WEBVTT 1 00:00:00.160 --> 00:00:03.139 Like, okay, is this what I want to keep doing? And the answer was absolutely. 2 00:00:03.280 --> 00:00:06.480 Like, I really I want to keep doing this. Like, I'm not, I don't feel 3 00:00:06.480 --> 00:00:10.160 like we've solved the problem. Like, IDA is still the major dominant tool, you know, 4 00:00:10.160 --> 00:00:13.844 technically there's still problems that I want to solve. I 5 00:00:13.844 --> 00:00:17.145 think we're the product itself is at a spot where it can now, 6 00:00:17.525 --> 00:00:20.484 replace side up for the vast majority of users. And so now we just gotta 7 00:00:20.484 --> 00:00:23.125 go, like, show everybody, like, convince them and, like, demonstrate it and be like, hey. 8 00:00:23.125 --> 00:00:26.805 Listen. You can you get all these advantages. Let's let's let's get 9 00:00:26.805 --> 00:00:30.500 everybody switched. And so that's super exciting. Like, I feel like 10 00:00:30.500 --> 00:00:34.040 we've we've done some of the hardest work, and now we can reap the rewards. 11 00:00:34.580 --> 00:00:38.420 This is Hackers to Founders, a podcast about cybersecurity professionals who 12 00:00:38.420 --> 00:00:42.100 have reached the pinnacle of their cybersecurity expertise and have a ventured 13 00:00:42.100 --> 00:00:45.845 into new frontiers. Whether it's launching innovative start ups or making 14 00:00:45.845 --> 00:00:49.625 impactful investments in our industry. My name is Chris Manistrato, 15 00:00:49.765 --> 00:00:53.605 and I'm a vulnerability researcher best known for traveling and meeting hackers 16 00:00:53.605 --> 00:00:56.985 from all around the world. And I'm using what little extrovert 17 00:00:57.125 --> 00:01:00.640 skills I have to introduce to you hackers that are 18 00:01:00.640 --> 00:01:04.239 changing the world. Today, we are joined by Jordan Wines, a cofounder of Vector 19 00:01:04.239 --> 00:01:07.760 35, a long time DEFCON CTF participant and winner of 20 00:01:07.760 --> 00:01:11.300 multiple years, who will share with us a unique story, a binary 21 00:01:11.440 --> 00:01:14.975 ninja, its creation, and where it's going to go into the future. 22 00:01:18.075 --> 00:01:21.755 This is hackers to founders. Alright. Welcome, 23 00:01:21.755 --> 00:01:25.435 everybody, to the show. My name is Chris Medistrada. I'm joined here with Jordan 24 00:01:25.435 --> 00:01:29.040 Weins. Did I pronounce that correctly? You got it. You got it. Is 25 00:01:29.040 --> 00:01:32.640 it German or what's your name? I think it's I think it's originally 26 00:01:32.640 --> 00:01:36.400 like Wines, but, like, we've always pronounced it Wines, so my family has spelled it 27 00:01:36.400 --> 00:01:39.780 that way. My grandfather's brothers were born in Germany. But 28 00:01:40.160 --> 00:01:43.695 Okay. That's so funny. Like, mine's a magistrado, but I think it's, like, 29 00:01:43.775 --> 00:01:47.295 technically maestrados, but, like, I'm like Yeah. Filipino 30 00:01:47.375 --> 00:01:51.135 Anglicized. Oh, that's funny. Excellent. Yeah. We 31 00:01:51.135 --> 00:01:54.895 were just talking about, different processes in in terms of, like, 32 00:01:55.215 --> 00:01:58.494 starting a business. I'm one of the founders of Vector 35. It'll be 10 years 33 00:01:58.494 --> 00:02:02.290 this January. Which is bonkers to me. 34 00:02:02.910 --> 00:02:06.190 But yeah. So there were there were 3 of us originally and, 35 00:02:06.590 --> 00:02:10.430 like, 3 technical cofounders. 2 of us sort of split all the administrative duties, 36 00:02:10.430 --> 00:02:14.155 which is I was also really nice. Having another cofounder that, like, could we 37 00:02:14.155 --> 00:02:17.674 could each be part technical and part administrative actually helped a ton. So we've been 38 00:02:17.674 --> 00:02:21.355 able to grow, I think, really a lot bigger, you know, like I said, even 39 00:02:21.355 --> 00:02:25.114 sort of lacking as much administrative as as maybe we could have a lot because 40 00:02:25.114 --> 00:02:27.900 of that. Because Peter and I split that role and that that helps a ton. 41 00:02:27.900 --> 00:02:31.340 It's also just nice too to feel like, you know, we're engineers trying to figure 42 00:02:31.340 --> 00:02:34.980 out marketing and pricing and, you know, contracts and Yeah. 43 00:02:35.180 --> 00:02:38.540 So like all the books and things and trying Yeah. Especially 10 years ago, there 44 00:02:38.620 --> 00:02:42.265 was there even a lot of, like, cybersecurity companies, 45 00:02:42.265 --> 00:02:46.025 startups, or even resources to learn about how to work with governments on 46 00:02:46.025 --> 00:02:49.704 that? Yeah. It was like, we had well, so what we did have was we 47 00:02:49.704 --> 00:02:53.545 had a sort of, like, mentor network. So we had Mike Fransen from 48 00:02:53.545 --> 00:02:56.900 KuduDynamics, who we had 49 00:02:56.900 --> 00:03:00.659 previously worked with, at at back back at Raytheon before 50 00:03:00.659 --> 00:03:04.500 that. And, in fact so we got our we got our start as 51 00:03:04.500 --> 00:03:07.959 a company, working on separate grand challenge. The the DARPA 52 00:03:08.865 --> 00:03:12.705 CTF, like, robots playing CTF, like, automated. They you know, the the winning winning 53 00:03:12.705 --> 00:03:15.505 team went to go play in the Defcon finals. So that was, like, our first 54 00:03:15.505 --> 00:03:19.185 contract. And it basically was a matter of, we were Peter and 55 00:03:19.185 --> 00:03:22.625 Rusty and I, the 3 cofounders, were all working at Raytheon at the time. And, 56 00:03:24.160 --> 00:03:27.720 they CGC basically needed help running, like, the 57 00:03:27.720 --> 00:03:31.260 visualization side. So they had a game company that was contracted to, like, build visualizations, 58 00:03:31.800 --> 00:03:34.840 but they didn't know anything about capture the flag or security. And so to be 59 00:03:34.840 --> 00:03:37.980 like, hey. Make a dashboard, make a visualization, 60 00:03:39.795 --> 00:03:43.555 was was, like, not easy for them, and the people running the game didn't have 61 00:03:43.555 --> 00:03:47.234 time to, like, translate everything or to, like, babysitter, like, work with not 62 00:03:47.234 --> 00:03:50.355 babysitter. It's a bad it's a bad way of saying it. Really, to work we're 63 00:03:50.355 --> 00:03:53.106 closely with the game company. Educate. There we go. It's a much better one. So 64 00:03:53.106 --> 00:03:56.562 that was we basically got brought on to that. So Rusty and I started on 65 00:03:56.562 --> 00:04:00.019 that contract, and, like, that was the start of our our our company. So Mike 66 00:04:00.019 --> 00:04:03.692 Fransen was one of the people working that. We were I remember I don't think 67 00:04:03.692 --> 00:04:07.025 we directly subcontracted to him, but he really helped us to a ton. 68 00:04:07.645 --> 00:04:10.285 Gave us his rate card. He's like, here's how you structure it. And here I 69 00:04:10.285 --> 00:04:13.725 mean, we we had, you know, working right then, we had a lot of some 70 00:04:13.725 --> 00:04:17.345 intuition. You know, we were we're technical, you know, tech leads, 71 00:04:17.885 --> 00:04:21.680 so we knew a different contract type, contracting types, and and scheduling 72 00:04:21.680 --> 00:04:25.360 a proposal process and stuff, but we were not the program managers doing some of 73 00:04:25.360 --> 00:04:27.759 the details. So we had, you know, a little bit of learning curve, but certainly 74 00:04:27.759 --> 00:04:31.600 less, I think, than if we had started from scratch. And so it it helped 75 00:04:31.600 --> 00:04:34.794 that we we we had that kind of basis and and that's yeah. That's why 76 00:04:34.794 --> 00:04:38.555 we started the company with that contract, basically, paid the bills with that, and 77 00:04:38.555 --> 00:04:41.194 then, you know, like, it's not like a startup where, like, you grind the startup, 78 00:04:41.194 --> 00:04:43.995 like, 60 hours a week on your your product or you take on VC money, 79 00:04:43.995 --> 00:04:47.720 whatever. We did, like, 40 on our contract, and then Rusty 80 00:04:47.720 --> 00:04:51.560 dropped down to, like, 3 quarters time. And so he was working on Binary Ninja 81 00:04:51.560 --> 00:04:54.199 on, like, the the other 3 quarters as well as extra time. And so, you 82 00:04:54.199 --> 00:04:58.039 know, we were both, like, working working extra hours, but, you know, the 83 00:04:58.039 --> 00:05:00.280 bulk went to the contract to pay the bills. So we, you know, we took 84 00:05:00.280 --> 00:05:02.904 a salary. We had a nice benefits, and we had a budget, and we had 85 00:05:02.904 --> 00:05:06.585 a rate card, and then we could do that. So so the the actual product 86 00:05:06.585 --> 00:05:10.345 for, like, binary binary ninja, was this already in place where, like, you 87 00:05:10.345 --> 00:05:13.945 guys were developing it and saying, like, we already have Yeah. It's it's part of 88 00:05:13.945 --> 00:05:16.790 the contract or it's part of a buyer already. It was a part of the 89 00:05:16.790 --> 00:05:19.110 contract, but it was a part of our design for the company. So we in 90 00:05:19.110 --> 00:05:21.830 fact, you know, like, that was one of the pitches, like, when Mike first reached 91 00:05:21.830 --> 00:05:24.950 out to us. He's like, hey. Do you wanna go build that binary ninja thing? 92 00:05:24.950 --> 00:05:27.430 You've been you've been thinking about it. We're talking about it. So you guys We're 93 00:05:27.430 --> 00:05:30.325 talking about it. I really wanna build this thing anyway. Well, because it it so 94 00:05:30.325 --> 00:05:33.205 it existed. Yeah. It actually there in fact, it's there's even an open the the 95 00:05:33.205 --> 00:05:36.325 original version is is still out there in open source. It was a GPL Python 96 00:05:36.325 --> 00:05:39.925 version. In fact, we had somebody accuse us of, like, ripping off a Python. Like, 97 00:05:39.925 --> 00:05:43.205 you know, how dare you rip off this existing project? And we're like, 1, we 98 00:05:43.205 --> 00:05:46.910 wrote it. And 2, we don't have to we can relicense it however we 99 00:05:46.910 --> 00:05:50.110 want. And 3, it's rewritten completely. The new one's all c plus plus. So we 100 00:05:50.110 --> 00:05:53.389 have, like yeah. We had written Binary Ninja for CTF. I don't know, Rusty. First 101 00:05:53.389 --> 00:05:57.150 started it. Maybe 13 years ago, 12 years ago. Like, it 102 00:05:57.150 --> 00:06:00.765 was built internally just to help our CTF team. And then 103 00:06:00.765 --> 00:06:04.285 it had a so so some of, like, the design that kinda carried 104 00:06:04.285 --> 00:06:08.045 through the name carried through, but that's about it. Like, the actual code 105 00:06:08.045 --> 00:06:11.400 was, like I said, completely rewritten. It was all Python before, and it was 106 00:06:11.400 --> 00:06:15.160 completely rewritten in c plus plus. It still has, like, a the Python plug in 107 00:06:15.160 --> 00:06:18.460 API now, but but the all the analysis is c plus plus. So 108 00:06:18.680 --> 00:06:22.200 rewriting it basically was our first, you know, order of business, and we 109 00:06:22.200 --> 00:06:25.945 basically started that. Like, even just, like, right as we started the company, we're 110 00:06:25.945 --> 00:06:28.425 actually doing that in the side. And then it was about a year after we 111 00:06:28.425 --> 00:06:31.865 started the company before we launched the first version of it, which I'm almost embarrassed 112 00:06:31.865 --> 00:06:34.585 now when I look back at, like, the features it had. Like, people paid us 113 00:06:34.585 --> 00:06:38.025 money for that. Like, we didn't charge a lot less, but, it's crazy how far 114 00:06:38.025 --> 00:06:41.569 it's come. Nice. Beautiful. And, like, so you guys 115 00:06:41.569 --> 00:06:45.169 were developing the company and the product app while you guys were still at 116 00:06:45.169 --> 00:06:48.930 Raytheon? Was No. No. So we yeah. Well, so the Python version. 117 00:06:48.930 --> 00:06:52.415 Right? Like, the open source Python version was was was built at 118 00:06:52.415 --> 00:06:56.255 Raytheon, and then, basically, we quit there, started back 119 00:06:56.255 --> 00:07:00.015 to 35 January something, whatever I guess. And so it's by the way, it's 120 00:07:00.015 --> 00:07:03.235 vector 35 because we were all 35 years old in 2015. 121 00:07:03.615 --> 00:07:07.280 So it makes it easy to keep track of the yeah. Yeah. So 2025 will 122 00:07:07.280 --> 00:07:10.400 be would be a decade. Yeah. But Peter, Rusty, and I were all born in 123 00:07:10.400 --> 00:07:14.240 1980. So so we, yeah. That's 124 00:07:14.240 --> 00:07:17.380 that's how we started. And then we we basically rewrote it then, 125 00:07:18.320 --> 00:07:22.115 ourselves, like, a sort of, you know, clean code base, for the 126 00:07:22.115 --> 00:07:25.794 ground up after we after we start the new thing. So, like, I know, like, 127 00:07:25.794 --> 00:07:29.395 like, certain companies, it's like if you do, like, Apple specifically. Like, if you design 128 00:07:29.395 --> 00:07:33.210 anything while you're working at Apple and then even, like, sometimes it's, like, 5 129 00:07:33.210 --> 00:07:36.730 years after we started to own that. They owned all that stuff. Yeah. So 130 00:07:36.730 --> 00:07:40.090 Rusty didn't didn't have that agreement because he started so early. 131 00:07:40.810 --> 00:07:44.330 His stuff wasn't locked up. And they had they had gotten some people. In fact, 132 00:07:44.330 --> 00:07:46.810 I didn't have one either. I was I was one of the last people that 133 00:07:46.810 --> 00:07:50.455 was hired before they started doing that, for employees. So 134 00:07:50.515 --> 00:07:53.575 we never had those agreements, and so we were pretty flexible, 135 00:07:54.195 --> 00:07:56.915 with with the IP one. They also had like, you could also declare a thing 136 00:07:56.915 --> 00:07:59.555 and be like, I built this on my own. It's independent. You don't own it. 137 00:07:59.555 --> 00:08:01.875 You could submit that paperwork even while you were there for them, which you may 138 00:08:01.875 --> 00:08:05.420 have even done even though you didn't need to. I don't think. I don't 139 00:08:05.420 --> 00:08:08.460 remember the the the specifics of it. But, yeah, there was a web. But, yeah, 140 00:08:08.460 --> 00:08:12.140 Apple is notorious for, like, you don't touch open source while you work for Apple. 141 00:08:12.140 --> 00:08:15.580 You don't do any other side stuff. Like, you are completely locked down. Yeah. It's 142 00:08:15.580 --> 00:08:19.365 completely wild. Like, I have I have like friends that are like 143 00:08:19.365 --> 00:08:23.125 leaving their it's from the security aspect and they're like, yeah, I gotta like wait. 144 00:08:23.125 --> 00:08:26.405 And this is before I can even make my product and things like that. And 145 00:08:26.405 --> 00:08:29.685 they'll be like doing red teaming at, at Apple and it's like, yeah, I got 146 00:08:29.685 --> 00:08:32.804 something good but I gotta wait the 5 years before I can even create it 147 00:08:32.804 --> 00:08:36.510 which I don't know cycles innovation creativity. But Yeah. 148 00:08:36.510 --> 00:08:40.269 I they I love Apple products. I'm a huge Apple, like, fan as a 149 00:08:40.269 --> 00:08:43.950 consumer, but, I don't know that. And and I've heard a lot of good 150 00:08:44.110 --> 00:08:47.775 there's some good things about the structure with their like, the impact you can 151 00:08:47.775 --> 00:08:49.615 have when you go work there. There's a lot of great people, a lot of 152 00:08:49.615 --> 00:08:52.815 good friends that work there, but, yeah, I'm not a huge fan of, like, the 153 00:08:52.815 --> 00:08:56.655 way that they approach stuff like that. Their secrecy, the, the 154 00:08:56.655 --> 00:09:00.415 lockdown kind of requirements. I do know one person right now, I'm not gonna 155 00:09:00.415 --> 00:09:04.210 name, who's trying to, like because there is supposedly a way you can commit contribute 156 00:09:04.210 --> 00:09:06.610 to open source while you work at Apple. And, like, you can get approval and 157 00:09:06.610 --> 00:09:09.730 go through a process and give us a second. He's working it. So we'll see. 158 00:09:09.730 --> 00:09:13.410 We'll see. I wish him I wish him godspeed. But Yeah. I'm I'm happy, like, 159 00:09:13.410 --> 00:09:16.930 we started this this conversation. We kinda just jumping into it. Yeah. Straight 160 00:09:16.930 --> 00:09:20.665 in. You We're talking about entrepreneurship. You're talking about your company, back 161 00:09:20.665 --> 00:09:24.285 to 35, and then even a little bit of government contracting. 162 00:09:24.345 --> 00:09:28.024 But the audience, maybe they don't know too much about yourself, and, like, how 163 00:09:28.024 --> 00:09:31.650 you entered into our our industry. And then 164 00:09:31.730 --> 00:09:35.330 Yeah. Even, like, what you did and where you started at Defcon as well. So, 165 00:09:35.330 --> 00:09:38.290 like, we'd love to hear a little bit more about your background because there's it's 166 00:09:38.290 --> 00:09:41.670 been there's a lot here and super interesting. Yeah. Thank you. 167 00:09:41.810 --> 00:09:45.605 So so I was always into computers. I went to college thinking like, 168 00:09:45.605 --> 00:09:48.084 oh, well, now I'll get a real degree and do something else. I got a 169 00:09:48.084 --> 00:09:51.685 lie in my head this was this was a thing. Were you 170 00:09:51.685 --> 00:09:55.445 playing with computers at your house before college? Like I yeah. I 171 00:09:55.445 --> 00:09:58.580 just grew up. I grew up. My dad my dad had a computer. I I 172 00:09:58.580 --> 00:10:01.480 was always I was, like, very straight laced. Like, I never 173 00:10:02.260 --> 00:10:05.540 smoked like, I was just very, like, straight edge kinda, like, as a kid. And 174 00:10:05.540 --> 00:10:08.900 so, like, I never did anything illegally, like, hacking wise, but I was always super 175 00:10:08.900 --> 00:10:12.475 into it. I was really into computers. I was, like, running, 176 00:10:13.335 --> 00:10:17.175 running Linux at home and, like, you know, I started kinda, like, teach myself 177 00:10:17.175 --> 00:10:20.535 programming from, like, 3 to 1 contact magazines in the back. So I was kinda 178 00:10:20.535 --> 00:10:24.270 into What languages was that? Basic. Just like old g 179 00:10:24.590 --> 00:10:27.950 GW Basic was the beginning. Yeah. I wish you know, it's funny because Rusty, my 180 00:10:27.950 --> 00:10:31.790 other cofounder, is was highly technical. He wrote his first emulator at the age of, 181 00:10:31.790 --> 00:10:35.570 like, 14 and it was bought by TI. Like, he Texas Instruments bought 182 00:10:35.710 --> 00:10:39.150 his emulator because it was better than their official one, like, licensed his 183 00:10:39.150 --> 00:10:42.375 tech. So he was, like because he was doing the same thing. How did you 184 00:10:42.375 --> 00:10:46.214 even have a conversation with TI about that? Like they reached out to him as 185 00:10:46.214 --> 00:10:49.095 as I understand it. Like, yeah. It's it's kinda crazy. You can in fact, you 186 00:10:49.095 --> 00:10:52.375 can actually find I was writing stuff for the TI, like, all the old, the 187 00:10:52.375 --> 00:10:55.910 Usenet forums like ticalc.org and the old, forums and 188 00:10:55.910 --> 00:10:59.270 stuff. But I was running base TI basic programs, and he was in here, like, 189 00:10:59.270 --> 00:11:02.710 hand coding assembly, writing writing emulators for the 190 00:11:02.710 --> 00:11:06.330 hardware, like, you know, pre Internet. You also were selling to to TI, 191 00:11:07.355 --> 00:11:10.875 teenage age as well? No. No. I was just in the same, like, the TI 192 00:11:10.875 --> 00:11:14.155 calc programming scene, like, writing little apps because, you know, you you would write apps 193 00:11:14.155 --> 00:11:17.275 and post them on like, at the beginning of the Internet, like, early, like, go 194 00:11:17.275 --> 00:11:19.835 for even days and use that and that kind of stuff. So I was that 195 00:11:19.835 --> 00:11:23.380 was kind of part of what got me, like, online a little bit, but I 196 00:11:23.380 --> 00:11:27.060 was not no. I wasn't nearly as good of our programmers. I I was good 197 00:11:27.060 --> 00:11:30.020 with computers. I was very good with computers, and I had to, like, a lot 198 00:11:30.020 --> 00:11:33.300 of, like, IT jobs. My first job was selling dial up Internet accounts from the 199 00:11:33.300 --> 00:11:36.855 mall. I started doing tech support for them. Or a different variety? It was a 200 00:11:36.935 --> 00:11:39.815 it literally called Internet in a mall. It was a very brief they went out 201 00:11:39.815 --> 00:11:43.095 of business long after. It should be a kiosk in the mall, you you do 202 00:11:43.095 --> 00:11:46.774 it from. And I worked for gateway computer tech support, for a while to, like, 203 00:11:46.774 --> 00:11:50.110 phone support, which is the worst. So we're, like, an outsourced reseller. So they would 204 00:11:50.110 --> 00:11:53.149 call up, and we didn't even have the customer database. So we'd have to be 205 00:11:53.149 --> 00:11:56.430 like, okay. Open up your case and read me serial numbers and look up in 206 00:11:56.430 --> 00:11:59.950 a physical book to find the model numbers to get the download URLs to, like, 207 00:11:59.950 --> 00:12:03.685 drivers and stuff. It was it was abysmal. But but 208 00:12:03.685 --> 00:12:06.725 it was, you know, it's a good learning experience. Actually, I met Jason Street of 209 00:12:06.725 --> 00:12:10.165 all people who is is active in the security scene. He was, like, my boss. 210 00:12:10.165 --> 00:12:13.524 And we discovered this, like, 20 years later. We're, like, wait a minute. I know 211 00:12:13.524 --> 00:12:15.845 you. It just it took us forever to figure it out because we just, like, 212 00:12:15.845 --> 00:12:19.210 didn't go back far enough. For those who don't know Jason, who's 213 00:12:19.210 --> 00:12:22.650 Jason? Yeah. Jason Street is, it's very, like, 214 00:12:22.650 --> 00:12:26.490 famous, pen tester. Does a lot of stuff, in 215 00:12:26.490 --> 00:12:30.010 the the security community. Just Google j a y s o n street. You can 216 00:12:30.010 --> 00:12:33.745 see a ton of talk show, man, really. Excellent present, presenter 217 00:12:33.805 --> 00:12:37.485 as well. Yeah. Great storyteller. Good presenter. Yeah. So, 218 00:12:37.485 --> 00:12:41.245 so yeah, he was like my boss, like literally in 1996 or 219 00:12:41.245 --> 00:12:44.704 something. And then, yeah, I went to college 220 00:12:44.925 --> 00:12:48.490 thought like, okay, I'll get a job. Didn't think about 221 00:12:48.490 --> 00:12:51.930 computers. I was dual math, computer science, but I started working for the 222 00:12:51.930 --> 00:12:55.370 university. You said dual math. So are you doing, like, applied 223 00:12:55.370 --> 00:12:59.050 mathematics? Or It was number theory. I really 224 00:12:59.050 --> 00:13:01.925 loved so I wanted to work for the NSA. 225 00:13:02.785 --> 00:13:06.305 I just thought I read a lot of spy 226 00:13:06.305 --> 00:13:09.105 novels as a kid. Yeah. I just, I read a lot. I read a lot. 227 00:13:09.105 --> 00:13:12.384 I read a ton. I love spy books. And so I studied, 228 00:13:12.785 --> 00:13:16.550 Mandarin in college. I was a math major and a computer science major. I was 229 00:13:16.550 --> 00:13:19.149 like, because they hire 4 they at the time, they hired 4 things. I heard 230 00:13:19.149 --> 00:13:22.990 hardware engineers. I didn't wanna deal with that language, math, and computer 231 00:13:22.990 --> 00:13:26.290 science. And I was like, well, I got 3 of the 4 covered. I ironically, 232 00:13:27.310 --> 00:13:30.835 911 happens, and I I dropped off a resume at the booth, like, that came 233 00:13:30.835 --> 00:13:33.715 to a career for when I was already working for universities. I started working part 234 00:13:33.715 --> 00:13:35.955 time for university. I turned into a full time job. So I dropped off a 235 00:13:35.955 --> 00:13:39.795 resume, never heard back. I who knows what what 236 00:13:39.795 --> 00:13:42.890 happened with it? And then and then years later, I was working for them as 237 00:13:42.890 --> 00:13:46.730 a contractor. It cost them a whole lot more money. So that would've would've saved 238 00:13:46.730 --> 00:13:50.570 the government some some cash if they would've just, gone through that. So 239 00:13:50.650 --> 00:13:54.265 yeah. So I I started working, like, IT jobs at the university, and I had 240 00:13:54.265 --> 00:13:58.025 a server set up set up this, like, Red Hat Red Hat Linux 5, 241 00:13:58.025 --> 00:14:01.785 not Red Hat Enterprise Linux, like, Red Hat 5, the old school. It was 242 00:14:01.785 --> 00:14:05.145 like I still remember that when you set up your sound driver, it would be 243 00:14:05.145 --> 00:14:08.905 like, my name is Linus Torvalds, and I pronounce Linux Linux. Hello. 