcript Ends.

And that’s a wrap on another gripping chapter from the chronicles of cyber notoriety on ‘Digital Desperadoes.’ As we log off from the saga of Adrian Lamo, the ‘Homeless Hacker,’ and ponder over the thin line between right and wrong in the digital realm, let’s not forget the crucial takeaways for our own cyber-safety.

Today’s digital desperadoes don’t ride into sunsets; they ride the waves of the internet, leaving us with valuable lessons on the importance of cybersecurity solutions. Whether it’s safeguarding our networks or securing our personal cyber-frontiers, the role of cybersecurity solutions like SaferNet can’t be overstated. It’s our digital shield, guarding against the unseen battles raging in the binary underbelly of the web.

As you navigate the vast expanse of the internet, arm yourself with knowledge and the right tools. Check out SaferNet.com for top-tier cybersecurity solutions that stand guard when you venture into the virtual world. Remember, in the age of constant connectivity, staying secure isn’t a one-time affair; it’s a continuous journey.

Keep your friends close and your antivirus closer, and never click on that shady link! Stay vigilant, stay informed, and tune in next time for another deep dive into the cyber abyss. Don’t just be another internet user; be a savvy cyber citizen with a knack for spotting the digital desperadoes.

For now, disconnect from our tales but stay connected with SaferNet. Until our next digital adventure, this is your sign-off reminder: Stay safe, stay secure, and keep your data locked down tighter than Alcatraz. See you in the cyber field, folks!