244 00:14:08.905 --> 00:14:12.440 This is Linus Torvalds, and I pronounce Linux as Linux. 245 00:14:12.820 --> 00:14:16.500 Like, it's Linus, but you pronounce it Linux because there was a big debate. 246 00:14:16.500 --> 00:14:19.779 And Yeah. Yeah. Like, that was the that was the sample file that would play. 247 00:14:19.779 --> 00:14:23.459 So, yeah, setting up that and, it got popped. Like, somebody 248 00:14:23.459 --> 00:14:26.885 had, like, a a print server bug that they were that they I set up 249 00:14:26.885 --> 00:14:29.925 the server, like, overnight, didn't finish the updates or something, came back to work the 250 00:14:29.925 --> 00:14:32.565 next day, and it had been unplugged. There was a note from my boss, like, 251 00:14:32.565 --> 00:14:36.185 hey. The security coordinator for the university says this was sending spam. 252 00:14:36.645 --> 00:14:39.360 They got reports that, like, overnight, it was served the weekend or whatever it was. 253 00:14:39.360 --> 00:14:41.920 It was sending some spam out, and I was I was like the Internet and, 254 00:14:41.920 --> 00:14:44.320 like, someone on the on the So got it or was it Yeah. It was 255 00:14:44.320 --> 00:14:47.520 it was Internet. Everything was public IP at the time at the university. There was 256 00:14:47.520 --> 00:14:51.345 no, like, firewall. Oh, no. This was, like connected. It's public? It's 257 00:14:51.345 --> 00:14:54.785 public. Yep. Go live. Unless you had your own map. If you unless you unless 258 00:14:54.785 --> 00:14:58.144 each department like, the universe the dorms had a map, for example, or, like, certain 259 00:14:58.144 --> 00:15:01.824 departments maybe have, but, like, by default, just, like, yep. It was all 260 00:15:01.824 --> 00:15:05.520 there. So, it was the Wild West, and and that was, like, 261 00:15:05.520 --> 00:15:07.839 all that would happen. Like, you, like, you would just send spam. Like, that was 262 00:15:07.839 --> 00:15:11.120 that was the only, like, malicious thing that would happen basically at the time. It 263 00:15:11.120 --> 00:15:14.660 wasn't it wasn't even, like, botnet era. So this is, like, 2,000, maybe 2,001. 264 00:15:16.324 --> 00:15:19.285 And so I was like, woah. I got hacked. This is so cool. And so, 265 00:15:19.285 --> 00:15:22.324 like, I did some kind of basic forensics and, like, her upload report for my 266 00:15:22.324 --> 00:15:25.764 boss. He forwarded on to Kathy Bergstrom, who was the newly hired, like, 267 00:15:25.764 --> 00:15:29.365 university security coordinator. And she was trying to hire, like, a security engineer, and she 268 00:15:29.365 --> 00:15:32.110 was like, oh, are you interested in this position? And then she was like, oh, 269 00:15:32.110 --> 00:15:34.350 you're a student still. Like, I don't want a student. I'm like, no. No. No. 270 00:15:34.350 --> 00:15:37.709 Please. Please. The security stuff's amazing. I wanna do this. I've always wanted I just 271 00:15:37.709 --> 00:15:40.670 never had an excuse to do it. And so, anyway, I talked to her into 272 00:15:40.670 --> 00:15:44.130 it, and that was my my first security job was doing, 273 00:15:44.350 --> 00:15:48.135 like, forensics, instant response, network. I got to do, like, the the 274 00:15:48.135 --> 00:15:51.975 firewall and set up, like, a a had a 10 gig IDS system we 275 00:15:51.975 --> 00:15:54.935 had built back in the day. I mean, you know, like, we had serious pipes. 276 00:15:54.935 --> 00:15:58.695 Yeah. So as as a research university, you know, we were on Internet too, 277 00:15:58.695 --> 00:16:02.410 whatever it was called, a bunch of different names for it. Like, we had 278 00:16:02.410 --> 00:16:05.470 really high speed, connections. So trying to, like, buy 279 00:16:06.410 --> 00:16:10.250 a IDS that could even go that fast. We actually built our own. We ended 280 00:16:10.250 --> 00:16:13.785 up using a bunch of different stuff. We used, you know, row at some 281 00:16:13.785 --> 00:16:17.385 points and sort and bunch of different things. But, like, 282 00:16:17.385 --> 00:16:20.925 these NDAIS, I think with the the accelerated video cards, you can actually 283 00:16:21.465 --> 00:16:25.080 put rules on the the the NIC itself and do it like an FPGA, basically, 284 00:16:25.080 --> 00:16:28.680 so you could do line rate, detection and filtering and alerting. 285 00:16:28.680 --> 00:16:31.640 And so, yeah, it was a super fun gig. I got to do kind of 286 00:16:31.640 --> 00:16:34.760 a lot of, like, a lot of stuff. What was the first task or job 287 00:16:34.760 --> 00:16:37.240 that they assigned you to as soon as you got the the role? Do you 288 00:16:37.240 --> 00:16:40.625 remember? Oh, that's a good question. I 289 00:16:40.625 --> 00:16:44.324 think the first thing I did was, 290 00:16:46.704 --> 00:16:50.305 I automated what was the vulnerability scanner? I 291 00:16:50.305 --> 00:16:53.930 I ISS from, like, 292 00:16:54.570 --> 00:16:58.110 IBM or one of the, like, one of the early, app scanners. 293 00:16:58.890 --> 00:17:01.850 I it wasn't Nessus. And maybe at one point, we switched out to Nessus, but 294 00:17:01.850 --> 00:17:05.690 I basically, like, did some basic kinda, like, scripting and automation. I wasn't much of 295 00:17:05.690 --> 00:17:09.175 a programmer, but I was really good at, like, scripting and shell scripts and, 296 00:17:09.315 --> 00:17:12.915 like, kinda cobbling things together. And so I automated, like, this always on 297 00:17:12.915 --> 00:17:15.875 scanner for a couple of things that were, like, really common at the time that 298 00:17:15.875 --> 00:17:18.915 were causing us trouble. And so it would just automatically sweep all of our IP 299 00:17:18.915 --> 00:17:22.609 space constantly and then either send emails or, you know, take some kind of 300 00:17:22.609 --> 00:17:26.369 automated action. And then, like, we eventually several of us built, 301 00:17:26.369 --> 00:17:30.050 like, this this sort of, like, automated response system. Like, 302 00:17:30.050 --> 00:17:33.010 I sort of predated SIM or SIM or whatever. It was kind of a little 303 00:17:33.010 --> 00:17:36.625 bit of that where it would pull from, like, pull from the the campus 304 00:17:36.684 --> 00:17:40.465 captive portal logs and pull from, like, the dial up IP logs and pull from, 305 00:17:41.005 --> 00:17:44.445 the map of which network administrators have which IP space and, like, have this 306 00:17:44.445 --> 00:17:48.000 database, and then combine that with abuse complaints or 307 00:17:48.000 --> 00:17:51.840 alerts from our system or the MCA complaints or whatever, like, all this different stuff. 308 00:17:51.840 --> 00:17:54.720 And it would just automatically have a bunch of rules and send emails for us, 309 00:17:54.720 --> 00:17:58.320 like, our little ticketing system internally. So, yeah, just trying to automate as much as 310 00:17:58.320 --> 00:18:01.680 as much as possible, and then getting to build out, like, the IDS and actually 311 00:18:01.680 --> 00:18:05.365 go and physically, like, deploy it like all the different pops all over campus. 312 00:18:06.225 --> 00:18:09.985 You know, this this this IDS box. We had Dragon, IDS way back in the 313 00:18:09.985 --> 00:18:13.745 day, Ron Gula, and that was that was a it was a good idea. 314 00:18:13.745 --> 00:18:17.360 Yes. I enjoyed I enjoyed working on that. But yeah. So that was my network 315 00:18:17.360 --> 00:18:21.200 defense, my first my first security job. Now I'm building a lot of tools 316 00:18:21.200 --> 00:18:24.639 internally at the at the college and setting it all up and, like Yeah. 317 00:18:24.960 --> 00:18:28.665 I haven't, like so, like, jet I have, like, 2 questions. 1, like, how difficult 318 00:18:28.665 --> 00:18:31.645 was it to keep those, like, pipes open in terms of, like, the data flowing? 319 00:18:31.705 --> 00:18:35.145 And then 2, when you left, was it easy to hand over all of the 320 00:18:35.145 --> 00:18:38.205 things that you had built? Because this is, like, a whole, you know, 321 00:18:38.745 --> 00:18:42.345 program. Yeah. Thankfully, there were enough by the time I left, there were about 4 322 00:18:42.345 --> 00:18:45.730 or 5 people on the team. And so we had grown the team, and so 323 00:18:45.730 --> 00:18:49.090 I wasn't, like, the only person running stuff, for quite a while. And so there 324 00:18:49.090 --> 00:18:51.250 were there were definitely enough. I didn't feel like I was leaving them in a 325 00:18:51.250 --> 00:18:55.090 lurch. There were a lot of other people. And that system was still 326 00:18:55.090 --> 00:18:57.810 running up until a couple years ago. I don't even know if it is right 327 00:18:57.810 --> 00:19:00.225 now, but I went back and visited the campus and talked to all the guys 328 00:19:00.225 --> 00:19:04.065 who was still there who who I was has stayed around. That's right. It I 329 00:19:04.065 --> 00:19:06.865 mean, it's both terrifying and it feels good. A little bit a little bit of 330 00:19:06.865 --> 00:19:10.545 both. Yeah. Exactly. Like, it was, I mean, this thing was written in. There was 331 00:19:10.545 --> 00:19:14.280 Pearl in there. There was some shell scripts. There was it was 332 00:19:14.280 --> 00:19:17.000 it was a whole but, like, you know, if it ain't if it ain't broke. 333 00:19:17.000 --> 00:19:20.840 And the concept I think, yeah, to this day remains really solid, like, to 334 00:19:20.840 --> 00:19:23.640 really just get all of your logs. Even, you know, a great example is I 335 00:19:23.640 --> 00:19:27.414 remember at one point we got early flow data and, like, just gather everything. You 336 00:19:27.414 --> 00:19:30.695 never know what's gonna be useful. Like, the the the week that we storage for 337 00:19:30.695 --> 00:19:34.534 it all? So we had decent storage, and we would only keep, 338 00:19:34.534 --> 00:19:36.615 like, a week of it or a couple days of it or whatever. Right? Like, 339 00:19:36.615 --> 00:19:40.134 we didn't need because even even a week worth of full flow data for all 340 00:19:40.134 --> 00:19:43.960 all of campus was fantastic. And it was it wasn't like all the 341 00:19:43.960 --> 00:19:46.840 internal routers, you know, necessarily. It was that, like, some of the main there was 342 00:19:46.840 --> 00:19:49.960 a couple of main main pops, like, on campus that we would we would get 343 00:19:49.960 --> 00:19:53.240 the the c flow d firmed or whatever. And so when we started aggregating all 344 00:19:53.240 --> 00:19:56.955 that, like, we actually had a a loft student who left 345 00:19:56.955 --> 00:20:00.795 a laptop plugged into a, like a podium in a in a 346 00:20:00.795 --> 00:20:04.395 classroom overnight, sent spam for a local club to a bunch of 347 00:20:04.395 --> 00:20:08.235 emails he had harvested from the campus directory, and, then 348 00:20:08.235 --> 00:20:11.780 came back in the next day, pulled it, and and, like, took off with it. 349 00:20:11.780 --> 00:20:15.380 And he had remote controlled it over, like, and he did 350 00:20:15.380 --> 00:20:18.600 something where basically we were able to, like, correlate the, 351 00:20:19.620 --> 00:20:23.060 the only what had happened because he had remote 352 00:20:23.060 --> 00:20:26.365 desktop into it from his, like, campus, 353 00:20:27.065 --> 00:20:29.945 portal account from some routes on campus. Right? So he had, like, use elsewhere on 354 00:20:29.945 --> 00:20:33.304 campus, and he had, like, RDP'd, VNC'd, or whatever it was, into the box. And 355 00:20:33.304 --> 00:20:35.865 we solved that flow, and then we can look up his logger for the original 356 00:20:35.865 --> 00:20:38.904 machine. So it was only because we had like, otherwise, it would've been this ephemeral 357 00:20:38.904 --> 00:20:41.660 IP that shows up since spam is offline. Like, where in the world did that 358 00:20:41.660 --> 00:20:45.420 come from? Right? So Investigations are happening within that week span of, like, when 359 00:20:45.420 --> 00:20:48.540 you have Yeah. Like, I mean, we we got, like, spam a bunch of spam 360 00:20:48.540 --> 00:20:51.740 complaints, like, immediately. We had headers, and we pulled the logs, and we know exactly 361 00:20:51.740 --> 00:20:54.565 where the machine is. We can tell like, this ephemeral thing. The MAC address hasn't 362 00:20:54.565 --> 00:20:58.164 been seen on a wired port before on campus, and, it's gone 363 00:20:58.164 --> 00:21:00.725 again. But then I was, like, oh, we got this new, like, flow data. Let's 364 00:21:00.725 --> 00:21:02.725 go look at it. We can see, sure enough, all the app on us in 365 00:21:02.725 --> 00:21:06.404 DP, and then an inbound RDP, and it's, like, oh, hello 366 00:21:06.404 --> 00:21:10.250 there. I was still disappointed that they apparently like, the guy was, like, not 367 00:21:10.250 --> 00:21:13.690 really punished their that's a lawyer. They they really should have 368 00:21:13.690 --> 00:21:16.810 the the rule book thrown at them. Like, they know better. Like and it was 369 00:21:16.810 --> 00:21:19.290 clear that he knew what he was doing was not okay. Right? Because he he 370 00:21:19.290 --> 00:21:23.125 went to great lengths to obfuscate what he was doing. Right? Like, he didn't just 371 00:21:23.125 --> 00:21:26.325 do this from a machine he was logged in to. He intentionally wired into a 372 00:21:26.325 --> 00:21:29.845 different network, controlled it remotely, and then and did it that way. So I was 373 00:21:29.845 --> 00:21:33.385 a little disappointed that they didn't, the punishment wasn't wasn't particularly 374 00:21:33.445 --> 00:21:36.960 severe, which was a little bit disappointed, but that's what it is. 375 00:21:37.120 --> 00:21:40.640 Yeah. Interesting. Wow. Yeah. The, the my 376 00:21:40.640 --> 00:21:44.480 experience of working at not working. Well, before working. So I was 377 00:21:44.480 --> 00:21:48.240 at Georgia Tech at the Institute of Information Security and Privacy working, like, 378 00:21:48.240 --> 00:21:51.905 a 150 servers for the PhD students that were, either 379 00:21:51.905 --> 00:21:55.585 malware research or vulnerability research and No. Wait. Was that 380 00:21:55.585 --> 00:21:59.184 Georgia Tech Lab the same one that just recently got, in a little bit, 381 00:21:59.424 --> 00:22:01.684 like, the news for NIST 80171, 382 00:22:03.345 --> 00:22:07.158 stuff with the I don't know. I'm gonna reach out to you if I Google 383 00:22:07.158 --> 00:22:09.480 Google Georgia Tech and NIST 800171. It's for what it's worth. I'm on the university 384 00:22:09.480 --> 00:22:12.470 side. That's a whole it's a long story. That's actually, that's a really separate interesting 385 00:22:12.470 --> 00:22:15.830 topic about sort of, like, the over classification slash the creation of, like, this 386 00:22:15.830 --> 00:22:16.330 new, 387 00:22:21.215 --> 00:22:25.055 class of protected data called CUI or CDI, which is really, I think, 388 00:22:25.055 --> 00:22:28.735 a problem for small businesses. Like, the big contractors love it because it's gonna 389 00:22:28.735 --> 00:22:32.435 lock out small businesses from doing, defense contracting. 390 00:22:32.975 --> 00:22:36.710 The here we go. CUI, control, unclassified 391 00:22:37.090 --> 00:22:40.610 information. Is this a new standard or requirement? Yeah. So it's basically a new 392 00:22:40.610 --> 00:22:44.210 requirement that, there was I forgot what it's it's an executive order that 393 00:22:44.210 --> 00:22:47.890 basically was, like, the safeguarding defense material. Like, a lot of I mean, it 394 00:22:47.890 --> 00:22:51.655 came from good intentions. Right? Like, after the, OPM breach and stuff like that, 395 00:22:51.655 --> 00:22:54.635 where they're like, oh, we need to protect information. 396 00:22:55.415 --> 00:22:59.175 The problem is, like, it's unclassified information, but they 397 00:22:59.175 --> 00:23:03.010 still wanna, like, make sure it's taken care of well. And so they asked 398 00:23:03.010 --> 00:23:05.910 NIST to write a whole bunch of, like, rules about, 399 00:23:07.010 --> 00:23:10.450 like, how would you do good comments as practices. And, like, a lot of it's 400 00:23:10.450 --> 00:23:13.970 fine, but the problem is just it's a 122 pages of government 401 00:23:13.970 --> 00:23:17.725 specification that you don't have to read and conform to and, like, 402 00:23:17.725 --> 00:23:21.485 do an audit or self assess and a test. And, you know, it's 403 00:23:21.485 --> 00:23:25.245 like, I I understand how to run a good secure network. But, 404 00:23:25.245 --> 00:23:28.940 like, as a small company, I'm not gonna, like, clap on those 405 00:23:28.940 --> 00:23:32.780 ankle irons to, like, slow down how I do development 406 00:23:32.780 --> 00:23:36.380 or how my, you know, engineers work. So, like, 407 00:23:36.380 --> 00:23:40.140 yes. Two factor auth and everything? Absolutely. Password change policies? Maybe 408 00:23:40.140 --> 00:23:42.860 not yours because, like, there's a lot of debate as to what's a good password 409 00:23:42.860 --> 00:23:46.595 policy, but, audit log and review, certain, like, you have to look 410 00:23:46.595 --> 00:23:49.175 locked out. Yeah. It was just a bunch of stuff that you have to do 411 00:23:49.315 --> 00:23:53.075 that makes makes contracting hard. Anyway, let me back up on my my 412 00:23:53.075 --> 00:23:56.695 my bio for a second too. So, like, that was network defense at UF, 413 00:23:56.915 --> 00:24:00.110 and I started playing Captions Flags. And that's what, like, got me into offense. 414 00:24:01.049 --> 00:24:03.770 I did. Yeah. So I started I went to, like, a Sands conference, like, when 415 00:24:03.770 --> 00:24:07.530 I which I forgot what Sands course it was in Orlando, doing, 416 00:24:07.530 --> 00:24:10.970 like, offensive security stuff. And I was like, oh, yeah. This stuff's fun. Again, I've 417 00:24:10.970 --> 00:24:14.815 always wanted to, like always wanted to do it, but and this 418 00:24:14.815 --> 00:24:18.655 is like a a legal way. Exactly. Exactly. And so, like, that was 419 00:24:18.655 --> 00:24:21.215 super fun. In fact, one of my one of the people in the class was 420 00:24:21.215 --> 00:24:24.895 was Atlas, a dear friend of mine to to this 421 00:24:24.895 --> 00:24:28.650 day. And he, like, went on to play Defcon 422 00:24:28.650 --> 00:24:32.410 CTF that next year. And I was like, dude, how did you like, I met 423 00:24:32.410 --> 00:24:36.250 you. You were not that good. Like, no offense, man, but you were not that 424 00:24:36.250 --> 00:24:38.570 good. He's like, no. Like, I did this whole boot camp. I guess somebody else 425 00:24:38.570 --> 00:24:41.505 mentioned me. I wrote my first exploit and started, like, you know. And so he 426 00:24:41.505 --> 00:24:44.005 kinda described this process, and I was like, I'm in. 427 00:24:45.745 --> 00:24:48.545 It wasn't an official boot camp. It was more like a mentorship program, like, you 428 00:24:48.545 --> 00:24:51.025 got somebody else to, like, just reach out. And he basically offered you the same 429 00:24:51.025 --> 00:24:53.825 to me. He's like, hey. I'll I'll give you, like, some challenges. You can work 430 00:24:53.825 --> 00:24:57.480 through it. Like, you can join I'm putting together a team. And, so we 431 00:24:57.480 --> 00:25:01.160 we started a team and then we play so he he he 432 00:25:01.160 --> 00:25:03.160 played as, like, a road. That was the last year that you could play as 433 00:25:03.160 --> 00:25:06.520 an individual. You could show up and play as an individual at Defcon. From then 434 00:25:06.520 --> 00:25:08.380 on out, last 20 something years, 435 00:25:10.695 --> 00:25:13.195 There were still several 100. I mean, that would have been 436 00:25:14.455 --> 00:25:18.294 actually, you know what? I have a, a, a Google Sheet where I 437 00:25:18.294 --> 00:25:20.715 track the history of DEFCON CTF. 438 00:25:22.615 --> 00:25:26.340 Yeah. I don't know if I've added this last year, but, 439 00:25:27.200 --> 00:25:30.640 out here, it's history of Defcon CTF. Yeah. I'll drop a link, if there's a 440 00:25:30.800 --> 00:25:34.260 yeah. Let's check here. Yeah. Yeah. I see it. 441 00:25:35.755 --> 00:25:38.155 Alright. It says whisper backstage, but there you go. You should be able to see 442 00:25:38.155 --> 00:25:41.914 that. So, let's see. So that would 443 00:25:41.914 --> 00:25:45.615 have been so let's see. The first time I played Defcon CTF 444 00:25:45.914 --> 00:25:49.760 was at the Alexis 445 00:25:49.980 --> 00:25:53.600 Park in 2,000 446 00:25:54.380 --> 00:25:57.920 and 1. Yeah. So I played kind of a one off, 447 00:25:58.380 --> 00:26:02.220 yeah, at DEFCON CTF. Like, I barely just turned 21 448 00:26:02.220 --> 00:26:05.955 even. And, that was, like, pickup. It was a pickup game. You could 449 00:26:05.955 --> 00:26:08.075 just walk in and sit down and, like, go. It was it was kinda wild 450 00:26:08.075 --> 00:26:10.135 and crazy. Right? The 451 00:26:12.914 --> 00:26:16.649 yeah. I mean, it was still a a oh goodness. I don't 452 00:26:16.649 --> 00:26:20.169 know. Yeah. I mean, it was it so the Alexis Park as a hotel was, 453 00:26:20.169 --> 00:26:23.850 like, very different. Right? Like, it was kind of, like, apartment style, like, hotels that 454 00:26:23.850 --> 00:26:27.690 spread out, like, more resource style. And there was, like, literally a tent on 455 00:26:27.690 --> 00:26:31.264 the roof. Like, can you imagine a Vegas? Like, a tent on the roof. That 456 00:26:31.264 --> 00:26:34.304 was the year, like, Cult of the Dakar released, like, I think, b o two 457 00:26:34.304 --> 00:26:38.144 k or something. And they announced that from from 458 00:26:38.144 --> 00:26:41.585 one of the rooms. That was Dimitry Skalirov, the 459 00:26:41.585 --> 00:26:45.390 PDF. He reversed the year that they were, like, rot 13. Like, that 460 00:26:45.470 --> 00:26:48.270 was their encryption, and, like, he was arrested by the FBI. That was that that 461 00:26:48.270 --> 00:26:52.110 same year. Route 13 was the encryption? Yeah. It was basically 462 00:26:52.110 --> 00:26:54.030 it was basically route it was a little more than that, but it was basically 463 00:26:54.030 --> 00:26:57.630 route 13. And then, like, he announced it, and then the FBI arrested them. And 464 00:26:57.630 --> 00:27:01.265 then and people got a ton of flack, and Adobe's like, no. We're not person 465 00:27:01.265 --> 00:27:04.945 charges because they don't like, they suddenly realized it was, like, against the, like, public 466 00:27:04.945 --> 00:27:08.465 perception. But yeah. So it was Defcon 9, 2001. But then I I I didn't 467 00:27:08.465 --> 00:27:11.825 go to it for the next couple of years. And then I came so then 468 00:27:11.825 --> 00:27:15.429 Atlas was 2,005 when he basically soloed, like, played as a as a 469 00:27:15.429 --> 00:27:19.190 Ronin. And then it was 2,006. That was the last year. 2006 was the 470 00:27:19.190 --> 00:27:21.750 year you had to, like, qualify. The only way you could play was to qualify. 471 00:27:21.750 --> 00:27:25.510 It was only teams that, only has teams. So that was the 1st 472 00:27:25.510 --> 00:27:29.255 year I played, and we won that those 473 00:27:29.255 --> 00:27:32.715 next 2 years. And I was also on the team that won in in 20, 474 00:27:33.415 --> 00:27:37.255 2009. So first year you're 3 You just like you you 475 00:27:37.255 --> 00:27:40.690 didn't win, but you were you're getting No. We did. We did win. Yeah. We 476 00:27:40.690 --> 00:27:44.529 actually yeah. I got lucky. Well and so I yeah. I got with smart people. 477 00:27:44.529 --> 00:27:48.049 Right? So again, we had Atlas. We had Doc Brown. We had Burfra, like, a 478 00:27:48.049 --> 00:27:51.190 bunch of really good people in the team. And, 479 00:27:52.205 --> 00:27:55.565 so it was 7 or 8 of us. And yeah. It was like when that 480 00:27:55.565 --> 00:27:59.325 was, like, really when it started to, like, evolve. Like, it 481 00:27:59.325 --> 00:28:03.085 went from, like, it's all sort of own art form. Right? Like, DEF CON 482 00:28:03.085 --> 00:28:06.765 became very kinda, like, more specialized, and, like, the game was getting tuned and tweaked, 483 00:28:06.765 --> 00:28:10.290 and, like, people really kinda, like, honed in on what made Defcon CTF Defcon 484 00:28:10.290 --> 00:28:14.050 CTF. And that was really, I think, when it when it even actually 485 00:28:14.050 --> 00:28:17.330 the year before. I would say, 2005 is when it really started that process when 486 00:28:17.330 --> 00:28:19.990 Ken showed up to take it over. Oh, even get, you know, hackers. Maybe 2,004 487 00:28:20.535 --> 00:28:24.295 began it, and then it but really the game as it existed in 2,000, 2005, 488 00:28:24.295 --> 00:28:27.755 2,006, hasn't substantively 489 00:28:27.975 --> 00:28:31.755 changed. The only real difference was, like, the CGC introduced brokered, 490 00:28:31.975 --> 00:28:35.019 where basically, it it used to be you just got a server and your route 491 00:28:35.100 --> 00:28:37.899 you logged in and you defended your server. Right? And then there was some other 492 00:28:37.899 --> 00:28:41.019 mechanisms that the organizers had. There was that This is for well, this is, like 493 00:28:41.259 --> 00:28:44.700 yeah. So it's always been attack so the actually, the first 5 years or 6 494 00:28:44.700 --> 00:28:47.385 years of it were, like, just kinda, like, show up and plug a machine in. 495 00:28:47.385 --> 00:28:50.825 It was, like, really poorly structured. Like, plug a machine in and see what happens. 496 00:28:50.825 --> 00:28:54.424 Like, that was the CTF. Yeah. Hack each other. Like, run some stuff, I guess. 497 00:28:54.424 --> 00:28:57.544 It was it was a little little weird. And and it was it was the 498 00:28:57.544 --> 00:29:00.105 last year at GitHub Hackers and the 1st year at Kensho. Do when they really 499 00:29:00.105 --> 00:29:03.860 started to, like, no. No. No. We're gonna give you a VM image preconfigured. You 500 00:29:03.860 --> 00:29:07.700 have these services. We've custom written like that happened really then and 501 00:29:07.700 --> 00:29:10.740 started to kinda mature. And then really the only you know, there's been a lot 502 00:29:10.740 --> 00:29:14.435 of changes in, like, OS or network or, you know, stuff over the years. There's 503 00:29:14.435 --> 00:29:17.575 been a couple of new innovations like, King of the Hill style challenges, 504 00:29:18.915 --> 00:29:22.115 where, like, it's you can iteratively, like, whoever solves it with the fewest bytes, and 505 00:29:22.115 --> 00:29:24.515 then you can continually kinda do it. And so there's, like, a sort of a 506 00:29:24.515 --> 00:29:28.035 separate style challenge. But mostly, it's been yeah. Attack depends. You've got a 507 00:29:28.035 --> 00:29:31.570 server, attack it, and defend it at the same time. So you're writing 508 00:29:31.630 --> 00:29:35.230 patches for your binaries. You're you used to be able to put network firewalls in 509 00:29:35.230 --> 00:29:38.350 place. That's part of the game that's changed. They sort of removed that. People got 510 00:29:38.350 --> 00:29:41.970 too good. Like, people figured out too many generic defenses. 511 00:29:42.110 --> 00:29:45.835 Right? Like, if I can just run my server, I'll just virtualize your 512 00:29:45.835 --> 00:29:49.595 entire thing, lift it to something else, and then emulate it or put it in 513 00:29:49.595 --> 00:29:52.875 any kind of thing that's doing Cisco tracing, and I'll block all access to the 514 00:29:52.875 --> 00:29:56.395 key file. Like, ta da. I've secured your server. This is so much of boring, 515 00:29:56.395 --> 00:30:00.150 like, become Superman defenses. And so this the the changes lately 516 00:30:00.610 --> 00:30:04.310 require you to submit your patch to your binary to the game infrastructure 517 00:30:04.370 --> 00:30:08.130 that it's deployed for you. You're not root on your box, so you can't totally 518 00:30:08.130 --> 00:30:10.930 rewrite. Yeah. And often, we'll limit the size of the patch or whatnot. So that's 519 00:30:10.930 --> 00:30:14.625 the trend, the last few years post post CGS. Going 520 00:30:14.625 --> 00:30:18.465 forward in this type of fashion? You know, it's different. I, 521 00:30:18.865 --> 00:30:22.305 it's not better or worse. It's just different. I miss like, there was all sorts 522 00:30:22.305 --> 00:30:25.505 of amazing shenanigans you could pull when you had a full real box in the 523 00:30:25.505 --> 00:30:29.080 full shell. And, and as both an admin and an 524 00:30:29.080 --> 00:30:32.520 attacker, it was so many you'd find things that other teams have forgot or teams 525 00:30:32.520 --> 00:30:36.280 would have wrong permissions or it was all sorts of really cool stuff you 526 00:30:36.280 --> 00:30:39.880 could do, and that's that's gone away, which is sad. But at the same time, 527 00:30:39.880 --> 00:30:43.184 they kinda had to. Because like I said, too many teams had figured out these, 528 00:30:43.184 --> 00:30:46.945 like, just generic Superman defenses that you just could never score them, and that's 529 00:30:46.945 --> 00:30:50.785 really boring. Like, yeah, everybody can do one generic wrapper that just doesn't let 530 00:30:50.785 --> 00:30:53.905 the key get red and then deploy to all their services and poof. You can't 531 00:30:53.905 --> 00:30:57.610 now score on them like that. That's stupid. So, yeah, it's hard to 532 00:30:57.610 --> 00:31:00.970 to to kinda strike that balance. But I do miss I do miss the shell 533 00:31:00.970 --> 00:31:04.250 shunning. I that was my main specialty. I was really good at, like, just weird 534 00:31:04.410 --> 00:31:08.170 oh, yeah. Shenanigans. I loved I loved that stuff. Like like, 535 00:31:08.170 --> 00:31:11.935 when you're, when you're we could log into the scoreboard 536 00:31:12.155 --> 00:31:15.535 using a key that they dropped on our box at the beginning of the game, 537 00:31:16.235 --> 00:31:19.595 and the key existed in 2 places. Like, it was in a database that was 538 00:31:19.595 --> 00:31:22.415 in the file on the file system, and no team 539 00:31:23.680 --> 00:31:26.480 removed it in both places. Like, some people would, like, fix the file permissions to 540 00:31:26.480 --> 00:31:29.360 make it not readable for the file, but they would forget the database. Some people 541 00:31:29.360 --> 00:31:33.120 cleared the database, forgot the file. So we had, basically, everybody's login to their score 542 00:31:33.120 --> 00:31:36.240 server, which, like, I could log in as them and score for them, I guess, 543 00:31:36.240 --> 00:31:38.480 or I could log in you know, it's like, what what can you do on 544 00:31:38.480 --> 00:31:41.565 that? Well, one of the things you could do is reset their overwrite token. Alright. 545 00:31:41.565 --> 00:31:45.005 So you you have an overwrite token that when you exploit somebody to prove you 546 00:31:45.005 --> 00:31:48.765 have write access, not just read access, right, you would take your overwrite token 547 00:31:48.765 --> 00:31:52.045 and put it on top of the flag file, and the hypervisor, whatever's doing the 548 00:31:52.045 --> 00:31:54.660 logging, would would detect that and be like, oh, okay. You get points for an 549 00:31:54.660 --> 00:31:57.620 overwrite. Right? So it was just you could both seal a flag and overwrite or 550 00:31:57.620 --> 00:32:00.840 some services maybe you could only overwrite. Right? Depending on the the challenge. 551 00:32:01.300 --> 00:32:05.059 And, so we, for example, click the button 552 00:32:05.059 --> 00:32:08.725 to, like, refresh the override key from School of Root and we would 553 00:32:08.725 --> 00:32:11.365 watch them and wait till they notice. And, like, 45 minutes later, an hour later, 554 00:32:11.365 --> 00:32:13.605 you see them all, like, looking around. Who who did? Who hit the button? No. 555 00:32:13.605 --> 00:32:15.524 Who did the button? No. They go back to work. Wait till they're not paying 556 00:32:15.524 --> 00:32:19.365 attention again. Do it again. So we denied them, like, overwrite points for 557 00:32:19.365 --> 00:32:21.765 a period of time. Like, you can't, you know, you can't get that back. You've 558 00:32:21.765 --> 00:32:25.220 missed that that that time with us. That was really fun. We also logged in 559 00:32:25.220 --> 00:32:29.059 as a different team and gave them points from us because that was back in 560 00:32:29.059 --> 00:32:32.820 the day where you had, 1st Blood. So the first person to score a particular 561 00:32:32.820 --> 00:32:36.515 service got, like, an extra bonus points, and then it was just over time how 562 00:32:36.515 --> 00:32:40.275 many time slots could you could you score in essentially. And so we intentionally gave 563 00:32:40.275 --> 00:32:43.955 low ranking teams first blood against our services that they 564 00:32:43.955 --> 00:32:47.715 hadn't actually done just to deny those points to other teams because we 565 00:32:47.715 --> 00:32:51.174 knew we couldn't solve those challenges at the time, and we were we were afraid. 566 00:32:51.630 --> 00:32:54.670 Yes. There's a bunch of shenanigans. Like, that one's actually a little questionable, I think, 567 00:32:54.670 --> 00:32:57.310 in hindsight. We did ask the organizers at the time, and they were like and 568 00:32:57.310 --> 00:33:00.750 they were like, well, you you did a hacking thing. You got everyone else's logins. 569 00:33:00.750 --> 00:33:04.030 They didn't secure it properly, and you're using that to get an advantage. Like, it's 570 00:33:04.030 --> 00:33:07.615 fair. So there and I I that one actually didn't matter in the end either, 571 00:33:07.615 --> 00:33:10.654 guy, because it turned out that that none of the other teams were actually close 572 00:33:10.654 --> 00:33:13.294 to solving the ones that we gave those points to. But, you know, sort of 573 00:33:13.294 --> 00:33:16.255 defensively, we we thought it might be. So, yeah, I love that that side of 574 00:33:16.255 --> 00:33:17.955 the the game. It was it was fun. 575 00:33:23.539 --> 00:33:27.220 A lot of people have. Yeah. Absolutely. I never I again, I said, I was 576 00:33:27.220 --> 00:33:30.659 always kinda straight. So, like, if I ever was do I love the shenanigans, but 577 00:33:30.659 --> 00:33:33.940 I would always just ask. I'd be like, hey. I wanna do a thing. Can 578 00:33:33.940 --> 00:33:37.305 I do a thing? And, you know, occasionally, they'd be like, yes. Occasionally, they'd be 579 00:33:37.305 --> 00:33:40.125 like, no. Like, it's we've we've gotten both and so, like, there were years that 580 00:33:40.265 --> 00:33:43.945 1 year, when, legit BS was running at their 1st year, I think, 581 00:33:43.945 --> 00:33:47.705 actually, like, denial of service attacks were kind of a thing. Like, it sort of 582 00:33:47.705 --> 00:33:51.450 unintentionally opened the door to that. And usually, you don't let any DDoS because one, 583 00:33:51.450 --> 00:33:55.290 DDoS is technically uninteresting. Right? And dumb. Like, yes, you can flood your 584 00:33:55.290 --> 00:33:58.809 opponents. Nobody cares. Right? Like, that's not interesting. No. No. No points for 585 00:33:58.809 --> 00:34:01.850 style. And so there's, like, a certain amount of things are just forbidden by rule 586 00:34:01.850 --> 00:34:05.675 and if they catch you, they'll penalize you. And they sort 587 00:34:05.675 --> 00:34:09.275 of, like, one team found a kinda cleverish way of doing a DOS 588 00:34:09.275 --> 00:34:12.955 using infrastructure, and they allowed it, and we're, like, oh, fine. Well, 589 00:34:12.955 --> 00:34:15.594 we have this other thing where we can half close a socket and spoof a 590 00:34:15.594 --> 00:34:18.635 thing from somebody else and, like, trigger it, and it will cause them to flood 591 00:34:18.635 --> 00:34:22.350 somebody else's traffic. Like, sounds like fair game. Right? And they were, like, 592 00:34:23.130 --> 00:34:26.810 yeah. We did sort of open up the rules for that. We're sorry. And they 593 00:34:26.810 --> 00:34:30.650 they ended up basically saying, like, no. You can't do that. We're gonna 594 00:34:30.650 --> 00:34:32.889 give you some points. We're gonna have the other team that's doing the other thing 595 00:34:32.889 --> 00:34:35.145 a little bit of points, and then just stop doing it. Right? So they gave 596 00:34:35.145 --> 00:34:37.945 you a little points for a school idea. No one can now do it. You 597 00:34:37.945 --> 00:34:40.905 had the first person idea. And so, like, that was kinda how they how they 598 00:34:40.905 --> 00:34:44.685 did it. I've seen people get kicked out because they cut courts though. When your 599 00:34:45.225 --> 00:34:48.745 one team was so angry, they've literally went into under the table and cut another 600 00:34:48.745 --> 00:34:52.259 team's court. They were just, like, bad bad manner, and they were they were kicked 601 00:34:52.259 --> 00:34:56.019 out of the they should've been kicked out of the whole whole convention, but at 602 00:34:56.019 --> 00:34:59.779 the time, it was just they were kicked out of the CTF. There have been 603 00:34:59.779 --> 00:35:03.444 people who who explicitly were denial of survey, servicing 604 00:35:03.444 --> 00:35:05.765 before that they were, like, stop it, knock it off and if you don't, we're 605 00:35:05.765 --> 00:35:09.444 gonna kick you out. You're hosting now as well. Right? So you might be, doing 606 00:35:09.444 --> 00:35:11.925 that and that's your host. So you're able to see a lot more of what's 607 00:35:11.925 --> 00:35:15.765 behind the scenes now. Somewhat. Like, I I'm actually I'm so busy with 608 00:35:15.765 --> 00:35:19.340 with so I'm I'm doing live CTF which is, like, sports casted 609 00:35:19.720 --> 00:35:23.560 e sports commentary. Yeah. It was like a 4 610 00:35:23.560 --> 00:35:27.320 hour video too. It was like, oh, it's, it's exhausting. Yeah. And we, thankfully 611 00:35:27.320 --> 00:35:29.640 we have a team of people this year that groups grown a little bit. So 612 00:35:29.640 --> 00:35:33.435 I like the 1st year I was literally on camera the entire time. But now 613 00:35:33.435 --> 00:35:36.155 we can we can we can trade out. Yeah. I just like being, like, you 614 00:35:36.155 --> 00:35:39.995 know, enthusiastic the entire time. Yeah. High energy 615 00:35:39.995 --> 00:35:42.235 and, like, you're you're pretty exhausted by the end. But, I mean, it is it 616 00:35:42.235 --> 00:35:45.035 is exciting. It's fun because you're legit watching some of the best hackers in the 617 00:35:45.035 --> 00:35:48.110 world. You get to watch their screen live. It happens. So, like, it is it's 618 00:35:48.110 --> 00:35:51.950 pretty great. But, like so I'm I'm, like, in with the organizer, you know, the 619 00:35:51.950 --> 00:35:55.650 main, you know, Nautilus Institute team that's running it. I'm not officially 620 00:35:55.710 --> 00:35:58.830 on the team. We do we just kinda like to do our live CTF stuff 621 00:35:58.830 --> 00:36:01.934 sort of sort of separately. We just have enough nothing to worry about. We do 622 00:36:01.934 --> 00:36:05.775 technically have access though to to what they're, to what they're doing. We, you know, 623 00:36:05.775 --> 00:36:08.734 we we talk a fair amount. So we do hear some stuff, but we're just, 624 00:36:08.734 --> 00:36:12.414 yeah, so busy with our little kind of side quest, that that I don't I 625 00:36:12.414 --> 00:36:15.490 don't, I don't worry about that a whole lot. Anyway, I wanted to to go 626 00:36:15.490 --> 00:36:19.250 well, and I'm kinda keeping keeping ear to things. But yeah. So, 627 00:36:19.250 --> 00:36:23.089 like, so so CTF was, like, my my introduction into office. Right? 628 00:36:23.089 --> 00:36:26.055 That was where I was, like, okay. Cool. Like, this is this is fun. I 629 00:36:26.055 --> 00:36:29.494 like write writing exploits. I like reverse engineering. I was starting reverse engineering at the 630 00:36:29.494 --> 00:36:32.695 university for, like, an hour analysis a little bit. Right? Like, I had an audit 631 00:36:32.695 --> 00:36:36.455 copy back then. And I wasn't very good, but, like, I like the idea. Learning, 632 00:36:36.455 --> 00:36:39.734 like, what resources were you using at the time to to start your reverse engineering 633 00:36:39.734 --> 00:36:43.400 journey? I mean, at the time, I don't yeah. I don't remember a whole lot. 634 00:36:43.400 --> 00:36:46.920 Just Here's the details. Right? Like Just kick off the office. No. Literally. I 635 00:36:46.920 --> 00:36:50.680 have I have absolutely highlighted Intel books still sitting on my shelf at the 636 00:36:50.680 --> 00:36:53.560 office, for, like, you know, it used to be a game to find who who 637 00:36:53.560 --> 00:36:56.885 could find the most typos. There's a bunch of like little either typos or like 638 00:36:56.885 --> 00:37:00.325 errors depending on which version of the books you had. And books they don't ever 639 00:37:00.325 --> 00:37:03.845 they don't ever expect people to actually read them. And like they'll just have 640 00:37:03.845 --> 00:37:07.470 like, oh, so this does the thing. Like, don't worry about it kind of thing. 641 00:37:07.470 --> 00:37:11.310 It's like, I wanna learn. I think I think they do. I think they 642 00:37:11.310 --> 00:37:13.869 do. Like, they did fix them. They would you could send them in send them 643 00:37:13.869 --> 00:37:17.070 in, and they did, do a lot of editions of it. And I I don't 644 00:37:17.070 --> 00:37:19.790 know if any of the typos that I found are still still there in the 645 00:37:19.790 --> 00:37:23.295 the online versions. Because the same same docs are now. Still PDFs 646 00:37:23.355 --> 00:37:27.115 online. But yeah. So I like, I literally I I just would 647 00:37:27.115 --> 00:37:30.715 go through and and learn opcodes and, you know, look at 648 00:37:30.715 --> 00:37:33.375 disassembly, look at look at decompilers. And, 649 00:37:34.490 --> 00:37:38.329 I actually I I taught, an assembly language course at when I 650 00:37:38.329 --> 00:37:41.950 was working at Raytheon. But yeah. So so the the story was I went from 651 00:37:42.329 --> 00:37:46.089 network defense at at UF, Sharpen Capture the Flag, and then turn that 652 00:37:46.089 --> 00:37:49.745 into a job at, a small company called 653 00:37:49.745 --> 00:37:53.185 SI Govs, SI Government Solutions, which then Raytheon bought and they 654 00:37:53.185 --> 00:37:57.025 became Raytheon SI, Raytheon CSI, Raytheon 655 00:37:57.025 --> 00:38:00.625 CodEx, and now they're spot Nightwing is like the the company's had a million different 656 00:38:00.625 --> 00:38:04.440 names. That's the origin of Nightwing? Yeah. Nightwing was well, so so 657 00:38:04.440 --> 00:38:08.040 SI was is not is a part of of Nightwing. But 658 00:38:08.040 --> 00:38:11.880 Nightwing Nightwing was, like, all of the cyber business that Raytheon had kinda spun 659 00:38:11.880 --> 00:38:15.080 off. So it was a bigger business unit, but, like, a big chunk of it 660 00:38:15.080 --> 00:38:18.734 is, yeah, is is is what was originally SI Government Solutions. 661 00:38:19.195 --> 00:38:22.635 And they say government solutions, that was reverse engineering? It was all vulnerability 662 00:38:22.635 --> 00:38:25.675 research, reverse engineering. There was a frame out of tool dev and stuff as well. 663 00:38:25.675 --> 00:38:29.515 The thing I loved about about SI, was that, like, back in the 664 00:38:29.515 --> 00:38:32.900 day so even, like, several of the I'm not gonna call it explicitly. People I 665 00:38:32.900 --> 00:38:36.660 was playing CTF against or with, at the time, we're working for 666 00:38:36.660 --> 00:38:40.420 other defense contractors, and we're doing the same kind of work. Right? Like, 667 00:38:40.420 --> 00:38:44.184 there were there were folks involved. And, so even some of the 668 00:38:44.184 --> 00:38:47.464 CTF challenges came from, like, ideas or problems they had or stuff, which is really 669 00:38:47.464 --> 00:38:51.065 fun to kinda, like, you know, find out about that. But the thing that 670 00:38:51.065 --> 00:38:54.905 SI did really differently was and by the 3rd by my 3rd 671 00:38:54.905 --> 00:38:58.529 year, of of winning, the 3rd one I had was with 672 00:38:58.529 --> 00:39:01.910 basically a bunch of SI players. So I I switched kind of 673 00:39:02.130 --> 00:39:05.829 from, the original team I was playing with, and and was playing with them. 674 00:39:06.130 --> 00:39:09.890 And, as I had, like, this focus on tool development, like, 675 00:39:09.890 --> 00:39:13.465 not just find the bugs or, you know, do whatever, but, 676 00:39:13.465 --> 00:39:17.225 like, invested a lot of time into both, like, the analysis harnesses and the 677 00:39:17.225 --> 00:39:20.905 fuzzing tool sets and, like, the fuzzing corpus and fuzzing harp like, was doing 678 00:39:20.905 --> 00:39:24.265 more, like, infrastructure around it, which was really fun. So we actually had a pretty 679 00:39:24.265 --> 00:39:27.630 good sized staff of, like, just raw developers. There's people building 680 00:39:27.630 --> 00:39:31.150 tooling, and then we had it was kind of this internal split, which I think 681 00:39:31.150 --> 00:39:34.430 now there was some some issues with that in terms of, like, the, you know, 682 00:39:34.430 --> 00:39:37.869 the vulnerability research or hacker cool kids were kind of annoying and the developers were 683 00:39:37.869 --> 00:39:41.085 like the adults in the room, like, y'all grow up. And now I'm the developer 684 00:39:41.085 --> 00:39:44.545 going, oh, I'm so embarrassed about the way some of some of us behaved. 685 00:39:45.805 --> 00:39:49.085 But, like, it was but it was great because we did have that that balance, 686 00:39:49.085 --> 00:39:51.805 which I think a lot of a lot of companies didn't. And so that was 687 00:39:51.885 --> 00:39:55.185 and yeah. So they hired me because I was doing tech writing for for magazines. 688 00:39:55.779 --> 00:39:59.059 Yeah. So going to that, I I Yeah. I was reading that and then I 689 00:39:59.059 --> 00:40:02.420 think, there's a talk that you gave recently in Germany at one of the institutions. 690 00:40:02.420 --> 00:40:06.099 I Yeah. That video and I was like, how did you go from, 691 00:40:06.099 --> 00:40:09.700 like, technical writing and say like, oh, I I wanna actually do this. And do 692 00:40:09.700 --> 00:40:13.155 you just run to the manager? I'm like, okay. I'm your guy now. No. The 693 00:40:13.155 --> 00:40:16.755 the funny thing is I didn't even know that was the plan. Like, literally 694 00:40:16.835 --> 00:40:20.275 so what happened was I was, you know, I was playing CTF. I was getting 695 00:40:20.275 --> 00:40:23.259 a security. And at the time, like, SI was like, how do we hire people 696 00:40:23.259 --> 00:40:26.859 who can get clearances and write exploits? Right? Like, that's a pretty rare 697 00:40:27.099 --> 00:40:29.980 it was people that you could write exploits, but maybe they weren't clearable or, you 698 00:40:29.980 --> 00:40:33.819 know, vice versa. Exactly. And that's where our company, Top3d Recruiting, 699 00:40:33.819 --> 00:40:37.655 comes in. Finding the right cybersecurity talent with the necessary clearances 700 00:40:37.795 --> 00:40:41.155 can be a major hurdle. Did you know that it could take 8 to 15 701 00:40:41.155 --> 00:40:44.755 months on average to hire somebody with a TS SEI plus full 702 00:40:44.755 --> 00:40:48.055 polyscope? At top creative recruiting, we have a network of 1,300,000 703 00:40:48.675 --> 00:40:52.490 cleared professionals ranging from CNO developers, reverse engineers, 704 00:40:52.550 --> 00:40:56.150 and data scientists. Whether you're working on offensive operations or 705 00:40:56.150 --> 00:40:59.530 data analysis, we connect you with the elite talent you need 706 00:40:59.590 --> 00:41:03.190 fast. Visit topcoincruiting.com, and let us help 707 00:41:03.190 --> 00:41:06.615 you to find the perfect candidate already cleared and ready to 708 00:41:06.615 --> 00:41:07.115 go. 709 00:41:10.375 --> 00:41:13.975 This was in 2,005 maybe or what what time frame is 710 00:41:13.975 --> 00:41:17.355 this? Yeah. So this would have been, I think, 2,007. 711 00:41:20.630 --> 00:41:23.590 Right. Because it was my daughter was yeah. My daughter was 1. So that was 712 00:41:23.590 --> 00:41:25.990 how I that's how I remember it. As I started, it was it was 2,007. 713 00:41:25.990 --> 00:41:29.350 I met a couple people. I can met somebody at at RSA. So I was 714 00:41:29.430 --> 00:41:32.890 I at the university, I it was a there's a guy in town, 715 00:41:33.515 --> 00:41:36.395 who was a writer for a bunch of different magazines, and he would kinda part 716 00:41:36.395 --> 00:41:39.675 with the university because we had lots of data, lots of networks, you know, stuff 717 00:41:39.675 --> 00:41:43.515 to test things on. And so he had a long standing partnership for just, like, 718 00:41:43.515 --> 00:41:45.835 network year to come in and test and work with them. And he started to 719 00:41:45.915 --> 00:41:48.789 when when I was in security stuff, he said, oh, do you wanna write for 720 00:41:48.789 --> 00:41:51.269 some of these magazines? I'm like, yeah. That sounds super fun. So, anyways, it turned 721 00:41:51.269 --> 00:41:54.630 into, like, a sort of side side career of writing for, like, 722 00:41:54.630 --> 00:41:58.150 InfoWorld and Information Week and a bunch of, like, computer 723 00:41:58.549 --> 00:42:01.430 network computing magazine. Bunch of these are all, like, you know, out of print now. 724 00:42:01.430 --> 00:42:03.875 Were these big ones at the time? At the time, they were they were they 725 00:42:03.875 --> 00:42:07.635 were very well known. And they were, like, CMP was the parent company for a 726 00:42:07.635 --> 00:42:09.875 bunch of them. They owned Black Hat at one point. I don't know if that 727 00:42:09.875 --> 00:42:13.635 was still the case, but they were literally, like, bought. Black Hat, the conference was 728 00:42:13.635 --> 00:42:17.070 owned by CMP Media. Yeah. Like, this big media publishing house. I don't I have 729 00:42:17.070 --> 00:42:20.110 no idea if that's still the case, but I I know that, yeah, at one 730 00:42:20.110 --> 00:42:23.950 point that was, they actually bought officially bought it out 731 00:42:23.950 --> 00:42:27.710 from from Jeff. And so, yeah. So, I mean, it was, like 732 00:42:27.790 --> 00:42:30.585 so I I went to, like, Defcon or Black Hat on, like, a press pass 733 00:42:30.585 --> 00:42:33.305 for several years, because I was a I was a reporter. I went to RSA 734 00:42:33.305 --> 00:42:36.744 on on a press pass, because I was it was actually, you know, writing for 735 00:42:36.744 --> 00:42:40.585 magazines. And, in fact, I won, like, there was actually an 736 00:42:40.585 --> 00:42:43.565 early prototype for, like, live CTF, like, a head to head competition 737 00:42:44.105 --> 00:42:47.839 that the the precursor to SI govs was called SI, and 738 00:42:47.839 --> 00:42:51.359 they actually split to do commercial stuff and SI govs went to the government stuff. 739 00:42:51.359 --> 00:42:54.099 And so SI, Security Innovation, ran a, 740 00:42:54.960 --> 00:42:57.839 like a thing at RSA where it's like a web hacking challenge where, like, you 741 00:42:57.839 --> 00:43:00.495 were on screen and your screen's above your head, and you're competing with somebody else 742 00:43:00.495 --> 00:43:03.215 and somebody's, like, with a mic, like, you know, heckling you and talking about what 743 00:43:03.215 --> 00:43:06.415 you're doing and you're racing. I'm like, it's always very similar. It's really what inspired 744 00:43:06.415 --> 00:43:09.375 a lot of the a lot of CTS stuff I've done since. And so I 745 00:43:09.375 --> 00:43:11.935 won that and, like, the headline was, like, literally on slash. That was, like, you 746 00:43:11.935 --> 00:43:15.640 know, network computing reporter when Yeah. With your press 747 00:43:15.640 --> 00:43:19.160 badge, you're like, yeah. Blah blah blah blah. Who is this? Yeah. People were most 748 00:43:19.160 --> 00:43:21.960 of all, like, Jeremiah Grossman at the time was I I became good friends with 749 00:43:21.960 --> 00:43:24.840 him as a result of, like, like, he was he was, like, wait. Yeah. I 750 00:43:24.840 --> 00:43:28.285 interviewed him for the magazine. He's, like, didn't you just, like, do that competition? I 751 00:43:28.285 --> 00:43:30.545 was, like, well, I, like, I do real work too. 752 00:43:32.285 --> 00:43:36.125 Like, but, you know, so I was doing writing. And so the yeah. SI gov 753 00:43:36.125 --> 00:43:39.325 is basically I went down I wasn't even, like, in a formal interview. Like, I 754 00:43:39.325 --> 00:43:41.645 just went to visit. Like, I had talked to them, or at least I didn't 755 00:43:41.645 --> 00:43:45.299 know it was an interview. And, at the time they were maybe 30 756 00:43:45.299 --> 00:43:49.059 people. They looked at my 757 00:43:49.059 --> 00:43:52.260 resume and were like, Oh, he knows security stuff. He's writing for magazines. He'd make 758 00:43:52.260 --> 00:43:56.020 a great tech writer. Taking our reports on vulnerabilities or things we're 759 00:43:56.020 --> 00:43:59.655 doing for government report writing. He could do a really he'd be a really, really 760 00:43:59.655 --> 00:44:03.095 good tech writer. But, like, nobody told me this, and I was like, yeah. I 761 00:44:03.095 --> 00:44:05.895 wanna I wanna write exploits. This sounds great. So as soon as I started, like, 762 00:44:05.895 --> 00:44:09.655 I was in the engineering group. I just they just assigned me to start doing 763 00:44:09.655 --> 00:44:13.290 reverse engineering, start writing exploits, and I wrote my first, like, QuickTime exploit in the 764 00:44:13.290 --> 00:44:16.010 1st, like, week. Because QuickTime, you could just sneeze that and it would fall over 765 00:44:16.010 --> 00:44:18.490 back in the day. Started straight into it. Did you still have to write the 766 00:44:18.490 --> 00:44:21.770 technical part where they wanted you to do? You're just like, oh, I'll do that 767 00:44:21.770 --> 00:44:25.450 too, but then you're also No. Like, literally, the person who thought that never 768 00:44:25.450 --> 00:44:28.183 talked to the engineering lead that I ended up with. I was just a straight 769 00:44:28.183 --> 00:44:31.573 up, like, engineer. I mean, I did I did do some role that they were 770 00:44:31.573 --> 00:44:34.764 looking for originally there. They hired somebody else. We don't really do. They did hire 771 00:44:34.764 --> 00:44:37.755 somebody else. Yeah. No. It was literally, like, a while later that they admitted to 772 00:44:37.755 --> 00:44:40.746 me. They're like, you know, we didn't originally hire you. I was like, what? Like, 773 00:44:40.746 --> 00:44:44.039 I had no idea that that was the intention, but, like, the. Yeah. They, 774 00:44:44.900 --> 00:44:47.380 so, I mean, I I did do some, you know, I did proposal writing and 775 00:44:47.380 --> 00:44:50.500 some other kind of writing, but I was not like, there were other dedicated, tech 776 00:44:50.500 --> 00:44:54.260 writers that were hired afterwards. That's crazy. I I'm trying to figure out if there's 777 00:44:54.260 --> 00:44:57.715 any, like, lesson that, like, if any listeners, like, how do I, you know, get 778 00:44:57.715 --> 00:45:01.555 my first really technical job? Yeah. Yeah. Yeah. Seriously, like, is there any lesson 779 00:45:01.555 --> 00:45:05.235 you can come from that other than just, like, apply this a technical position 780 00:45:05.395 --> 00:45:09.099 a technical writing position? I don't know. Yeah. But you ship you over? Type 781 00:45:09.099 --> 00:45:12.780 confusion attack and you just get them to, you know, you just start doing the, 782 00:45:12.940 --> 00:45:15.500 the other stuff. Like, I I will say, like, you know, a lot of a 783 00:45:15.500 --> 00:45:18.540 lot of positions become what you make of it. Right? Like, no matter what your 784 00:45:18.540 --> 00:45:21.414 role is, if you demonstrate the skill in something, I feel like you can you 785 00:45:21.414 --> 00:45:24.134 can shove stuff around. I've seen I've seen that happen, you know, more often than 786 00:45:24.134 --> 00:45:27.275 not, where somebody if you're if you're good at it, if you can do it, 787 00:45:27.654 --> 00:45:31.174 just just do it. And the the company will will value it. So Let's let's 788 00:45:31.174 --> 00:45:34.214 dive into that. I feel like some people might actually have questions. Maybe for a 789 00:45:34.214 --> 00:45:37.269 beta, of course, getting the first role, but let's assume, like, they're in a company 790 00:45:37.269 --> 00:45:40.710 and then they're like, okay, now I wanna go over to this this department. What 791 00:45:40.789 --> 00:45:43.670 Yeah. Did you have you seen some people that have shifted over and like how 792 00:45:43.670 --> 00:45:47.269 have they done it? Yeah. Yeah. I've seen I've seen it work, both ways too. 793 00:45:47.269 --> 00:45:49.829 I've also seen people who are technical who get burnt out and go to non 794 00:45:49.829 --> 00:45:53.335 technical roles too. Right? Like, and I think both are are healthy. Right? I've seen 795 00:45:53.335 --> 00:45:56.934 people who are like, you know what? And and, like, for 796 00:45:56.934 --> 00:46:00.615 example, like, QA, for example, can be, like, looked down upon, but really 797 00:46:00.615 --> 00:46:04.230 good QA is super valuable. And so some people, like, find their fit 798 00:46:04.290 --> 00:46:07.970 not doing your the development they were hired for, but in in QA or in 799 00:46:07.970 --> 00:46:10.850 in tech writing or in these other stuff. And then other times, you know, you 800 00:46:10.850 --> 00:46:14.150 see somebody who starts as a as a tech writer and then, 801 00:46:14.850 --> 00:46:18.450 like, very quickly is just writing, you know, hand coding assembly, for 802 00:46:18.450 --> 00:46:22.265 exploits. I yeah. I I don't know if there's, 803 00:46:22.265 --> 00:46:25.865 like, a a manual or a map for it. For for me, I was just 804 00:46:26.025 --> 00:46:28.744 I just did the things that I found fun. Like, if I liked it and 805 00:46:28.744 --> 00:46:30.744 enjoyed it, I just did it when I was doing it. You know? So I 806 00:46:30.744 --> 00:46:34.570 was at home. Yeah. Playing capture the flag and doing things. And when you're, 807 00:46:34.570 --> 00:46:37.470 yeah, doing it, when you have the cape capability, 808 00:46:38.490 --> 00:46:42.250 if you communicate with your with your your management, you're like, no. Like, this is 809 00:46:42.250 --> 00:46:45.610 what I wanna do. I think I think a good manager too, you know, 810 00:46:45.610 --> 00:46:49.005 like, right now, we have we have one on ones occasionally with with employees and, 811 00:46:49.005 --> 00:46:51.885 like, we've sort of 2 different ones. We have, like, status of, like, what's your 812 00:46:52.045 --> 00:46:54.845 on this project, and then we have a separate one that said let let's frequent 813 00:46:54.845 --> 00:46:58.045 interval. It's just more just like, hey. What are you doing? Are you happy overall, 814 00:46:58.045 --> 00:47:01.320 like, with what you're doing? But I think a good a good boss is, like, 815 00:47:01.320 --> 00:47:04.600 your job is to, like, find out does this person wanna take on a leadership 816 00:47:04.600 --> 00:47:07.560 role? Do they wanna take on more technical, less technical? Do they wanna like, they're 817 00:47:07.560 --> 00:47:10.520 not happy with this part of the product they're working on? They wanna do less 818 00:47:10.520 --> 00:47:13.660 of the Python API. They wanna see people else. Yeah. Whatever whatever it is. 819 00:47:14.520 --> 00:47:18.335 But but I think it goes both ways. I think you as an engineer should 820 00:47:18.335 --> 00:47:22.015 be communicating, what you wanna do. Now it's not always 821 00:47:22.015 --> 00:47:25.855 gonna work out. Right? Sometimes you gotta every I've absolutely had to slog through things 822 00:47:25.855 --> 00:47:28.495 I didn't wanna do because it just need to be done. Right? Like, that totally 823 00:47:28.495 --> 00:47:32.200 happens. But, like, over a long enough time frame, don't, like, do 824 00:47:32.200 --> 00:47:35.960 something you don't enjoy. Like, I've I've left my jobs when 825 00:47:35.960 --> 00:47:39.679 they became not enjoyable or when something else presented itself. It's it was 826 00:47:40.039 --> 00:47:43.079 it was, like, 7 to 8 years at the university. 7 to 8 years at 827 00:47:43.079 --> 00:47:46.745 Raytown. That's a long time. Yeah. In general, now in this world, 828 00:47:46.745 --> 00:47:49.785 like, 2 And now year and a half, 2 years people are out. Yeah. And 829 00:47:49.785 --> 00:47:52.825 now it's been 10 years for me at the current one, and I I don't 830 00:47:52.905 --> 00:47:55.625 I this the role has changed. The company is growing. Things are, like, I'm still 831 00:47:55.625 --> 00:47:58.950 so excited about Pioneer and Ninja, what we're doing. We're starting this conference. Like, so, 832 00:47:58.950 --> 00:48:02.710 like, I have no desire to go anywhere else. It's because I just yeah. You 833 00:48:02.710 --> 00:48:05.109 know, it's it's a cliche, but, like, love what you do and you'll never work 834 00:48:05.109 --> 00:48:08.950 it in your life. Like, it's Yeah. Very true. I I'm just very, very 835 00:48:08.950 --> 00:48:12.785 lucky that I've just always loved what I did and that could, you 836 00:48:12.785 --> 00:48:15.424 know it paid the bills. Like, we're you know, pretty much makes sense. Let's let's 837 00:48:15.424 --> 00:48:19.025 get in more into that. So you so the I wanna hear about the origin 838 00:48:19.025 --> 00:48:22.785 of vector 35 and, like, what was the deciding factor? It's 839 00:48:22.785 --> 00:48:26.160 like, let's let's get into this. Let's start building this out and 840 00:48:26.160 --> 00:48:29.300 grow. Mhmm. So so for us, 841 00:48:30.560 --> 00:48:33.840 you know, I could we talked earlier, like, minor engine was like the CTF tool. 842 00:48:33.840 --> 00:48:36.880 Like, we were playing capture the flag a bunch inside the company, and that was 843 00:48:36.880 --> 00:48:39.925 great because, you know, I just love playing capture the flag. It was both my 844 00:48:39.925 --> 00:48:42.724 hobby, but then the skills directly translated when I was doing for work. We used 845 00:48:42.724 --> 00:48:45.925 it for recruiting. Like, we would somebody interviewed me. Like, well, we can't really tell 846 00:48:45.925 --> 00:48:49.765 you, like, exact technical examples of what we're doing. Like, we had multiple pony 847 00:48:49.765 --> 00:48:53.365 award winners that weren't, like, the public version of the ponchies. Like, they were, 848 00:48:53.365 --> 00:48:56.790 like, we either beat a pony award winner to the research and just it was 849 00:48:56.790 --> 00:49:00.549 never public or so, like, you can't, like, you know, show people what you're 850 00:49:00.549 --> 00:49:03.190 doing or you're working for a government contractor, unfortunately. But, like, we could be, like, 851 00:49:03.190 --> 00:49:06.150 yeah, but we won Defcon or we were 2nd place this year or and they 852 00:49:06.150 --> 00:49:09.865 were, like, oh, like, okay. Like, you have legitimate skills. Like, that was, like, a 853 00:49:09.865 --> 00:49:13.545 useful thing to indicate to people. Plus, it was just super fun. It was great 854 00:49:13.545 --> 00:49:17.305 team building. It was great. Like, we tooled that. Like, we 855 00:49:17.305 --> 00:49:21.000 built we built technologies for CTF that we were like, 856 00:49:21.080 --> 00:49:23.960 know, actually, this would be really helpful for this, like, real world problem that we 857 00:49:23.960 --> 00:49:27.320 have over here that we port or rewrite or adapt. I mean, much in the 858 00:49:27.320 --> 00:49:30.620 same way. Again, Binary Ninja was a a sort of toy application 859 00:49:31.080 --> 00:49:34.745 built for CTF, because I you know, it wasn't, at the time, 860 00:49:34.745 --> 00:49:38.505 originally built to be a better decompiler than IDA, but it was meant 861 00:49:38.505 --> 00:49:42.345 to be a faster patching tool and quicker analysis and for triage and, like, 862 00:49:42.345 --> 00:49:45.705 you know, you didn't a lot of people still, back in the day, didn't trust 863 00:49:45.705 --> 00:49:48.825 decompilation anyways. It was more of like a yeah. It's good when it's good, but 864 00:49:48.825 --> 00:49:52.250 something's just wrong. And the, What's the premise on it now? Do people, like, 865 00:49:52.250 --> 00:49:55.450 generally say, like, yeah. It's it's fine. Or they're like, I wanna write my own. 866 00:49:55.450 --> 00:49:59.210 Like Yeah. I think right now, you're relatively foolish if 867 00:49:59.210 --> 00:50:02.330 you never use a decompiler. Like, I mean, there's reasons where you can't because of 868 00:50:02.330 --> 00:50:06.065 an architecture or whatever. But, like, yeah, people that started 20 years 869 00:50:06.065 --> 00:50:09.825 ago, the decompilation quality wasn't very good. Like, 870 00:50:09.825 --> 00:50:13.585 just I mean, and and that was amazing that it worked at all. But there 871 00:50:13.585 --> 00:50:16.625 were all sorts of times where it would just be straight up wrong. Conditional's inverted, 872 00:50:16.625 --> 00:50:20.440 code not shown, code shown, you know, like, just consistently wrong. And so like 873 00:50:20.440 --> 00:50:22.920 the error rate was high enough that people would in fact, actually, I like it 874 00:50:22.920 --> 00:50:26.120 a lot of like AI stuff to the same sort of thing where people are 875 00:50:26.120 --> 00:50:29.960 like, yeah, AI is like wrong all the time. It's like, well, yeah, now. It's 876 00:50:29.960 --> 00:50:33.240 super early. Yeah. I Right? Do the exact same thing. It's like we're we've gone 877 00:50:33.240 --> 00:50:36.055 like through 1 year, and it's like we're already getting to the point of, like, 878 00:50:36.055 --> 00:50:39.595 they're generating videos and images. They're already providing some value. 879 00:50:39.895 --> 00:50:43.575 Yeah. Yeah. It's it's gonna be new wild west with 880 00:50:43.575 --> 00:50:47.339 our guys. And so, like, you know, we're we've got Sidekick, which is our AI 881 00:50:47.339 --> 00:50:50.460 based plugin for binary ninja. We've been working on actually originally, like, 4 or 5 882 00:50:50.460 --> 00:50:53.980 years ago, we started it, internally as as research and finally launched it about a 883 00:50:53.980 --> 00:50:57.740 year ago. So the LLM yourself, you guys just check CPD rap? So we 884 00:50:57.740 --> 00:51:00.945 started we started with all of our own models because there was no opening the 885 00:51:00.945 --> 00:51:04.785 time, and we had, 6 different, like, sort of techniques or models. About, like, half 886 00:51:04.785 --> 00:51:07.265 of them, we sort of threw out when when OpenAI came out because it was 887 00:51:07.265 --> 00:51:10.225 just so much better. So we're, like, oh, we should not be trying to name 888 00:51:10.225 --> 00:51:13.825 variables ourselves or summarize, like, decoupled code. Like, those two 889 00:51:13.825 --> 00:51:17.660 things, we're gonna use the better models. But we 890 00:51:17.660 --> 00:51:21.500 had thankfully, we had enough internal models that was, like, structure recovery and other things 891 00:51:21.500 --> 00:51:25.340 that we were doing that were still better. And so we the 892 00:51:25.340 --> 00:51:27.740 hybrid approach has worked really well for us. We have kind of kind of a 893 00:51:27.740 --> 00:51:30.415 little bit of both. But, like, for people that are sort of, like, a skeptic 894 00:51:30.555 --> 00:51:33.855 in reverse engineering in particular, I I like it to the same thing as decompilers. 895 00:51:33.915 --> 00:51:37.355 Like, do you use a decompiler now? And 9 times out of 10, 896 00:51:37.355 --> 00:51:40.875 9.59 times out of 10, right, it's yes. Like, people use 897 00:51:40.875 --> 00:51:44.130 decompilers because they're just so effective. Like, maybe you do both side by side, but 898 00:51:44.130 --> 00:51:47.730 there's a reason that Ida, Binder Ninja, and Ghidra well, actually, I I might be 899 00:51:47.730 --> 00:51:51.430 the only one that doesn't know. I think about this. Like, default to decompilation. Right? 900 00:51:51.570 --> 00:51:55.415 But, like, to me, the default should be decompilation because it's just that 901 00:51:55.415 --> 00:51:58.055 good. That should just be the default most users want. You could change it but, 902 00:51:58.055 --> 00:52:01.895 like You know, this this actually this actually probably brings up a specific thing 903 00:52:01.895 --> 00:52:05.494 in my learning of, like, reverse engineering because, like, I well, I started with 904 00:52:05.494 --> 00:52:08.695 radar and then I went to Ida. I tried to do both. Yeah. Yeah. I 905 00:52:08.695 --> 00:52:12.440 went to, r2con in, like, 2017, met pancake and 906 00:52:12.520 --> 00:52:16.280 Mhmm. Had a great time. But yeah, like I I would use for DAR and 907 00:52:16.280 --> 00:52:20.040 then I also like try to use IDA and I just never used decompilers because 908 00:52:20.040 --> 00:52:23.720 I can start to defaulting by disassembly. I'm like, okay. Cool. Let me just learn 909 00:52:23.720 --> 00:52:27.475 this. So Yeah. It was just straight assembly. You can you can tell when 910 00:52:27.475 --> 00:52:31.075 somebody started their their career versus engineering based on what they default to. I really 911 00:52:31.075 --> 00:52:34.675 do think it's a sort of generational thing. And then Model that people now especially 912 00:52:34.675 --> 00:52:38.035 with the with the availability like Ghidra. Right? Because Ghidra has just, like, good 913 00:52:38.035 --> 00:52:41.849 decompilation on the box. And and we are gotten better about the in 914 00:52:41.849 --> 00:52:45.069 fact, there's even you know, Cutter's got, like, the GEDRA integration and and for decompilation, 915 00:52:45.210 --> 00:52:48.890 and it's an option now. But it sort of depends on, like, where 916 00:52:48.890 --> 00:52:52.089 you started as to what you prefer. I see the reason that, like, even when 917 00:52:52.089 --> 00:52:55.130 I'm debugging, I have, like, a separate debugger. I don't use Binary Ninja as a 918 00:52:55.130 --> 00:52:58.901 debugger even though it supports it. I know a lot of people who don't use 919 00:52:58.901 --> 00:53:00.295 IDA as a debugger even though it supports it because they're just used to, like, 920 00:53:00.295 --> 00:53:03.895 a debugger and the decompilers being separate tooling. And maybe you'd sync your your 921 00:53:03.895 --> 00:53:07.575 location or whatever, you know, but, like, so there there definitely, I 922 00:53:07.575 --> 00:53:10.890 think, are are sort of, like, generational tells. Yeah. Using Versus 923 00:53:11.190 --> 00:53:15.030 Versus VM? Yeah. Yeah. I I use both. I use both. 924 00:53:15.030 --> 00:53:18.550 Yeah. Yeah. Yeah. You install install the new of them layer on 925 00:53:18.550 --> 00:53:22.150 Versus Code. Is there is there a layer on 926 00:53:22.150 --> 00:53:25.755 that? Yeah. Yeah. You could tell the use, new of them integrated into Versus code 927 00:53:25.755 --> 00:53:29.515 and get full VIM bindings. It works quite well. Okay. There's very few things that 928 00:53:29.515 --> 00:53:33.195 that I miss from, from real VIM. That's great. I use I 929 00:53:33.195 --> 00:53:36.155 use Space Max for a while. I use lunar VIM on the command line. Like, 930 00:53:36.155 --> 00:53:39.240 I've tried a bunch of bunch of different ones, but so yeah. So, like, the 931 00:53:39.240 --> 00:53:42.540 decoupling, I think, is I I think it makes sense that people are, 932 00:53:43.560 --> 00:53:46.600 going to use it. And I think AI, ultimately, people will be using it more 933 00:53:46.600 --> 00:53:50.360 and more. It but I I get why people are hesitant now because, like, 934 00:53:50.360 --> 00:53:53.565 yeah, it hallucinates sometimes. This is wrong. And, like, the question is 935 00:53:53.805 --> 00:53:57.565 how what does the error rate have to be before it's worth your time? And 936 00:53:57.565 --> 00:53:59.885 it's just a default thing. You can change it. You can override it. Right? So, 937 00:53:59.885 --> 00:54:03.645 like, at what point is it is it is it where 938 00:54:03.645 --> 00:54:06.525 you're gonna be like, oh, nope. I'm just gonna leave this on by default. And 939 00:54:06.525 --> 00:54:09.770 if it makes a mistake, it's fine. Like, no tool is perfect. No disassembler is 940 00:54:09.770 --> 00:54:12.830 perfect. No. You know, even disassembly gets wrong sometimes. So, 941 00:54:13.930 --> 00:54:17.690 there is an error rate. There's an error rate. And, like, it's also, 942 00:54:17.690 --> 00:54:21.355 like, outside of it being, like, error or whatever, I 943 00:54:21.355 --> 00:54:25.195 think like there will be the talk about like how some of them are 944 00:54:25.195 --> 00:54:29.035 political or like like how they will have some political bias in some of 945 00:54:29.035 --> 00:54:32.015 the things that they say or whatever the case. Even though like there's no factual 946 00:54:32.075 --> 00:54:35.769 evidence to suggest one way or the other. A decompiler? No. No. No. I'm sorry. 947 00:54:35.769 --> 00:54:39.529 I'm talking about AI. Alright. I'm really confused. I was really confused. I'm like, I 948 00:54:39.529 --> 00:54:42.650 don't think my decompiler's got a full of compilers. Oh, yeah. Yeah. Yeah. No. Like 949 00:54:42.650 --> 00:54:46.250 AIs for sure. For sure. I'm talking about like chat gbd. A lot of the 950 00:54:46.250 --> 00:54:49.775 people on one side will say like, oh, this is specifically 951 00:54:49.994 --> 00:54:53.755 providing some type of information or, like, in in skewing. I think I think it 952 00:54:53.755 --> 00:54:57.355 was what was it Bing's or, there's, like, 953 00:54:57.355 --> 00:55:00.714 you you type in, like, the president, like, George Washington, and he would be black. 954 00:55:00.714 --> 00:55:04.240 Like, it was Yeah. Yeah. Yeah. Yeah. Yeah. Yeah. Somebody was trying a little too 955 00:55:04.240 --> 00:55:07.200 hard to to to kinda skew it. Yeah. I I, as a kid, I read 956 00:55:07.200 --> 00:55:09.920 a lot of books from authors who I disagree with politically. And I think it's 957 00:55:09.920 --> 00:55:12.880 super important that, like, you're able to, like, consume Do you want some of those 958 00:55:12.880 --> 00:55:16.559 big references? I I don't wanna no. I don't 959 00:55:16.559 --> 00:55:20.135 wanna highlight my bias too much. Well, I'll give you I can give you a 960 00:55:20.135 --> 00:55:22.935 mixture of some I agree with and some I didn't. It ran it ran the 961 00:55:22.935 --> 00:55:26.555 gamut from very, like, libertarian stuff from, 962 00:55:28.215 --> 00:55:31.255 like the the Cobra series. I like all sci fi and fantasy stuff. The Cobra 963 00:55:31.255 --> 00:55:34.890 series was really good, from such as these 964 00:55:34.890 --> 00:55:38.570 dead, Timothy's son, maybe. And then Ellie Modesitt has 965 00:55:38.570 --> 00:55:41.390 very, like, kind of more left leaning, 966 00:55:42.890 --> 00:55:46.675 ecological and economic books that are that are great. 967 00:55:46.675 --> 00:55:50.214 Like, I I like to read things from perspectives 968 00:55:50.355 --> 00:55:54.195 that I don't always agree with because I just think that that's an important 969 00:55:54.195 --> 00:55:57.660 skill in in society that we've that we've lost. So I I don't mind so 970 00:55:57.740 --> 00:56:00.380 much. I think it's funny and stupid and silly when when the a's are doing 971 00:56:00.380 --> 00:56:03.500 and they're skewed that badly. But at the same time, like, again, if you can't 972 00:56:03.500 --> 00:56:07.339 think for yourself, like, you know, like, grow up. It's okay. 973 00:56:07.339 --> 00:56:10.220 You're not gonna agree with everybody whether it's an AI or not. Like, figure it 974 00:56:10.220 --> 00:56:13.694 out. And so, you know, I think you wanna use caution and good 975 00:56:13.694 --> 00:56:16.835 judgment, and, not trust, 976 00:56:17.375 --> 00:56:21.214 the the things. But that, you know, that applies to everything. It applies to 977 00:56:21.214 --> 00:56:24.815 news. It applies to, whatever. You know? Yeah. 978 00:56:24.815 --> 00:56:28.430 So I I don't mind that so much. Like, I I think it's 979 00:56:28.430 --> 00:56:31.790 it's dumb. I think it's definitely it's gonna tell correct. It already has, you know, 980 00:56:31.790 --> 00:56:35.310 just to some degree. I think I think it's quite that crazy anymore, but no. 981 00:56:35.310 --> 00:56:38.145 I I like that I like that that people have the option to do that 982 00:56:38.145 --> 00:56:40.625 now. And I think that, like, that sort of balance of, like, you know, we're 983 00:56:40.625 --> 00:56:44.305 gonna get a bunch and, I I do worry that it's a little bit of 984 00:56:44.305 --> 00:56:47.265 a bubble. Right? And you're gonna get this sort sort of self reinforcing. I it's 985 00:56:47.265 --> 00:56:50.325 an interesting idea if you've heard of, this is a heavy self reinforcing. 986 00:56:50.785 --> 00:56:54.240 Yeah. Everything you say about Chat TV, I wanna have this idea. That's a 987 00:56:54.240 --> 00:56:58.000 great idea. There's never it never tells you it's a bad idea. Right. Like, 988 00:56:58.000 --> 00:57:01.520 oh, the market's fucking really heavy right now. You might need like, you know, few 989 00:57:01.520 --> 00:57:05.200 investors for this. It's like, yes, that's a terrific idea. Go for it. So it's 990 00:57:05.280 --> 00:57:08.560 I don't know. It's it's never that like maybe you should do some more research 991 00:57:08.560 --> 00:57:12.045 on this Like Yeah. Yeah. And so it's a little bit like the the the 992 00:57:12.045 --> 00:57:15.165 sort of fallacy of, like, a ruler or a CEO that only has yes men. 993 00:57:15.165 --> 00:57:17.485 Right? Like, that's what you surround yourself. So I and that's where I think that 994 00:57:17.485 --> 00:57:21.005 people need to be need to be critical, and you need to, 995 00:57:21.005 --> 00:57:24.329 like, embrace not conflict, but differences of opinion. 996 00:57:24.650 --> 00:57:28.490 Even just like so, you know, back to to my company. You know, my cofounder 997 00:57:28.490 --> 00:57:31.950 Peter is much more, like, growth focused and, like, future focused. And I'm much more 998 00:57:32.010 --> 00:57:35.609 here and now focused and the vibes and the ride kind of thing. And so 999 00:57:35.609 --> 00:57:39.405 it's a really healthy, tension between the 2 1000 00:57:39.405 --> 00:57:43.005 because, like, neither one at the extreme is healthy. Both can be extremely 1001 00:57:43.005 --> 00:57:46.605 unhealthy when when you go too far. And so I think that that's 1002 00:57:46.605 --> 00:57:50.450 really, really a good thing to to to look for in in a 1003 00:57:50.450 --> 00:57:53.250 in a cofounder. You want somebody you really can work with and you trust and, 1004 00:57:53.250 --> 00:57:56.849 you know, you have ultimately the same vision for, for the problem you're trying to 1005 00:57:56.849 --> 00:58:00.390 solve and the difference you're trying to make. But, like, not necessarily 1006 00:58:00.690 --> 00:58:03.569 having the same philosophy on how to get there, I think could be could be 1007 00:58:03.569 --> 00:58:03.809 really useful, 1008 00:58:08.305 --> 00:58:10.944 respectfully disagree, and you could figure it out and make a choice and move on 1009 00:58:10.944 --> 00:58:13.905 together and and kinda, like, you know, decide and go. And it's like I said, 1010 00:58:13.905 --> 00:58:17.685 it's 10 year 10 years in, still going strong. It's awesome. Businesses 1011 00:58:17.984 --> 00:58:21.619 generally don't last longer than a few years and, like, gets 1012 00:58:21.779 --> 00:58:25.059 yeah. It's amazing. I'd love to hear, like, a little bit more about where you 1013 00:58:25.059 --> 00:58:28.660 guys are at right now after 10 years in your journey. Yeah. What have you 1014 00:58:28.660 --> 00:58:32.235 guys been doing up to recently? And then we can talk about the future. 1015 00:58:32.475 --> 00:58:36.235 Yeah. Absolutely. So, you know, let me start at the 1016 00:58:36.235 --> 00:58:39.595 beginning because the goal was like, our stated goal was, 1017 00:58:39.595 --> 00:58:42.875 like, I I like Ida. I like Hexrays. I actually get along with the the 1018 00:58:42.875 --> 00:58:46.420 team there fairly well. I I'm I nominated, Olafact for his 1019 00:58:46.420 --> 00:58:50.020 pony lifetime pony award a few years ago because I just have a ton of 1020 00:58:50.020 --> 00:58:53.060 respect for what they do. But also, like, our our goal was to dethrone them. 1021 00:58:53.060 --> 00:58:56.740 Like, our goal was like, we really wanna take what we think we can we 1022 00:58:56.740 --> 00:58:59.835 can do this and, like, you know, I've I've I've told them this to their 1023 00:58:59.835 --> 00:59:03.595 face. It's not surprised they know and, you know, sort of wish I I think 1024 00:59:03.595 --> 00:59:06.175 the market as a whole will benefit from from healthy competition. 1025 00:59:07.835 --> 00:59:10.475 But, like, that was our that was our goal. We love that. Yeah. Yeah. That 1026 00:59:10.475 --> 00:59:12.875 was that was our goal. Right? Like, it's out of the out of the gate. 1027 00:59:12.875 --> 00:59:16.510 I wanted to I I thought they had not had enough competition and does 1028 00:59:16.510 --> 00:59:19.869 not force enough innovation out of them. They're seeing and now with Giro by Ninja, 1029 00:59:19.869 --> 00:59:23.710 you're seeing them make tremendous changes to their pricing, to their product 1030 00:59:23.710 --> 00:59:27.230 lines, to they're really really finally reacting. It's gonna be like 1031 00:59:27.230 --> 00:59:30.805 $5,000 for a key for for Ida or something. Right? I mean, it's 1032 00:59:30.805 --> 00:59:34.644 actually it hasn't gotten cheaper unless you're a non commercial student or whatever. 1033 00:59:34.644 --> 00:59:37.605 Like, it actually is in fact, they're about to, I think, do their their, 1034 00:59:38.085 --> 00:59:40.724 subscription pricing, which they've been doing for a while too, which we'll see. I think 1035 00:59:40.724 --> 00:59:43.530 for some people, it'll be cheaper. For some people, it'll be more. The total cost 1036 00:59:43.530 --> 00:59:46.990 will probably go up. I mean, so, you know, they were acquired by PEO, 1037 00:59:47.450 --> 00:59:51.130 last year. Last year or years not long ago. And so, like, you know, 1038 00:59:51.130 --> 00:59:54.730 there's necessarily gonna be a return they're looking to get on that 1039 00:59:54.730 --> 00:59:57.855 investment. And so I think that's gonna make them, you know, make certain choices, 1040 00:59:58.955 --> 01:00:01.595 in in the market. But, 1041 01:00:02.715 --> 01:00:05.035 but but yeah. So that was kind of our goal. Like, we just feel like 1042 01:00:05.035 --> 01:00:08.075 this this market is like, we can we can disrupt it. We can really come 1043 01:00:08.075 --> 01:00:11.890 in, like, do something new and different, and we made some, you know, conscious design 1044 01:00:11.890 --> 01:00:15.730 changes and differences, in in how we built Pioneer Ninja, like, with the goal 1045 01:00:15.730 --> 01:00:18.530 of doing this. And then we had kind of along the way, like, okay. We 1046 01:00:18.530 --> 01:00:21.890 lost the collaboration version. We actually both IDA and Pioneer Ninja announced a 1047 01:00:21.890 --> 01:00:25.090 collaboration plugin, and then ours came out, like, a whole year in advance, basically, of 1048 01:00:25.090 --> 01:00:28.935 theirs. Like, we were much sooner market. Because we had built that in we 1049 01:00:29.015 --> 01:00:32.214 from the beginning, we started the company, like, collaboration's gonna be a killer feature. We're 1050 01:00:32.214 --> 01:00:34.855 gonna put that in an enterprise version of Binary Ninja, and it took us 5 1051 01:00:34.855 --> 01:00:37.355 years or 6 years. But, like, we knew it from the beginning. 1052 01:00:38.600 --> 01:00:42.440 And so For people that don't know what the collaboration part is, what is that 1053 01:00:42.440 --> 01:00:45.240 exactly? Yeah. So it just I mean, much like, you know, with source code, you're 1054 01:00:45.240 --> 01:00:48.520 still, like, get where you can, like, you know, work with multiple people and see 1055 01:00:48.520 --> 01:00:51.900 differences and merge changes and deconflict if there's conflicts. 1056 01:00:52.704 --> 01:00:56.385 That hasn't existed in the reverse engineering space. Ghidra, actually, it 1057 01:00:56.385 --> 01:00:59.025 was the really the first tool to market that had there were actually plugins that 1058 01:00:59.025 --> 01:01:01.505 tried to do it at NIDA. They were very brittle. They would we used them 1059 01:01:01.505 --> 01:01:04.880 back at at at right now. Like, they would corrupt your database consistently because it 1060 01:01:04.880 --> 01:01:07.440 was really wasn't it was, like, hacked on. It wasn't really part of the model 1061 01:01:07.440 --> 01:01:11.200 and didn't didn't work really well. And so Gidra actually 1062 01:01:11.200 --> 01:01:14.240 had really had the first version of this, you know, the open source n s 1063 01:01:14.400 --> 01:01:18.080 NSA tool. And both now IDA and Byterinja have this where you 1064 01:01:18.080 --> 01:01:21.724 can, as a team, collaboratively reverse engineer, on the 1065 01:01:21.724 --> 01:01:24.865 same kind of kind of kind of binary remarking of different pieces of it. 1066 01:01:25.484 --> 01:01:28.525 And so that was, like, you know, sort of our first, like, new product beyond 1067 01:01:28.525 --> 01:01:31.644 just like Binder Ninja. And then we launched our Sidekick, the AI thing a year 1068 01:01:31.644 --> 01:01:35.220 ago, you know, and that was, like, another new product. And so we're we're at 1069 01:01:35.220 --> 01:01:38.020 a really good point now because it it took us 10 years. Like, it took 1070 01:01:38.020 --> 01:01:41.860 us 10 years to really get our decompilation quality, our features that our 1071 01:01:41.860 --> 01:01:45.140 architecture was kind of, like, to where it needed to be to really compete with 1072 01:01:45.140 --> 01:01:48.785 with with IDA originally and now and now Ghidra. And 1073 01:01:48.785 --> 01:01:52.465 so it feels really, like, we're the product is much is 1074 01:01:52.465 --> 01:01:56.225 finally at the maturity level it needs to be, where we can sort of 1075 01:01:56.305 --> 01:01:58.785 like, we're not like a superset. Right? Like, we have things that they don't have. 1076 01:01:58.785 --> 01:02:01.025 They still have, you know, some things that we don't have. We're working on them. 1077 01:02:01.025 --> 01:02:03.285 It's I think it's a small list now at this point. But, 1078 01:02:05.049 --> 01:02:08.410 but, like, now we can really start building on top of it in ways that 1079 01:02:08.410 --> 01:02:12.010 are more interesting and fun, and start solving new problems or problems in a different 1080 01:02:12.010 --> 01:02:15.849 way, and kinda push push beyond it. And so that's that's really exciting. 1081 01:02:15.849 --> 01:02:18.945 And like I said, I like that we've that was always the plan and we 1082 01:02:18.945 --> 01:02:22.065 we did that. Like we said, we did the collaboration, we did it with, you 1083 01:02:22.065 --> 01:02:25.745 know, with with AI integration. Our design of our ILs is this distinct 1084 01:02:25.745 --> 01:02:28.865 nobody has anything like that. And I think, you know, there's a lot of other 1085 01:02:28.865 --> 01:02:32.310 advantages like that, the API. So anyway, it feels like we're at a 1086 01:02:32.310 --> 01:02:35.990 point right now. We're seeing a ton of people switching. We really are 1087 01:02:35.990 --> 01:02:39.670 at a point now where a lot of folks are like. And and Ginter 1088 01:02:39.670 --> 01:02:43.510 makes things tough just as a free price point, but I think having, better 1089 01:02:43.510 --> 01:02:46.994 UI, faster analysis, the real Python API, bindings for other different 1090 01:02:46.994 --> 01:02:50.595 languages, better better API, program analysis, the IOs in between, you know, all these other 1091 01:02:50.595 --> 01:02:53.635 things. People are like, okay. Yeah. This is the so, like, totally worth the the 1092 01:02:53.635 --> 01:02:57.474 1500. If you're a professional, $1500 for a tool that you spend, you 1093 01:02:57.474 --> 01:03:00.510 know, 68 hours a day and it's like like, come on. Like, it's not even 1094 01:03:00.590 --> 01:03:04.270 that's it's underpriced. It really is. And you just have a student discount as well 1095 01:03:04.270 --> 01:03:07.550 for students that want Yeah. So we actually have about it. Right? A hobbyist license 1096 01:03:07.550 --> 01:03:11.150 for $300. So if you're, like, just somebody doing at home, it's $300 so you're 1097 01:03:11.150 --> 01:03:13.790 still professional but just in another field or whatever. And then we have a student 1098 01:03:13.790 --> 01:03:17.045 discount, and you can apply to either one those other two licenses. And that brings 1099 01:03:17.045 --> 01:03:20.184 it out to, like, $75 for the noncommercial student license, 1100 01:03:20.805 --> 01:03:23.924 and then, like, 3.50 or 400, I think, if you're, like, a student that wants 1101 01:03:23.924 --> 01:03:26.345 the there's a couple of features in in commercial 1102 01:03:27.560 --> 01:03:31.320 that that don't exist in in noncommercial, but, like, I think at this point, 1103 01:03:31.320 --> 01:03:33.720 there's only 2. We've actually that's another thing we do well. We set the beginning. 1104 01:03:33.720 --> 01:03:37.160 We had a couple of features in commercial that we trickled down into noncommercial, which 1105 01:03:37.160 --> 01:03:40.040 I'm really, really pleased with. Like, it was like a a promise we made at 1106 01:03:40.040 --> 01:03:43.505 the beginning, and then we we delivered on it. We did over, like, every couple 1107 01:03:43.505 --> 01:03:45.905 years, we add new feature. We drop it down. In fact, for a while, they 1108 01:03:45.905 --> 01:03:48.224 were like, okay. We have to add a new feature in a commercial only. It's 1109 01:03:48.224 --> 01:03:51.444 worth, like, we run out of, like, things to, like, include. 1110 01:03:52.145 --> 01:03:54.865 So when we had a project support, we added that just a just a commercial. 1111 01:03:54.865 --> 01:03:58.619 But, yeah. And so, like, for, like, the vision, 1112 01:03:58.619 --> 01:04:02.300 kinda like where we're going and where we're at, I mean, the the question now 1113 01:04:02.300 --> 01:04:04.460 is, like, how big do we wanna be as a company? What is our you 1114 01:04:04.460 --> 01:04:07.740 know, 19 people, like, if we keep growing, we we need to now, like, kinda 1115 01:04:07.740 --> 01:04:10.285 restructure a look at that. Or do we try to keep, like, at a at 1116 01:04:10.285 --> 01:04:13.085 a flat size where we can, you know, stay this? Or do we try to, 1117 01:04:13.085 --> 01:04:16.605 like, you know, grow bigger but keep it do like a a valve sort of 1118 01:04:16.605 --> 01:04:20.365 thing, right, where they notoriously have, like, a a a very flat no org chart 1119 01:04:20.365 --> 01:04:24.000 and yet a a bigger group. You know, what could that look like? 1120 01:04:24.299 --> 01:04:27.660 So that's, like, our sort of next thing is trying to figure out where do 1121 01:04:27.660 --> 01:04:30.780 we do, where do we go, and then we've got all these ideas for actually, 1122 01:04:30.780 --> 01:04:34.460 we are launching another new sort of product here pretty soon just in the I 1123 01:04:34.460 --> 01:04:37.645 don't we've even maybe public has said this before, but, 1124 01:04:38.265 --> 01:04:40.905 Oh, you're welcome to now if you want. Yeah. Yeah. Yeah. It is it is 1125 01:04:40.905 --> 01:04:43.865 that. It's still I mean, we're very transparent about it, but we've we've we've definitely 1126 01:04:43.865 --> 01:04:47.625 told told a number of folks individually. We started selling a couple 1127 01:04:47.625 --> 01:04:51.400 of architectures as separate architectures just in the last couple releases. 1128 01:04:51.400 --> 01:04:54.280 And that's different from us. So till the very beginning, we took, like, the GEDER, 1129 01:04:54.280 --> 01:04:57.400 like, model of, like, every architecture. You can write your own. You can add your 1130 01:04:57.400 --> 01:05:01.080 own, fully extensible at one price. We didn't do the, like, 1131 01:05:01.080 --> 01:05:03.980 per architecture pricing that that IDA has always done for the decompilation. 1132 01:05:04.895 --> 01:05:07.935 And, we had a couple of people, like, reach out and be like, hey. Can 1133 01:05:07.935 --> 01:05:11.535 you build me an architecture for Nano Mips? Like, I really want this. 1134 01:05:11.935 --> 01:05:15.695 But it, like, just wasn't popular enough that, like, it was 1135 01:05:15.695 --> 01:05:19.234 gonna justify itself by just a few extra $1500 purchases. 1136 01:05:19.410 --> 01:05:22.690 That makes sense. Right? So, like, we were like, well, like, if we do it, 1137 01:05:22.690 --> 01:05:25.170 we have to charge separately. This is the only way it makes sense. And so 1138 01:05:25.170 --> 01:05:28.530 the last two releases, and this will also be true in this release, we're 1139 01:05:28.530 --> 01:05:32.289 releasing one extra architecture in the in the all the products, and then one 1140 01:05:32.289 --> 01:05:35.735 architecture that's only a paid thing. One extra architecture, you know, makes really the same 1141 01:05:35.735 --> 01:05:39.335 thing. So to 2 architectures. We're basically gonna take all those paid 1142 01:05:39.335 --> 01:05:42.215 architectures. We were kind of charging them like a la carte, and we're instead just 1143 01:05:42.215 --> 01:05:45.255 gonna have, like, binary and digital ultimate. We're gonna have, like, a new addition. It'll 1144 01:05:45.255 --> 01:05:49.095 be $3,000 instead of $1500, but it will include these more esoteric niche 1145 01:05:49.095 --> 01:05:52.840 embedded, Tricore, C Sky, and Nanomeps, and we're gonna add, some 1146 01:05:52.840 --> 01:05:56.120 some more as well in the future. So we are gonna have, like, that that 1147 01:05:56.120 --> 01:05:59.320 kinda comes soon. So that's kind of another thing that's on on the horizon. So 1148 01:05:59.320 --> 01:06:02.360 for the things that you're looking at in terms of, like, potential growth into the 1149 01:06:02.360 --> 01:06:04.935 company, are you guys looking at the number of users that are using it and 1150 01:06:04.935 --> 01:06:08.695 paying for on commercial side? Or are you guys also looking at government contracts 1151 01:06:08.695 --> 01:06:11.815 where you guys are bringing more money in through through that? Which one or both 1152 01:06:11.815 --> 01:06:15.335 of those avenues do you guys look at for KPIs? Yeah. That's a that's a 1153 01:06:15.335 --> 01:06:18.920 that's a good question. So our we don't wanna be too skewed, 1154 01:06:18.920 --> 01:06:22.440 basically. Right? Like, we so, yeah, to be clear too, we're we're getting we're fully 1155 01:06:22.440 --> 01:06:26.220 transparent about this. We've we've got some, like, research contracts essentially 1156 01:06:26.359 --> 01:06:30.085 that we're doing prototype development of of capabilities. So 1157 01:06:30.085 --> 01:06:33.925 we demoed, for example, firmware ninja, a few months ago on, like, one of 1158 01:06:33.925 --> 01:06:37.365 my live streams, which is a new plugin. It just does a bunch of firmware, 1159 01:06:37.685 --> 01:06:40.585 specific things, like automatically find MMIO and, 1160 01:06:41.445 --> 01:06:44.300 I don't even remember if I oh, it we actually one of the features that 1161 01:06:44.300 --> 01:06:47.580 we we built for that is now the base product, which is the automatic, base 1162 01:06:47.580 --> 01:06:51.340 address detection. So open up a former blob, and it just will try to 1163 01:06:51.340 --> 01:06:55.095 scan, find pointers, predict base addresses, guess them, check the the string 1164 01:06:55.095 --> 01:06:58.695 references and function references. Like, so it's, it will just find me the base 1165 01:06:58.695 --> 01:07:02.155 address. Right? This is a very useful feature. So that was actually originally 1166 01:07:02.215 --> 01:07:05.655 developed, for prototype on a on one of our research 1167 01:07:05.655 --> 01:07:09.494 contracts. So, you know, we don't do, like, vulnerability research or, like, you know, 1168 01:07:09.494 --> 01:07:13.170 we're not, like, using the tooling. Yeah. Exactly. It's more 1169 01:07:13.170 --> 01:07:16.089 like we we have done occasionally a couple of those contracts before. Actually, it tend 1170 01:07:16.089 --> 01:07:18.450 to be commercial as well too. Every now and then, we'll we'll pick up one 1171 01:07:18.450 --> 01:07:21.250 of those because it's it's nice to force yourself just to use the tool to 1172 01:07:21.250 --> 01:07:24.770 get things done occasionally and just and kinda keep the skills fresh. So very occasionally, 1173 01:07:24.770 --> 01:07:28.244 but we really don't usually we actually often turn down work work like 1174 01:07:28.244 --> 01:07:32.005 that. But, like, yeah, we've got a number of research contracts. We're building these prototypes. 1175 01:07:32.005 --> 01:07:34.964 And then if it works well, like, we still have the rights to be able 1176 01:07:34.964 --> 01:07:37.845 to ship the product or ship us a new plugin or a free plugin. So 1177 01:07:37.845 --> 01:07:41.560 several of our our architectures and plugins, you know, that we've least open source 1178 01:07:41.560 --> 01:07:44.920 were were, you know, basically funded on these research contracts in the past. So we 1179 01:07:44.920 --> 01:07:48.359 do have, you know, about half the company, doing 1180 01:07:48.359 --> 01:07:51.880 researchy things on that. Even though half the time there's research to think 1181 01:07:51.880 --> 01:07:55.525 just our features or plugins or stuff that goes you know, it's all all 1182 01:07:55.525 --> 01:07:59.365 binary ninja focused. So as long as we keep getting these contracts that are, 1183 01:07:59.365 --> 01:08:02.565 like, the government's happy to pay us to build a prototype for a thing that 1184 01:08:02.565 --> 01:08:06.325 we can then roll into the commercial product, we'll probably keep going. It's just funded 1185 01:08:06.325 --> 01:08:09.990 r and d. But we do yeah. We don't wanna exceed it too 1186 01:08:09.990 --> 01:08:13.830 much. If 80% of our team is just doing that kind of stuff and 20% 1187 01:08:13.830 --> 01:08:17.109 is doing product, that feels like an unhealthy split. So we really try to keep 1188 01:08:17.109 --> 01:08:20.630 it kinda kinda 5050. That's really what difficult balancing act, 1189 01:08:20.950 --> 01:08:24.345 to the last 10 years of doing so. Right? It's been it's not been too 1190 01:08:24.345 --> 01:08:27.785 bad, because mostly, we we just say no to a lot of things. Like, people 1191 01:08:27.785 --> 01:08:29.785 will be like, oh, hey. There's this new contract. I want you to come help 1192 01:08:29.785 --> 01:08:32.024 me do this thing. We're like, well, if we don't have a good idea for 1193 01:08:32.024 --> 01:08:35.305 a binge of feature or analysis or plugin that we would build to solve that 1194 01:08:35.305 --> 01:08:38.469 problem, like, it doesn't make sense for it. Like, we just yeah. It was really 1195 01:08:38.630 --> 01:08:40.949 it give us a lot of clarity for the type of work that we do 1196 01:08:40.949 --> 01:08:44.310 and don't do. I think if you're just starting a general defense contractor, you're like, 1197 01:08:44.310 --> 01:08:47.989 you're like, hey. Whatever we can get, it's it's serve you know, it's just a 1198 01:08:47.989 --> 01:08:51.705 labor based contract, and you get your your, you know, markup on 1199 01:08:51.705 --> 01:08:55.385 top of that. And and yeah. Because we had this kind of very specific vision, 1200 01:08:55.385 --> 01:08:59.225 we just said no a fair amount, to things. Like, no. We're full or we're 1201 01:08:59.225 --> 01:09:01.865 good. Or even so now the work is good, and we're like, yeah. But we 1202 01:09:01.865 --> 01:09:05.200 don't have the people to do it, and I don't wanna, like, lower the bar, 1203 01:09:05.200 --> 01:09:07.760 and I just hire anybody just to get it done. Like, we're we, you know, 1204 01:09:07.760 --> 01:09:11.439 very beneficial about our growth. And so so some of that limits us, 1205 01:09:11.760 --> 01:09:15.040 that limits us as well. So it's kinda a case by case basis. It depends 1206 01:09:15.040 --> 01:09:18.560 on the contracts. It depends on what comes up. It depends on, 1207 01:09:19.895 --> 01:09:22.935 yeah. And but and then, you know, how the how the sales are going. All 1208 01:09:23.015 --> 01:09:26.215 I would love to be able to just just do the product. Right? And let 1209 01:09:26.215 --> 01:09:29.895 the contracts kinda go. Because even at their best, they're still you gotta do 1210 01:09:29.895 --> 01:09:33.420 monthly reports and, you know, invoicing. Like, it it's 1211 01:09:33.420 --> 01:09:36.460 kinda nice to just have a product where you're just sort of, like, it's separate 1212 01:09:36.460 --> 01:09:39.260 from, like, development and the the road map, and you can just as long as 1213 01:09:39.260 --> 01:09:43.040 people still kinda buy and renew, you just keep going, keep building and adding stuff. 1214 01:09:44.380 --> 01:09:47.865 Whereas, you don't have quite as much flexibility to contracts, but 1215 01:09:48.105 --> 01:09:51.865 it's worked so well and, you know, everyone's as every kind of wins, the government 1216 01:09:51.865 --> 01:09:55.245 gets, like, a prototype that a lot of these, like, research contracts, 1217 01:09:56.185 --> 01:09:59.705 it's like a one off thing that doesn't go anywhere, never transitions, nothing ever happens 1218 01:09:59.705 --> 01:10:02.960 to it. It's, like, mostly DARPA work too to to to be clear. Like, a 1219 01:10:02.960 --> 01:10:05.460 lot of these a lot of the work that we've done. And, 1220 01:10:06.800 --> 01:10:10.320 it's nice that we are able to, like, have it be something that will be 1221 01:10:10.320 --> 01:10:13.520 around for 5 or 10 years. Right? Like, they have a a sense that Right. 1222 01:10:13.607 --> 01:10:16.175 Any built up under ninja is gonna last. It's not gonna be like this one 1223 01:10:16.175 --> 01:10:19.775 off prototype, which happens unfortunately more times than than, you 1224 01:10:19.775 --> 01:10:23.054 know, you might like as a citizen when the government pays for some research that, 1225 01:10:23.054 --> 01:10:26.415 like, this contract when they built the thing and then it disappears. Nothing ever happens. 1226 01:10:26.415 --> 01:10:30.120 So it happens far too often. And so when they when they purchase 1227 01:10:30.340 --> 01:10:33.540 your guys' research and then of a prototype or something and you guys integrate into 1228 01:10:33.540 --> 01:10:36.680 your tool, do they then purchase your tool, afterwards? 1229 01:10:37.300 --> 01:10:40.660 So so when it's DARPA, not necessarily. Right? Because their whole job is to, like, 1230 01:10:40.660 --> 01:10:44.025 cause it to happen and then it's other people within the government that they want. 1231 01:10:44.025 --> 01:10:47.785 Like, their job is just to get the DOD or other people 1232 01:10:47.785 --> 01:10:51.545 in the the government to to be using the research that they develop. They 1233 01:10:51.545 --> 01:10:54.665 don't aren't direct consumers of, and they might use it like in some follow on 1234 01:10:54.665 --> 01:10:58.205 research contract or something. But generally, like, DARPA wins 1235 01:10:58.745 --> 01:11:02.590 if they get a bunch of other groups within the government using 1236 01:11:02.590 --> 01:11:06.110 the things they've developed. If they transition and it now is a follow on contract 1237 01:11:06.110 --> 01:11:09.870 in the Navy or the Air Force or whoever, whatever has, like, some other 1238 01:11:09.870 --> 01:11:12.990 contract that they will sign to get you to, like, continue to do that thing 1239 01:11:12.990 --> 01:11:16.325 or just buy if you're yeah. They're buying Miner Ninja, and then the thing that 1240 01:11:16.325 --> 01:11:19.765 the research contract paid for is now available as a plug in. That's even better 1241 01:11:19.765 --> 01:11:23.285 for them because it's cheaper than a government contract. Right? So Right. Yeah. Like, that's 1242 01:11:23.285 --> 01:11:26.405 what winning looks like for them to a large extent. If they're if they're really 1243 01:11:26.405 --> 01:11:30.159 improving this data, if they're solving problems that their community has and and getting 1244 01:11:30.159 --> 01:11:33.619 that stuff actively into the hands of of other government people. 1245 01:11:34.480 --> 01:11:38.159 Got it. So, what what's next for Vectrus 35? And what's 1246 01:11:38.159 --> 01:11:41.280 gonna be on the road map for the next how how deep do you guys 1247 01:11:41.280 --> 01:11:45.065 look? You got, like, 1 year, 2 years, 5 years, 10 years? 1248 01:11:45.525 --> 01:11:49.304 So, I mean, on the one hand, we have had, like, you know, 1249 01:11:50.324 --> 01:11:54.005 Sidekick has been a 5 year thing. We knew 5 years ago, we were gonna 1250 01:11:54.005 --> 01:11:57.219 have a some AI based thing. And what was that gonna look like, and how's 1251 01:11:57.219 --> 01:11:59.540 it gonna work? And let's just go plug it away. So for the 1st 3 1252 01:11:59.540 --> 01:12:03.219 years internally, and then finally get some customers to get prototype and, you know, iterate 1253 01:12:03.219 --> 01:12:06.980 on it. So sometimes we have we have stuff like that out there. We have 1254 01:12:06.980 --> 01:12:10.805 right now on our road map, I feel like it's a little more near term 1255 01:12:10.805 --> 01:12:13.365 than it's ever been just because we're kind of, like, we've been burned through a 1256 01:12:13.365 --> 01:12:17.205 lot of this stuff. Mhmm. And and so now it really becomes a 1257 01:12:17.205 --> 01:12:20.965 question of, like, we have a lot of ideas for business problems we could 1258 01:12:20.965 --> 01:12:24.610 solve with our technology. And do we now 1259 01:12:24.610 --> 01:12:27.990 pivot or do we license or do we work with other companies to, like, 1260 01:12:28.530 --> 01:12:31.430 build, you know, wrap binary inside of other products, 1261 01:12:31.970 --> 01:12:35.570 or or sell an enterprise security product that is been powered 1262 01:12:35.570 --> 01:12:39.095 in in some way. Do we do that? Do we partner? Do we license? Like, 1263 01:12:39.095 --> 01:12:42.795 what does that look like? So that's something that we're continually 1264 01:12:43.095 --> 01:12:46.375 kinda kinda tinkering with and talking to folks, and we've had several different kind of, 1265 01:12:46.375 --> 01:12:49.335 you know, experiments like and we build it from the beginning to do that. Like, 1266 01:12:49.335 --> 01:12:52.350 from the very beginning, Binge is just a library that you can, like, easily wrap, 1267 01:12:52.350 --> 01:12:55.790 and so that's that's really I like IDA has 9.0 coming with, so it's gonna 1268 01:12:55.790 --> 01:12:59.550 have headless mode. Like, that's been, like, 10 years ago. That was that 1269 01:12:59.550 --> 01:13:02.990 was a part of the core design. Right? And it's first class. It works great 1270 01:13:02.990 --> 01:13:06.755 like that. We have one API. We don't have, like, a public private API, and, 1271 01:13:07.155 --> 01:13:10.595 and so it really it it works well for for exactly situations like 1272 01:13:10.595 --> 01:13:14.035 that. So, yeah, we might see some some integrations of 1273 01:13:14.035 --> 01:13:17.555 partnerships. You know, I think there's a lot of 1274 01:13:18.160 --> 01:13:21.840 there's a lot more to be done in terms of integrating AI. I think we 1275 01:13:21.840 --> 01:13:25.440 are absolutely the most mature thing in the space. Like, most the other like, any 1276 01:13:25.440 --> 01:13:28.720 other AI plugins. Like, well, we decompiled it and we copied and paste the decompilation 1277 01:13:28.720 --> 01:13:32.315 into an LN, then we asked the question. Like, okay. That's cute. But that's not, 1278 01:13:32.315 --> 01:13:36.075 like, really you know, that's just the very, very beginning. 1279 01:13:36.075 --> 01:13:39.755 We have a lot more deep integrations already, but I think we've we're still barely 1280 01:13:39.755 --> 01:13:43.355 scratching the surface. You know, how can we integrate an LOM, for 1281 01:13:43.355 --> 01:13:47.070 example, into changing 2 things that are equivalent 1282 01:13:47.070 --> 01:13:49.710 into the one that's more readable. Right? If I have an if statement or if 1283 01:13:49.710 --> 01:13:52.510 I have a switch statement, now I'm reordering the blocks and things like you can 1284 01:13:52.510 --> 01:13:56.030 do is a lot of things you can do to improve readability that 1285 01:13:56.030 --> 01:13:59.815 are, semantically equivalent, like, they're they're the same thing, but, like, 1286 01:13:59.815 --> 01:14:03.655 one of them just more intuitive or more readable. Little stuff like, you know, is 1287 01:14:03.655 --> 01:14:07.255 it less than or, is it greater than or equal to, to 1 or is 1288 01:14:07.255 --> 01:14:11.095 it greater than 0. Right? Like, which one is more understandable? Well, it depends 1289 01:14:11.095 --> 01:14:13.540 on the context of what the thing you're talking about is, and whether it's in 1290 01:14:13.540 --> 01:14:17.300 Erika, you know, there I don't know. It depends. And so that's where I feel 1291 01:14:17.300 --> 01:14:20.900 like that there's a lot of interesting things potentially that we can leverage, machine 1292 01:14:20.900 --> 01:14:24.660 learning and integrate it more deeply into the the 1293 01:14:24.660 --> 01:14:28.054 decompilation, like, at different stages of analysis, which is also where, like, our 1294 01:14:28.054 --> 01:14:31.735 exposed, ILs and, like, the 1295 01:14:31.735 --> 01:14:35.255 stack of them that we have make us really well suited towards that. So I 1296 01:14:35.255 --> 01:14:39.094 think that's that's gonna be particularly interesting, but we were really worried about export 1297 01:14:39.094 --> 01:14:42.930 controls on decompiler technology, and then the NSA open source to put on 1298 01:14:42.930 --> 01:14:46.530 GitHub either. We're like, okay. Oh, we should be fine. Yeah. 1299 01:14:46.530 --> 01:14:49.970 Clearly clearly, the the government doesn't think that this is a, 1300 01:14:50.210 --> 01:14:54.050 export control technology if they're open sourcing it on GitHub. So, so 1301 01:14:54.050 --> 01:14:57.054 that was actually that was that was kinda great. Yeah. In terms of AI, I 1302 01:14:57.054 --> 01:14:59.775 I don't think so. I you know, we'll we'll see what happens with it. But 1303 01:15:00.094 --> 01:15:03.534 Yeah. Let's let me ask you a little bit more about the the most difficult 1304 01:15:03.534 --> 01:15:06.594 challenges you had in Vector 35, like, as an entrepreneur 1305 01:15:07.054 --> 01:15:10.675 and shifting from very, very technical. 1306 01:15:10.860 --> 01:15:13.580 I mean, you've been a technical lead as well. So you've been able to have 1307 01:15:13.580 --> 01:15:17.360 different types of leadership as well. But there's there's, like, a mentality 1308 01:15:17.580 --> 01:15:21.020 shift of, like, okay, I'm a technical person. Now I gotta put on my business 1309 01:15:21.020 --> 01:15:24.795 hat and then the sales hat and then, like, how has that been in 1310 01:15:24.795 --> 01:15:28.155 that transition? And what are some of the challenges that you've faced as the 1311 01:15:28.155 --> 01:15:31.835 entrepreneur or the cofounder of your company? Yeah. I think some of the hardest 1312 01:15:31.835 --> 01:15:35.525 things for us were around pricing and marketing. Pricing and 1313 01:15:35.525 --> 01:15:38.290 marketing? What does that look like? We have zero experience 1314 01:15:38.990 --> 01:15:42.030 competitors out there to be like, okay, we know them and them. That's like, yeah. 1315 01:15:42.030 --> 01:15:45.870 Right? Yeah. Yeah. We've got GEDRA and X rays. That's that's exactly it. One's 1316 01:15:45.870 --> 01:15:49.150 free. And the other one's been around for 30 years. Like, okay, what does this 1317 01:15:49.150 --> 01:15:52.605 look like? So I, I think it's, you know, this is one where, where, you 1318 01:15:52.605 --> 01:15:55.804 know, we can read books, but like, I don't know how much their advice is 1319 01:15:55.804 --> 01:15:59.645 really all that relevant a lot of the time. And so that's been super 1320 01:15:59.645 --> 01:16:03.405 challenging figuring out how we do our, you know, there's definitely, there was certain bits 1321 01:16:03.405 --> 01:16:06.750 of advice we got like, that sounds good. Let's try that. Like, never discount. Like, 1322 01:16:06.750 --> 01:16:08.989 you know, there's a lot of different theories in discounting or whatever. And I think 1323 01:16:08.989 --> 01:16:12.030 there's sort of 2 ways either you really bake in discounting and have a, you 1324 01:16:12.030 --> 01:16:14.909 know, a high initial price and then you can, you know, segment your market that 1325 01:16:14.909 --> 01:16:18.375 way with with discounts of sales and you can get people or just never ever 1326 01:16:18.375 --> 01:16:21.494 discount at all because that way people know that's just the price and that's just 1327 01:16:21.494 --> 01:16:25.255 locked in, and we've kind of gone on that route. But I don't think it's 1328 01:16:25.255 --> 01:16:28.775 this inherently right or wrong. I just we're like, yeah. That sounds good, and it 1329 01:16:28.775 --> 01:16:32.580 also sounds easier because I don't like negotiating them too hard. Like, I'll just give 1330 01:16:32.580 --> 01:16:35.639 things away. So, like, just just lock it in. 1331 01:16:36.900 --> 01:16:39.619 So I think, like, for and yeah. Pricing in particular as we move to the 1332 01:16:39.619 --> 01:16:43.380 higher ends of the market, move to our enterprise tier and and some, you know, 1333 01:16:43.380 --> 01:16:47.060 more much more expensive versions, like, dealing with business sales practices that we're 1334 01:16:47.060 --> 01:16:50.865 still figuring that out and still learning. You have to negotiate 1335 01:16:50.865 --> 01:16:53.025 on you know, at the lower price point. I will say one of the lessons 1336 01:16:53.025 --> 01:16:56.165 we learned, I wish we'd learned earlier is when I'm selling a $1500 1337 01:16:56.625 --> 01:17:00.420 license, don't negotiate ever on anything. No. Like, 1338 01:17:00.420 --> 01:17:03.300 we would have companies early on, but, well, we can't agree to your standard EULA. 1339 01:17:03.300 --> 01:17:06.820 You need to sign our custom terms. And I would I would read them or 1340 01:17:06.820 --> 01:17:10.500 I would hire my, like, outside consultant contractor, my lawyer to, like, review the thing. 1341 01:17:10.500 --> 01:17:13.540 And it's like, no. If you don't spend so now we have a minimum and 1342 01:17:13.540 --> 01:17:16.945 we keep raising it. Right? It's like $15,000 now. If you're not spending $15,000, 1343 01:17:17.405 --> 01:17:20.605 I will not review your terms. Take it or leave it. Because 9 times out 1344 01:17:20.605 --> 01:17:24.285 of 10, they're gonna take it. Like, they just want Binary Ninja, and they're gonna 1345 01:17:24.285 --> 01:17:27.645 get them a reseller or somebody else or go down for. Right? It's it's not 1346 01:17:27.645 --> 01:17:30.120 even so much that they will go down. It's just that there's parts of, like, 1347 01:17:30.120 --> 01:17:33.240 you know, the engineer just wants it, and then there's the purchasing department that just 1348 01:17:33.240 --> 01:17:37.080 has all the stuff that they're required to do and required to try to to 1349 01:17:37.080 --> 01:17:39.720 to make people agree to. And so, yeah, they want you to agree to all 1350 01:17:39.720 --> 01:17:41.960 this stuff. And so we just say, like, nope. This is our policy. We will 1351 01:17:41.960 --> 01:17:45.745 not fill out your paperwork below a certain dollar threshold. That was liberating. That was 1352 01:17:45.745 --> 01:17:48.805 so huge because that freed up so much of our time that we were wasting. 1353 01:17:49.105 --> 01:17:52.645 Like, it is I remember in particular, there was one large financial, 1354 01:17:52.865 --> 01:17:54.965 a very large well known financial, 1355 01:17:56.385 --> 01:17:59.930 bank that's, it also was very British. 1356 01:18:00.286 --> 01:18:03.837 It really narrow really narrows it down. Yeah. But 1357 01:18:03.837 --> 01:18:07.388 they Bank. We had there was some good 1358 01:18:07.388 --> 01:18:10.940 engineers and some people I really respected, like, in the 1359 01:18:10.940 --> 01:18:14.574 engineering, but I've never worked with a more dysfunctional purchasing system. Like 1360 01:18:14.574 --> 01:18:18.195 in the course of them buying a product, it's like 6 to 9 months. 1361 01:18:18.495 --> 01:18:22.114 And it feel like it would turn out Is that normal? No, 1362 01:18:22.574 --> 01:18:26.280 no, no, no, no. Very, very few. Right? And and, I mean, if you're selling 1363 01:18:26.280 --> 01:18:30.040 a $100,000 or several $100,000, sure. 6 to 9 months. 1364 01:18:30.040 --> 01:18:33.720 Okay? And you got the negotiation, whatever. And they bought 2 licenses. So they paid, 1365 01:18:33.720 --> 01:18:36.920 like, $3,000. Right? To be clear. Maybe me at the time, maybe even have been. 1366 01:18:36.920 --> 01:18:39.675 Right? Alright. Like, you put your credit card and go swipe it and move on. 1367 01:18:39.675 --> 01:18:42.074 Like, what are you guys doing? And this is where we first were like, this 1368 01:18:42.074 --> 01:18:44.554 is insane. What are we doing? Because we literally have email threads of over a 1369 01:18:44.554 --> 01:18:47.355 100 emails of, like, this back and forth. And what happened is the person that 1370 01:18:47.355 --> 01:18:51.180 purchasing would quit. A new person would come. We would have to reteach them everything 1371 01:18:51.180 --> 01:18:54.300 we had already taught the old person because they can't read the email thread apparently. 1372 01:18:54.300 --> 01:18:57.760 And, like, it was the most painful they want us to agree to their 1373 01:18:58.380 --> 01:19:02.220 their human rights violations ethics documents. Like, you as a subcontractor. I'm like, 1374 01:19:02.220 --> 01:19:05.475 I'm not a subcontractor. You're just licensing my software. Please just purchase 1375 01:19:06.035 --> 01:19:09.735 and move on. But they literally wanted, like, hundreds of pages of, like, documentation 1376 01:19:09.875 --> 01:19:13.555 read and approved. And and and that was the last one where I was 1377 01:19:13.555 --> 01:19:17.395 like, never again. No. I'm not even go I will not even 1378 01:19:17.395 --> 01:19:20.675 look at your paperwork below this threshold. And even above that, I'm much more willing 1379 01:19:20.675 --> 01:19:24.210 to just be like, nope. Have you calculated the amount of time and hours, like, 1380 01:19:24.210 --> 01:19:27.890 it took for you guys to I $6,000 deal? Refused 1381 01:19:27.890 --> 01:19:30.690 to because it would be depressing. We learned we lost a lot of money. And 1382 01:19:30.690 --> 01:19:34.235 it was like, not even 6. It was less. Right? So, like, yeah, it, it, 1383 01:19:34.235 --> 01:19:37.835 it was, that was, that was a really important lesson to learn is it's at 1384 01:19:37.835 --> 01:19:40.955 the beginning, you feel like every sale super matters and you have to get everything 1385 01:19:40.955 --> 01:19:44.795 in that, you know, you you do. But like also and it helped for 1386 01:19:44.795 --> 01:19:47.630 us to be cheaper too. Right? Because we didn't come out of the gate with 1387 01:19:47.630 --> 01:19:51.389 a 6 figure or 5 figure product at the beginning. We were 3 or, you 1388 01:19:51.389 --> 01:19:55.150 know, 4 digits, initially. That helped a lot too. It's 1389 01:19:55.150 --> 01:19:58.830 it's the realization that, like, wait. Why would we bother to no. We're just not 1390 01:19:58.830 --> 01:20:01.665 gonna do that. That was that was probably the most important lesson I think that 1391 01:20:01.665 --> 01:20:04.344 that we learned. And I wish I wish we would have done it sooner because 1392 01:20:04.344 --> 01:20:08.185 it would have saved a lot of headache with that particular organization. Yeah. 1393 01:20:08.185 --> 01:20:11.645 A lot of people, though, looking in market share by releasing a product for 1394 01:20:12.105 --> 01:20:15.840 cheap or free. I think that's what PayPal did and they Absolutely. The market 1395 01:20:15.840 --> 01:20:19.540 went on eBay. And then by the time they integrate integrated, 1396 01:20:19.680 --> 01:20:23.520 like, 2%, 3% fee, then everyone have already been started using it. 1397 01:20:23.520 --> 01:20:26.560 They were like Yeah. So that depends exactly on your pricing strategy. Right? Like, if 1398 01:20:26.560 --> 01:20:29.760 you are gonna start with just enterprise deals and sales where you're you're 5 or 1399 01:20:29.760 --> 01:20:33.585 6 from the beginning digits, you know, sales, then you don't really have that 1400 01:20:33.585 --> 01:20:36.864 flexibility. Like, you're gonna have to deal with the lawyers and the purchasing department contracts. 1401 01:20:36.864 --> 01:20:39.264 So it's gonna take 6 to 9 months, and that's just I mean, depending on 1402 01:20:39.264 --> 01:20:42.165 exactly where in that, like, lower fives, maybe not, depends on, 1403 01:20:43.320 --> 01:20:47.080 depends on who who you're you're selling to. But that's definitely something that that 1404 01:20:47.080 --> 01:20:50.120 that we've we've we've we've had to learn. What have been some of your, like, 1405 01:20:50.120 --> 01:20:53.800 biggest contracts, that that you've gone through and worked on in 1406 01:20:53.800 --> 01:20:57.275 terms of, like, selling in bulk for you guys' software? 1407 01:20:58.295 --> 01:21:01.975 I think we have a a particular telecom company, which 1408 01:21:01.975 --> 01:21:04.615 kinda out of the blue reached out and got, like, 40 licenses a couple years 1409 01:21:04.615 --> 01:21:08.160 ago, which is a pretty large one. We have 1410 01:21:08.240 --> 01:21:12.080 nowadays, it's larger, not so much in total seats of licenses, but 1411 01:21:12.080 --> 01:21:14.960 it'll be like an enterprise customer with, like, 10 floating licenses. Right? So I don't 1412 01:21:15.040 --> 01:21:17.920 they could have 50 people. They could have 10 people. I don't know exactly how 1413 01:21:17.920 --> 01:21:21.655 big they are. But they're but they're buying the enterprise with floating 1414 01:21:21.655 --> 01:21:24.935 licenses and so it's a much higher price point, it's a higher support tier. Is 1415 01:21:24.935 --> 01:21:27.835 the majority of the the revenue on the product side 1416 01:21:28.295 --> 01:21:31.915 commercial versus non commercial? 1417 01:21:32.770 --> 01:21:36.370 So historic oh, you know, I should pull I should pull that spreadsheet 1418 01:21:36.370 --> 01:21:40.050 up. Let me see here. We do 1419 01:21:40.050 --> 01:21:43.810 have a like an active license count that shows that the 1420 01:21:43.810 --> 01:21:47.515 splits between commercial versus noncommercial. And this 1421 01:21:47.515 --> 01:21:51.355 and this is interesting too, especially when you when you look at, like, 1422 01:21:51.355 --> 01:21:54.155 GEDRs it back to the market too. Right? Because, you know, our sort of, like, 1423 01:21:54.155 --> 01:21:57.275 part of our game plan yeah. Part of our part of our game plan initially 1424 01:21:57.275 --> 01:22:00.635 was, like, look, if we just get students and hobbyists and just 1425 01:22:00.635 --> 01:22:04.440 wait, we'll take over. That was 100% our strategy. 1426 01:22:04.440 --> 01:22:07.719 Right? It gets the item from the very beginning. And then that is where really 1427 01:22:07.719 --> 01:22:11.400 Geter really hurt us the most. Right? Now there are absolutely professional and corporate 1428 01:22:11.400 --> 01:22:13.960 environments. They're still using it and we're we're kind of competing with because again free 1429 01:22:13.960 --> 01:22:17.695 is hard to compete with. But, like, yeah, that was 1430 01:22:17.695 --> 01:22:21.535 where, like, we like, 1 year, like, Seesaw as, you know, CTF for 1431 01:22:21.535 --> 01:22:24.335 for students. It was, like, Binja was, like, taking over, and I was so excited. 1432 01:22:24.335 --> 01:22:28.094 The next year, it was, like, all Ghidra. And actually, after that, ironically, it 1433 01:22:28.094 --> 01:22:31.440 was actually back to, like, Ida and Ghidra, because it was more it's, kinda, more 1434 01:22:31.440 --> 01:22:35.040 chaotic. It was sort of a mix, which is interesting, as as things change. 1435 01:22:35.040 --> 01:22:38.560 But, yeah. That's where, like, it can really making sure that 1436 01:22:38.560 --> 01:22:42.355 we're active. The student discount has helped a bunch, and so we do 1437 01:22:42.395 --> 01:22:46.235 we have a surprising volume of, student discounts. We've really thought about, 1438 01:22:46.235 --> 01:22:50.075 like, should students be free? Should we just get free student licenses? We've really wrestled 1439 01:22:50.075 --> 01:22:53.435 with that. Yeah. Like, incorporating it into, 1440 01:22:53.435 --> 01:22:57.010 like like, education systems or or institutions where the teacher 1441 01:22:57.010 --> 01:23:00.770 then utilizes it and teaches it with it. So that way, upon leaving, 1442 01:23:00.770 --> 01:23:03.650 everyone's already using it. You know? Yeah. And like I said, early on, that was 1443 01:23:03.650 --> 01:23:06.530 our sort of strategy, but we didn't make it totally free. We still made it 1444 01:23:06.530 --> 01:23:10.225 cost something cost because I I just sort of ended. I'm kind of a stickler 1445 01:23:10.225 --> 01:23:13.345 on, like, I wanted to have some value, in particular if you're a student. If 1446 01:23:13.345 --> 01:23:16.545 it's super discounted and you get a student discount, but you've paid your real money 1447 01:23:16.545 --> 01:23:18.864 on it, you're gonna put the time in to actually use it and evaluate it. 1448 01:23:18.864 --> 01:23:22.480 And if it's just, like, oh, just totally free, well, more 1449 01:23:22.480 --> 01:23:26.160 likely. You're you're much more likely to because that money is much that money has, 1450 01:23:26.160 --> 01:23:28.320 like, real value to you for the most part. Like, you I would say. That 1451 01:23:28.320 --> 01:23:30.800 was, like, $75 you had to pay. You know, that's that's a that's a PS 1452 01:23:30.800 --> 01:23:34.560 5 game. Right? So, like Yeah. You know, that like, I I at least 1453 01:23:34.560 --> 01:23:37.995 that's theoretically. That's my that's my logic on why we we still 1454 01:23:37.995 --> 01:23:41.055 charge. And and, like, so we have, 1455 01:23:42.715 --> 01:23:45.135 about 1.5 times 1456 01:23:46.155 --> 01:23:49.900 the commercial licenses and noncommercial licenses. 1457 01:23:50.920 --> 01:23:54.120 Okay. So you guys are heavy in noncommercial. So we have more noncommercial. But, again, 1458 01:23:54.120 --> 01:23:57.800 by revenue, commercial is way more. Right? Because commercial is 2 x. 1459 01:23:57.800 --> 01:24:00.955 Right. The or no more than that way more than that. It is like, 4 1460 01:24:00.955 --> 01:24:03.355 x. Like, it used to be 2 x at one point, and we just randomly 1461 01:24:03.355 --> 01:24:06.395 doubled the price of commercial, left noncommercial alone. And we're like, let's see what happens. 1462 01:24:06.395 --> 01:24:09.835 I do think there are a lot of, commercial company. We we'll see a commercial 1463 01:24:09.835 --> 01:24:13.275 email go bought fast on a noncommercial license occasionally, and we'll shoot them a note 1464 01:24:13.275 --> 01:24:16.650 and be like, just so you know, like, you're using it. Like, you it might 1465 01:24:16.650 --> 01:24:19.450 be fine because depending on the the terms of, like, how you're using it, you 1466 01:24:19.450 --> 01:24:22.970 you can use it at work. And we have, like, specific terms, like, describe, like, 1467 01:24:22.970 --> 01:24:26.730 okay. This is considered commercial. It's considered not commercial. We'll 1468 01:24:26.730 --> 01:24:30.445 just kinda kinda let people know. But, but yeah. And it 1469 01:24:30.445 --> 01:24:34.045 actually it looks like it looks like noncommercial continues to 1470 01:24:34.045 --> 01:24:37.505 actually grow at a faster rate than commercial, which is interesting. So that's been 1471 01:24:38.045 --> 01:24:41.325 even in the face of GEDRA kinda flat for a while, and then it's it 1472 01:24:41.325 --> 01:24:45.120 sort of picked up again post GEDRA. Can you see, like, the 1473 01:24:45.180 --> 01:24:48.940 the the point when, like, Gija was there and then if you guys grew was 1474 01:24:48.940 --> 01:24:52.700 pretty much the same or dipped? Oh, yeah. No. It totally it 1475 01:24:52.700 --> 01:24:56.400 was about 6 to 9 months of flat growth, like, no growth whatsoever. 1476 01:24:56.615 --> 01:25:00.255 Right? So yeah. Yeah. Yeah. We went for, like, 10, 20%, like, consistent growth. 1477 01:25:00.375 --> 01:25:02.875 Feeling and thinking at that time? Well, 1478 01:25:04.215 --> 01:25:07.335 that was that was the time which we took on a very small outside investment 1479 01:25:07.335 --> 01:25:11.130 for equity just for, like, 5% of the company in just so we 1480 01:25:11.130 --> 01:25:14.590 have more in the bank because we were really worried about, like, do we need, 1481 01:25:15.130 --> 01:25:18.410 in hindsight, we didn't need to do that. So it wasn't, 1482 01:25:18.650 --> 01:25:21.790 wasn't totally required, but we thought that maybe we would. 1483 01:25:22.895 --> 01:25:25.315 And so we we kept a little more kind of in the coffers. 1484 01:25:26.895 --> 01:25:30.195 Would you advise, entrepreneurs to 1485 01:25:30.815 --> 01:25:34.255 to do that same move or maybe adjust? Yeah. That's be 1486 01:25:34.255 --> 01:25:37.810 different. That's so hard to say. Right? Like, you know, our 1487 01:25:37.810 --> 01:25:40.930 product was technically far enough along that we looked at Gator and we thought, okay. 1488 01:25:40.930 --> 01:25:43.370 I think we can weather this. Like, if that happened a year even a year 1489 01:25:43.370 --> 01:25:47.010 or 2 earlier, we probably wouldn't have been able to. But we had, you 1490 01:25:47.010 --> 01:25:50.850 know, 6 years of of development. The product was already mature enough. We had, you 1491 01:25:50.850 --> 01:25:54.445 know, enough things out there. Like, okay. I think we have enough advantages over 1492 01:25:54.445 --> 01:25:58.285 it. But, it was, yeah, it was it was 1493 01:25:58.285 --> 01:26:01.985 a little it was it was very concerning for sure. We were we're definitely kinda 1494 01:26:02.285 --> 01:26:05.325 keeping an eye out for it. I you know, I feel like every situation is 1495 01:26:05.325 --> 01:26:08.160 different. Whether you should be pivoting, whether you should it depends on what, like, we're 1496 01:26:08.160 --> 01:26:11.520 like, VINJA is our our baby. It's our passion. It's why we, like, we could 1497 01:26:11.520 --> 01:26:15.040 be making way more money, like, working for any of the 1498 01:26:15.040 --> 01:26:18.640 major tech companies. Like, everybody at my company is highly 1499 01:26:18.640 --> 01:26:22.320 skilled. We're very good at development, reversing their security. Like, we have skill sets 1500 01:26:22.320 --> 01:26:26.145 that could actively double our salary maybe 1501 01:26:26.145 --> 01:26:29.824 somewhere else. Like, no question. But, like, we all 1502 01:26:29.824 --> 01:26:33.585 really like what we're doing, and, like, who we're 1503 01:26:33.585 --> 01:26:37.185 doing it with, what the problems we're getting to solve. And, you know, like, as 1504 01:26:37.185 --> 01:26:39.950 the product is better, we get bigger bonuses. Right? So the goal of the dream 1505 01:26:39.950 --> 01:26:43.430 has always been, like, well, just get, like, more product sales, without growing the size 1506 01:26:43.430 --> 01:26:46.670 of the team, and then we can just continue to to bump everybody's salary up, 1507 01:26:46.750 --> 01:26:50.110 which is, you know, this year is looking is looking really good for. So it's 1508 01:26:50.110 --> 01:26:53.495 been nice to to, you know, see that kinda dream coming to to fruition. 1509 01:26:53.495 --> 01:26:57.015 So we're we're gonna keep doing it. We've talked 1510 01:26:57.015 --> 01:27:00.775 about the the origins. We've talked about the what's happening right now. 1511 01:27:00.775 --> 01:27:04.535 We've also talked about the future. What's the future for you? What what 1512 01:27:04.535 --> 01:27:07.170 what are you what are you gonna do in the next 5 to 10 years? 1513 01:27:07.330 --> 01:27:11.170 Yeah. I I really took a it surprised me last year 1514 01:27:11.170 --> 01:27:14.290 when it was, like, you know, eight and a half years. I was like, oh, 1515 01:27:14.290 --> 01:27:18.050 wait a minute. Didn't I leave my last few jobs after 7 years? And, 1516 01:27:18.050 --> 01:27:20.585 like, am I Was that like a wake up or, like, am I gonna do 1517 01:27:20.585 --> 01:27:23.825 it again kind of thing? It was just to, like yeah. Like, me, I took 1518 01:27:23.825 --> 01:27:26.145 stock. Right? I stepped back. I was like, okay. Is this what I wanna keep 1519 01:27:26.145 --> 01:27:29.905 doing? And the answer was absolutely. Like, I really I wanna keep doing this. Like, 1520 01:27:29.905 --> 01:27:33.185 I'm not, I don't feel like we've solved the problem. Like, Ida is still the 1521 01:27:33.185 --> 01:27:36.820 major dominant tool. You know, technically, there's still problems that I wanna 1522 01:27:36.820 --> 01:27:40.660 solve. I think we're the product itself is at a spot 1523 01:27:40.660 --> 01:27:44.500 where it can now, replace Ida for the vast majority of users. And 1524 01:27:44.500 --> 01:27:47.219 so now we just gotta go, like, show everybody. Like, convince them and, like, demonstrate 1525 01:27:47.219 --> 01:27:51.025 it and be like, hey. Listen. You can you get all these advantages. Let's let's 1526 01:27:51.025 --> 01:27:54.865 let's get everybody switched. And so that's super exciting. Like, I 1527 01:27:54.865 --> 01:27:58.065 feel like we we've done some of the hardest work and now we can reap 1528 01:27:58.065 --> 01:28:01.585 the rewards. But I also don't feel bored. Like, I feel like, you know, we're 1529 01:28:01.585 --> 01:28:05.420 launching a conference just next year. Tell us more about the conference. Where's 1530 01:28:05.420 --> 01:28:09.260 it gonna be? What's it gonna be about? Speaker, CFP So sort of thing. 1531 01:28:09.260 --> 01:28:12.860 Yeah. Reverse, r e dash verse dot I 1532 01:28:12.860 --> 01:28:16.620 o is, is the conference name. We just yesterday put the 1533 01:28:16.620 --> 01:28:20.375 website live and, the the CFP is open starting 1534 01:28:20.375 --> 01:28:23.895 immediately. You can go submit your your talks, please. Submit talks. It's gonna be in 1535 01:28:23.895 --> 01:28:27.735 Orlando, Florida, March, sorry. February 28th to March 1536 01:28:27.735 --> 01:28:31.335 1st is the conference. In hindsight, we really hate that it splits. It's really annoying 1537 01:28:31.335 --> 01:28:34.330 to have to split 2 months for the the date, but it was it was 1538 01:28:34.330 --> 01:28:38.090 very weekend for the hotel. So, it's it's it's a little bit 1539 01:28:38.090 --> 01:28:41.930 like infiltrate, really. We just took a lot of inspiration from, like, how infiltrate was 1540 01:28:41.930 --> 01:28:45.610 run. How did you run? There was a an event. In fact, we 1541 01:28:45.610 --> 01:28:49.335 hired the event coordinator in Belinda who ran outside event. 1542 01:28:49.335 --> 01:28:51.815 So, yeah, we very much were like, oh, hey, Linda. You wanna you wanna go 1543 01:28:51.815 --> 01:28:54.935 do this? And she was excited because she loved she loved Infiltrate, the community, the 1544 01:28:54.935 --> 01:28:58.695 people involved. So it's gonna be, it's gonna be more reverse engineering focused. The Infiltrate 1545 01:28:58.695 --> 01:29:02.460 was very offensive, security focused, so exploits vulnerability research. Ours will 1546 01:29:02.460 --> 01:29:05.420 have some of that, but it'll have also malware analysis and hardware reverse you know, 1547 01:29:05.420 --> 01:29:09.120 reverse engineering will be a little bit more just reverse engineering. It's not Bingeacon. 1548 01:29:09.260 --> 01:29:12.380 So to be clear, like, you know, several of our trainers are using Ghidra. Tox 1549 01:29:12.380 --> 01:29:15.600 can use either a Ghidra or a Ghidra. Like, that's totally fine. We're not, 1550 01:29:16.175 --> 01:29:19.935 not just trying to show show binary energy here. We want literally the 1551 01:29:19.935 --> 01:29:23.375 best, you know, the research and presentations. But but the thing that that 1552 01:29:23.375 --> 01:29:26.755 Infiltrate did 2 things really well. 1, 1553 01:29:27.055 --> 01:29:30.889 like, the hotel, the food, everything was top notch. It was really 1554 01:29:30.889 --> 01:29:34.409 well done. We're going to have really good, like, 1555 01:29:34.409 --> 01:29:38.170 logistics and planning, and you didn't so infiltrate was in South 1556 01:29:38.170 --> 01:29:41.850 Beach. You didn't leave the hotel because everybody stayed there. There was meals 1557 01:29:41.850 --> 01:29:45.684 there. There was, like, big gatherings out in the open lawn, which is beautiful in 1558 01:29:45.684 --> 01:29:48.264 Florida in February. Right? It was, like, a nice time of year to be outside. 1559 01:29:49.045 --> 01:29:52.744 And so, you know, it was really a good time 1560 01:29:52.885 --> 01:29:56.244 for, like, just connecting with other people that were at the conference. Like, it was 1561 01:29:56.244 --> 01:29:59.860 very, like, close knit. And that sort of vibe, I 1562 01:29:59.860 --> 01:30:03.380 think, is really, really important. And then the second thing that Infiltrate did super well, 1563 01:30:03.380 --> 01:30:06.900 which I thought was great, is not a lot of conferences forced dry 1564 01:30:06.900 --> 01:30:10.739 runs beforehand of the presenters. Every accepted speaker has to do a 1565 01:30:10.739 --> 01:30:14.445 dry run a month before the talk, the actual conference, and 1566 01:30:14.445 --> 01:30:18.125 then the review board or the conference organizer gets 1567 01:30:18.125 --> 01:30:20.605 basically a feedback. I'm like, oh, you should do this, or what about this question, 1568 01:30:20.605 --> 01:30:23.165 or what about this, or, you know, this slide is hard to read, or, like, 1569 01:30:23.165 --> 01:30:27.000 just all that stuff. And so just that little I mean, just having 1570 01:30:27.060 --> 01:30:30.820 me being forced to have your slides done in advance is a little bit 1571 01:30:30.820 --> 01:30:34.500 right. Just like you're always making changes, but if you have an internal deadline that's 1572 01:30:34.500 --> 01:30:37.220 earlier than the conference, because if you know, I do this all the time. If 1573 01:30:37.220 --> 01:30:39.975 I have a deadline, I will, right up to that deadline, be working on it. 1574 01:30:40.535 --> 01:30:43.735 But by forcing people to do it earlier, you just get so much higher quality 1575 01:30:43.735 --> 01:30:47.495 presentations. And so that's another another thing that we're we're we're 1576 01:30:47.495 --> 01:30:50.135 bringing back as well is I really I really there's just a ton about you. 1577 01:30:50.135 --> 01:30:53.255 And even as somebody who present a ton, like, I'm a very good presenter. I 1578 01:30:53.255 --> 01:30:55.930 can off the cuff, I can just do something quickly live. I could put together 1579 01:30:55.930 --> 01:30:59.470 the week before. It'll be a a good presentation. It's still important 1580 01:30:59.850 --> 01:31:02.730 to have had that earlier deadline to go through and try run it once. And 1581 01:31:02.730 --> 01:31:06.570 so, like, I'm not gonna name names. I remember somebody, like, do you knew who 1582 01:31:06.570 --> 01:31:09.915 I am? Like, your presentation's all the time back during the infiltrate days, basically, was 1583 01:31:09.915 --> 01:31:13.755 was saying this for that process. And sorry. Like, this is 1584 01:31:13.755 --> 01:31:17.514 to your benefit as well as the audience's. Everybody wins when when you 1585 01:31:17.514 --> 01:31:21.114 have to do this. So yeah. You said that you wanna keep it 1586 01:31:21.114 --> 01:31:24.390 very community and tight knit. Is there, like, a certain number of tickets you're gonna 1587 01:31:24.390 --> 01:31:28.230 sell? We we, offensive con, and there's only a certain amount of 1588 01:31:28.230 --> 01:31:31.030 tickets that always sold. Yeah. So Offensive con sells out real fast. Offensive con, I 1589 01:31:31.030 --> 01:31:33.750 think, is about 600. So they're a little bit bigger for our 1st year. We're 1590 01:31:33.750 --> 01:31:36.730 we're sticking it at even 400. So even a little bit smaller than that. 1591 01:31:37.755 --> 01:31:41.594 And so I'd rather sell out and really have it be be 1592 01:31:41.594 --> 01:31:45.435 tight. We might if there's a ton of interest that sells out, well, you know, 1593 01:31:45.435 --> 01:31:48.074 we'll see. We could go a little bit. The space we're in could actually grow 1594 01:31:48.074 --> 01:31:50.955 much bigger. But, like, you know, probably because it was our 1st year, probably just 1595 01:31:50.955 --> 01:31:54.550 because again, yeah. Like, I don't want it to be some huge Defcon like experience. 1596 01:31:54.550 --> 01:31:58.250 Like, Defcon is fun for other reasons, but it's not a community. Right? It's 1597 01:31:58.390 --> 01:32:02.230 hundreds of communities that are all kinda, like, you know, colocated. That's 1598 01:32:02.230 --> 01:32:05.190 probably a better way to put it. I I would say that Defcon is a 1599 01:32:05.190 --> 01:32:08.917 community just because of the comparison to Black Hat. Like, I don't Sure. That's 1600 01:32:08.917 --> 01:32:12.540 fair. Feels about community at all, but Defcon does feel. But you're a 1601 01:32:12.540 --> 01:32:16.162 100% right that the micro communities are not the size of what Defcon used 1602 01:32:16.162 --> 01:32:19.784 to be. Exactly. All the villages itself. Right? Oh, yeah. No. Every 1603 01:32:19.784 --> 01:32:23.380 village there is is as big or bigger than, like, that It's its own conference 1604 01:32:23.380 --> 01:32:26.579 at that point. So Yeah. They they have their own agendas and track and speakers 1605 01:32:26.579 --> 01:32:30.179 and awards, and, like, they they're a 100%. It's dozens of 1606 01:32:30.179 --> 01:32:34.005 separate cons kind of kind of in one. So Yes. Yeah. But this 1607 01:32:34.005 --> 01:32:37.685 is this is meant to be kinda small. It's meant to be, sort of more 1608 01:32:37.685 --> 01:32:41.284 boutique, really, really nice high end. It's also Florida in the summer, which is a 1609 01:32:41.284 --> 01:32:44.885 great time to visit right near Disney and Just in the summer? You said Yes. 1610 01:32:44.885 --> 01:32:47.364 Not in the summer. No. Sorry. Not summer. It's no. Florida in the summer is 1611 01:32:47.364 --> 01:32:50.660 when the worst time to visit because it's too hot. Yes. Florida in the winter 1612 01:32:50.660 --> 01:32:53.640 when it's a great time to get out of cold climates and come visit Florida. 1613 01:32:55.140 --> 01:32:58.840 So Track 1 track, 2 tracks. One track. Yeah. 1614 01:32:58.900 --> 01:33:02.535 One track for now. I remain really skeptical 1615 01:33:02.535 --> 01:33:06.375 of 2 tracks. I love again, product community, knowing everybody is there for the same 1616 01:33:06.375 --> 01:33:09.815 talk and the same thing. Same talk. Yeah. Maybe we could do some fireside or 1617 01:33:09.815 --> 01:33:12.535 some workshops, some other thing eventually. But I think for 1st year in particular, we're 1618 01:33:12.535 --> 01:33:15.969 gonna keep it simple. I I like One Track. And if there's a topic you're 1619 01:33:15.969 --> 01:33:18.449 not interested in, well, you can go outside, and that's a good time to talk 1620 01:33:18.449 --> 01:33:22.290 to people. And, but just knowing that everybody is is sort 1621 01:33:22.290 --> 01:33:25.250 of there for the the same stuff, I think is I think is is valuable. 1622 01:33:25.250 --> 01:33:28.915 So that's part of the part of the appeal. What you know, little other 1623 01:33:28.915 --> 01:33:32.275 stuff that, like, a viewing room outside, right, where you can also listen to the 1624 01:33:32.275 --> 01:33:34.755 talk, not in the main conference room. You wanna talk to people, but you still 1625 01:33:34.755 --> 01:33:38.275 wanna hear the talk that's going on or occasionally tune in. Offensive Condos, like, great. 1626 01:33:38.275 --> 01:33:41.530 I think that's another thing that we we love. You know, so there's a lot 1627 01:33:41.530 --> 01:33:44.010 of little stuff we've been thinking about. We've been talking about doing this for for 1628 01:33:44.090 --> 01:33:47.370 since we started the company. It's really been something we've been toying with. Yeah. Move 1629 01:33:47.370 --> 01:33:50.490 for you guys. It's a very exciting thing to to be doing. Feels like it's 1630 01:33:50.490 --> 01:33:54.250 it's time. Yeah. We're we're we're ready to do it. So, hopefully, we'll and it's 1631 01:33:54.250 --> 01:33:56.985 it's just there's been, you know, a lot of conferences in the US have shut 1632 01:33:56.985 --> 01:34:00.824 down. Shubukan last year is is coming up. Yeah. Infiltrate. Oh, they're just 1633 01:34:00.824 --> 01:34:04.025 burnt out, I think. They've been running that thing for so long. Right? Yeah. Yeah. 1634 01:34:04.025 --> 01:34:06.665 Yeah. Yeah. Yeah. I know. I like it. And, actually, I ran the CTF for, 1635 01:34:06.665 --> 01:34:09.864 like, 6 years, back in the day with with Heidi and Bruce. They're fantastic to 1636 01:34:09.864 --> 01:34:13.230 work with, but it is just a huge investment of of 1637 01:34:13.370 --> 01:34:17.210 energy and, time and they're, you know, they run is like a it's a nonprofit 1638 01:34:17.210 --> 01:34:20.650 too. And so, it's like their their 1639 01:34:20.650 --> 01:34:23.850 laborer's costs are covered, but, like, every year they sort of start fresh, kind of, 1640 01:34:23.850 --> 01:34:27.517 with with the budget and with, you know, just yeah. It's 1641 01:34:27.517 --> 01:34:31.163 it's just a ton of work. They've done it. It's been a very good 1642 01:34:31.163 --> 01:34:34.809 benefit. So there's DistroCon too, I wanna shout out. There's another conference starting up 1643 01:34:34.809 --> 01:34:38.455 actually just a week before ours in DC, which they're kinda trying to, like, 1644 01:34:38.455 --> 01:34:42.060 inherit the ShmooCon mantle. We kinda wanna inherit the infiltrate mantle. So that's that's 1645 01:34:42.060 --> 01:34:45.180 kind of the the, you know, but I think both are needed. I think there's 1646 01:34:45.180 --> 01:34:48.480 a lot of value in, in more cons in the US because 1647 01:34:48.700 --> 01:34:52.540 Hexagon, offensive con, recon, a lot of the best conferences right now are not 1648 01:34:52.540 --> 01:34:56.060 in the US. So I'd love to At least offensively. Kinda return that. Reverse 1649 01:34:56.060 --> 01:34:59.605 engineering. Yeah. Yeah. Yeah. Even even, like, 1650 01:34:59.605 --> 01:35:03.145 just the kind of a, you know, technical detailed depth, like, there's b sides. 1651 01:35:03.925 --> 01:35:07.605 And in the US, like, you just don't see as many as many conferences I 1652 01:35:07.605 --> 01:35:11.364 feel like. Oh, you have a massive amount of b sides. Sometimes you 1653 01:35:11.364 --> 01:35:14.690 get good technical talks. You do. But, like, I sometimes say, you don't have, like, 1654 01:35:14.690 --> 01:35:18.290 the like, I just feel like if you look at tops info site 1655 01:35:18.290 --> 01:35:22.130 conferences, Blackhat and Defcon are really some 1656 01:35:22.130 --> 01:35:25.730 of the only ones you see in the US. It's just not can you think 1657 01:35:25.810 --> 01:35:27.969 I yeah. What can you think of? Like, can you think of a good 1658 01:35:29.785 --> 01:35:32.665 really I mean, a summer con is more of a drinking con. It's fantastic and 1659 01:35:32.665 --> 01:35:36.105 fun, but it's not, you know, the it's explicitly not the highest 1660 01:35:36.105 --> 01:35:39.785 technical content, talks. It's a you know, another we're 1661 01:35:39.785 --> 01:35:43.510 actually talking about, like, conferences and talks and and and, other places to go 1662 01:35:43.510 --> 01:35:46.950 drink at, like, it's really divided between because I've I've given 1663 01:35:46.950 --> 01:35:50.710 talks nationally and internationally at, you 1664 01:35:50.710 --> 01:35:54.550 know, conferences, but then also at camps. So like Yes. And it also depends on 1665 01:35:54.550 --> 01:35:57.905 the the the audience that you're looking for, right? So if you're talking and I 1666 01:35:57.905 --> 01:36:01.585 think it's like split between like, commercial based 1667 01:36:01.585 --> 01:36:05.365 things, government based things, and then more grassroots, 1668 01:36:06.465 --> 01:36:10.160 Yeah, Yeah. Community. Exactly. Hacker. The old school. Yeah. What Defcon 1669 01:36:10.160 --> 01:36:13.440 was a long time ago and hasn't been for years. Like the fact that, like, 1670 01:36:13.440 --> 01:36:16.960 there's sponsors being tweeted out for I literally tweeted those recently. Like how weird it 1671 01:36:16.960 --> 01:36:20.560 is that, like, Defcon villages tweet out sponsor lists. And this is 1672 01:36:20.560 --> 01:36:23.985 bizarre to me when, like, you know, corporate logos were 1673 01:36:23.985 --> 01:36:27.825 anathema for the longest time at DEF CON. It really was, you know, 1674 01:36:27.825 --> 01:36:31.425 a counterculture thing. And it it clearly hasn't been for you know, it's just it's 1675 01:36:31.425 --> 01:36:34.705 changed so much. And again, I don't make it as as a judgment. I don't 1676 01:36:34.705 --> 01:36:38.440 think there's it's inherently better or it's just very different than than it 1677 01:36:38.440 --> 01:36:41.720 used to be. Are you guys having sponsors at your guys' conference? We we do. 1678 01:36:41.720 --> 01:36:45.000 In fact, we already have, 4 that like, it's crazy to me. We actually 4 1679 01:36:45.000 --> 01:36:48.645 signed up before we even launched the website. People who are like, yes. We're excited 1680 01:36:48.645 --> 01:36:51.625 for a conference. So we've got binaurali as our platinum sponsor, 1681 01:36:53.205 --> 01:36:56.265 celebrate, Ursa secure, and, 1682 01:36:57.045 --> 01:37:00.485 our II research innovations is the, the, the other one. So 1683 01:37:00.645 --> 01:37:04.310 Perfect. Yeah. Give them give them their plug now. But yeah. No. 1684 01:37:04.310 --> 01:37:07.849 It's it's cool that, like, people were willing to sponsor us, like, 1685 01:37:07.989 --> 01:37:10.790 sort of sight unseen. Right? Just trusting that we would we would do it. So 1686 01:37:10.790 --> 01:37:13.270 that felt that felt really good. It's building the brand. That's that's the 10 years 1687 01:37:13.270 --> 01:37:16.469 of building guys' brand up and and being a salesman in the industry. Yeah. I 1688 01:37:16.469 --> 01:37:20.215 think that's exactly right. Is there anything else that you'd like to share? The only 1689 01:37:20.215 --> 01:37:23.175 other hobby I do is speed cubing and I haven't been practicing as much lately. 1690 01:37:23.175 --> 01:37:27.014 So Speed cubing? Have you been doing competitions for speed cubing? There's not enough in 1691 01:37:27.014 --> 01:37:30.375 Florida, but, yeah. Like, I I go to most of the ones in Florida. But 1692 01:37:30.375 --> 01:37:32.934 the the last was in Tallahassee. It was just too far of a drive, so 1693 01:37:32.934 --> 01:37:36.099 I didn't didn't go. State champion yet? Not even no. I'm an old man. Are 1694 01:37:36.099 --> 01:37:39.940 you kidding me? Like, there's literally a separate league for people over 40. Like, there's 1695 01:37:39.940 --> 01:37:43.780 actually a separate scoreboard because I, at one point, was like 69th 1696 01:37:43.780 --> 01:37:47.000 in the world, over 40, but, like, 1697 01:37:47.219 --> 01:37:50.994 I'm 30 thousandth or something if you count everybody. Like, 1698 01:37:50.994 --> 01:37:54.755 I am very slow. Yeah. Like, relative to like, my fastest times 1699 01:37:54.755 --> 01:37:58.594 are like 12, 13 seconds usually. And, like, that's not even 1700 01:37:58.594 --> 01:38:02.320 enough. It's doing 6 seconds, 5, and 4? They're down in the 1701 01:38:02.320 --> 01:38:06.160 fours. Yeah. They're down in the fours for, like, yeah. The top the 1702 01:38:06.160 --> 01:38:09.880 top the the top spots, but any any regional It's just 1703 01:38:10.000 --> 01:38:13.840 there's no, like, algorithm, like, advantage. Everyone knows the algorithm 1704 01:38:13.840 --> 01:38:16.735 of the fastest way to do it. Right? Or 1705 01:38:18.094 --> 01:38:21.855 yeah. For the most part, yeah. What what what, there are you can 1706 01:38:21.855 --> 01:38:24.675 memorize more and more algorithms. And the more you memorize, 1707 01:38:26.735 --> 01:38:30.400 the the more options you sort of have available to you. But, also Okay. At 1708 01:38:30.400 --> 01:38:33.040 first, the more it takes to recognize which other game you should do. Can they 1709 01:38:33.040 --> 01:38:36.720 can't just lay you down? So there's that trade off. The best people know all 1710 01:38:36.720 --> 01:38:40.000 the algorithms and also have zero pauses and just go straight from one of the 1711 01:38:40.000 --> 01:38:43.040 other. There is a little bit of creativity in one of the earlier sections. It's 1712 01:38:43.040 --> 01:38:46.425 it's kind of fun in terms of decision making choices. Like, there's absolutely strategy. It's 1713 01:38:46.425 --> 01:38:48.985 not just a hard and fast. This is the optimal way always, and you know 1714 01:38:48.985 --> 01:38:52.505 it. There's a lot of, like, different techniques, and different people will solve 1715 01:38:52.505 --> 01:38:56.105 it, a little bit in the earlier in the earlier phases. Towards the end, it 1716 01:38:56.105 --> 01:38:59.890 tends to look very, very similar, with exceptions for, like, how 1717 01:38:59.890 --> 01:39:03.650 many memorized algorithms you have memorized. But common algorithms just, like, you know, sequences 1718 01:39:03.650 --> 01:39:07.410 and moves for particular cases, like case case case solves. But, no. 1719 01:39:07.410 --> 01:39:10.130 It's fine. It's it's been my and now it's happy. It's been a been a 1720 01:39:10.130 --> 01:39:11.452 good thing to pick up and It's been a good thing to pick up and 1721 01:39:11.467 --> 01:39:12.690 It's been a good thing to pick up and It's been a good thing, like, 1722 01:39:12.690 --> 01:39:16.445 I've I've wanted to do my I remember one of my best friends in 1723 01:39:16.445 --> 01:39:19.325 high school, he knew it, how to do he solved it and I was like 1724 01:39:19.325 --> 01:39:22.685 I wanna learn, but I wanna learn on my own. I 1725 01:39:22.685 --> 01:39:26.365 don't wanna follow an algorithm. And then I just now I'm 30 1726 01:39:26.365 --> 01:39:29.005 what? 3? Whatever? 30? I don't know. And now I haven't done it and I'm 1727 01:39:29.005 --> 01:39:31.540 like ah, shit. I maybe I should just learn the algorithm. Shouldn't just learn it. 1728 01:39:31.540 --> 01:39:35.380 I can do it. Rusty, my my my third cofounder, did that 1729 01:39:35.380 --> 01:39:38.820 where he was, like, I wanna learn, like, intuitively. I wanna get a sense for 1730 01:39:38.900 --> 01:39:41.715 I just wanna play with it for a month or so. So he he did 1731 01:39:41.715 --> 01:39:44.195 that. Like, I was just straight up, like, I was just gonna memorize. He didn't 1732 01:39:44.195 --> 01:39:46.675 solve it though. That's the thing is he made it to the last layer and 1733 01:39:46.675 --> 01:39:50.514 it's it gets exponentially more difficult. Really? The because 1734 01:39:50.514 --> 01:39:54.275 because the the closer you get to being solved, the less freedom you 1735 01:39:54.275 --> 01:39:58.100 have to, like, make moves without disrupting what you've already solved. And so that's where 1736 01:39:58.100 --> 01:40:01.940 it becomes easier to, like, just memorize an algorithm or look 1737 01:40:01.940 --> 01:40:05.060 up the correct answer to, like, get those last those last little bits. But, like, 1738 01:40:05.060 --> 01:40:08.820 the first two anybody can and should just play with it for a couple 1739 01:40:08.820 --> 01:40:11.829 weeks, and you can learn enough to get the first two layers. Like, to get 1740 01:40:11.829 --> 01:40:15.164 a whole lot of face and to get like the size and the edge. Like, 1741 01:40:15.164 --> 01:40:18.943 you can figure out just by I got that part. Doing that. Yeah. Exactly. Then 1742 01:40:18.943 --> 01:40:22.500 the last layer, it's obviously, there's people who figured out their own. It's been solved 1743 01:40:22.500 --> 01:40:26.057 before by people at that point, but I'm not one of them and that's yeah. 1744 01:40:26.057 --> 01:40:29.239 So so I just memorized. A lot of good old ones. 1745 01:40:29.800 --> 01:40:33.400 About games. So, like, do do you 1746 01:40:33.400 --> 01:40:37.239 do you get any interest in playing, like, games like mafia or werewolf where you 1747 01:40:37.239 --> 01:40:41.014 have to, like, pretend to be someone? Yeah. My son is a huge he's literally 1748 01:40:41.014 --> 01:40:44.135 right now is playing that out of school. Every day at lunch break, they play 1749 01:40:44.135 --> 01:40:47.494 they play werewolf. Yeah. We have all of the variants at home. This new one, 1750 01:40:47.494 --> 01:40:50.455 by the way, if you haven't looked at the Kickstarter called, either werewolf in the 1751 01:40:50.455 --> 01:40:53.350 dark or mafia in the dark. I think that looks really, really fun. It's like 1752 01:40:53.350 --> 01:40:57.190 an in person kinda big group gameplay. Anyway, yeah. So I'm 1753 01:40:57.190 --> 01:41:00.790 very familiar with with with those games. Do you play these ones as well? Do 1754 01:41:00.790 --> 01:41:04.230 you like these ones? I I do to a certain point. I'm a pretty good 1755 01:41:04.230 --> 01:41:07.844 liar. Like, when I when I need to be, which is weird 1756 01:41:07.844 --> 01:41:11.625 because I'm not naturally a liar. Like, I'm very like, I just am super 1757 01:41:11.925 --> 01:41:15.204 I default to the truth just all the time, which is also part of what 1758 01:41:15.204 --> 01:41:18.804 I do. Because it's like long term relationship, something else. It's never worth 1759 01:41:18.804 --> 01:41:22.440 it. It's almost not yeah. It's like yes. Exactly. So 1760 01:41:22.520 --> 01:41:25.320 If somebody, like, will ask me my opinion, I'm gonna tell you my opinion. Even 1761 01:41:25.320 --> 01:41:28.679 if it you don't like it. Because I'd rather you know the truth now than 1762 01:41:28.679 --> 01:41:31.480 it, like, it just it's one of those things that we're just practically speaking. I 1763 01:41:31.480 --> 01:41:34.805 think it's always best to tell the truth. Always. And so I'm scrupulously 1764 01:41:34.945 --> 01:41:38.305 truthful and even just how we run the company, we're very transparent. We have a 1765 01:41:38.305 --> 01:41:41.505 GitHub database with all of our issues and our roadmap in future. Like, we don't 1766 01:41:41.505 --> 01:41:44.465 hide or have secret plans. Like, we just we do everything in the open as 1767 01:41:44.465 --> 01:41:47.025 much as we can. It's just kinda like our philosophy on doing this. I really 1768 01:41:47.025 --> 01:41:50.670 think that's just a better way to do things, but, Yeah. No. I 1769 01:41:50.750 --> 01:41:54.510 I'm usually pretty good at mafia, like, in lying, about, like, 1770 01:41:54.510 --> 01:41:58.110 whatever. I can I can keep a pretty good face? Yeah. I prefer I I 1771 01:41:58.110 --> 01:42:01.790 like it a lot too. I've noticed we've been playing I got, like, Catan right 1772 01:42:01.790 --> 01:42:05.505 here. We've been I taught my girl Catan. And she loves 1773 01:42:05.505 --> 01:42:09.105 it. She loves playing it. And I've what I've realized is if you 1774 01:42:09.105 --> 01:42:11.665 are like let's say let's say I go to your house and I'm playing with 1775 01:42:11.665 --> 01:42:15.425 you. Right? I'm more likely to screw you over because I know 1776 01:42:15.425 --> 01:42:18.385 you and I don't really wanna screw anybody else over because I don't know them. 1777 01:42:18.385 --> 01:42:22.200 Yeah. So, like Yeah. The person that you invite over always screws you over. Not 1778 01:42:22.200 --> 01:42:25.240 always, but most of the time will you over more so. So you already you 1779 01:42:25.240 --> 01:42:28.040 have this, like, disadvantage. Like, as soon as the game starts, I've noticed. I was 1780 01:42:28.040 --> 01:42:31.720 like it's a it's just one of these, like, quirky things about, like, how the 1781 01:42:31.720 --> 01:42:35.175 game dynamic's set up and, like, how human human behavior is, 1782 01:42:35.574 --> 01:42:38.534 regardless of the rules in the games. It's it's interesting to do with some people, 1783 01:42:38.534 --> 01:42:42.054 like, my mother despises mafia or werewolf or any of those 1784 01:42:42.054 --> 01:42:45.755 games. She just because she always gets mafia and she hates it. She just doesn't 1785 01:42:45.895 --> 01:42:49.415 like lying. She doesn't like being the one that's gotta hide what she is. She 1786 01:42:49.415 --> 01:42:53.210 just it is the most painful. And she literally just for the her mental 1787 01:42:53.210 --> 01:42:56.970 health. We just stopped her. Yeah. Exactly. She's just too nice. Like, it just doesn't 1788 01:42:57.130 --> 01:43:00.010 so she just refused to play now. So now we'll like, big family gatherings will 1789 01:43:00.010 --> 01:43:03.855 always play play around the mafia. And, she is 1790 01:43:03.855 --> 01:43:07.695 she is excited. Play. Nope. Grandma grandma doesn't play. She just and it's 1791 01:43:07.695 --> 01:43:11.535 everyone's just that's fine. Grandma doesn't play. But all the cousins, all my my 1792 01:43:11.535 --> 01:43:14.975 my siblings, and my, you know, my dad will will do it. So 1793 01:43:15.197 --> 01:43:19.020 yeah. We'll play games. We we always play family games as well and whether I'm 1794 01:43:19.020 --> 01:43:21.900 playing fam actually it's when I play games with new people. If I if it's 1795 01:43:21.900 --> 01:43:25.580 a game that like I almost a 100% sure very very confident that 1796 01:43:25.580 --> 01:43:29.355 I'll win. Sometimes I'll like decide if like I'll just purposely lose 1797 01:43:29.355 --> 01:43:33.034 so Yeah. That the next time in series that we play They wanna play. Yeah. 1798 01:43:33.034 --> 01:43:36.875 Yeah. They wanna play. Yeah. Yeah. Yeah. So, it's just another level of I 1799 01:43:36.875 --> 01:43:39.914 like I like co op ones. Table co op like there's a castle panic and 1800 01:43:39.914 --> 01:43:43.054 there's, you know, there's a couple of the the the tabletop games that are explicitly 1801 01:43:43.114 --> 01:43:46.659 like cooperative. I think that's a really fun genre. There's a there's a bunch of 1802 01:43:46.659 --> 01:43:50.500 those which I I really enjoy. I I am I'd like to see some of 1803 01:43:50.500 --> 01:43:54.020 those and learn about those. I we've never done those. By by nature, I'm too 1804 01:43:54.020 --> 01:43:57.455 competitive. If I so I I could that that by just not caring and not 1805 01:43:57.455 --> 01:44:01.215 not be competitive at all. Because, like, once I start being a little competitive, it's 1806 01:44:01.215 --> 01:44:04.735 bad. Like, so I've I sort of, like, have had to, like, over the years, 1807 01:44:04.735 --> 01:44:08.015 I've mellowed out and I just I don't try because once I, like, it's, like, 1808 01:44:08.015 --> 01:44:11.739 I'm either on or off and, like, I Yeah. Yeah. Just better if that happens. 1809 01:44:11.820 --> 01:44:15.659 After the game is done and you're like, that's you're like Some years ago this 1810 01:44:15.659 --> 01:44:19.500 guy No. For me, no. I'm I'm very I can disconnect, but other 1811 01:44:19.500 --> 01:44:22.935 people Not perfect. No. Because I I was the person that ruined it. So like 1812 01:44:23.415 --> 01:44:27.095 there are consequences afterwards even if they're not direct to my Oh, 1813 01:44:27.095 --> 01:44:30.695 right. Yeah. Right? I've had this too. I played a game or whatever and then 1814 01:44:30.695 --> 01:44:34.055 like I don't trust Chris because Ever again. He did something with this game. I 1815 01:44:34.055 --> 01:44:37.690 was like, we're playing a game. Yeah. Yeah. So that 1816 01:44:37.770 --> 01:44:40.489 that's the consequence. You gotta you gotta watch out for that. Yeah. You gotta look 1817 01:44:40.489 --> 01:44:44.250 out for that. But, alright. I don't wanna take out too 1818 01:44:44.250 --> 01:44:47.770 much of your time. I really enjoyed this conversation. I'm hoping, a lot of people 1819 01:44:47.770 --> 01:44:51.265 also gained a lot of insight from this. Well, I think what the plan is 1820 01:44:51.265 --> 01:44:55.105 what I'll do is, we're gonna get a few episodes, created, then we'll start 1821 01:44:55.105 --> 01:44:57.585 rolling them out so that way I can, like, push one out. It could be 1822 01:44:57.585 --> 01:45:00.465 something like that. But Yep. Schedule now. We'll keep you in the loop and Sounds 1823 01:45:00.465 --> 01:45:03.790 great. Everything like that. So Jordan, thank you so much for your time, man. Really 1824 01:45:03.790 --> 01:45:07.550 appreciate you being on here. We're excited to, you know, see what 1825 01:45:07.630 --> 01:45:11.310 more comes from Vector 35, yourself as well, and then your conference coming up. 1826 01:45:11.310 --> 01:45:14.990 So I appreciate it. Hopefully, we'll sit there. Thanks. Take care. Of course. Bye 1827 01:45:14.990 --> 01:45:15.970 bye. Cheers, brother.