Interviews: Ask Reuben Paul What Hackers Can Learn From an 8-Year-Old

Reuben A. Paul, aka RAPstar, has something of a head-start when it comes to learning about computer security: his father, Mano Paul, has been a security researcher (and instructor) for many years. So Reuben grew up around computers, seeing firsthand that they're neither mysterious nor impregnable. Reuben, though, has a curious mind and his own computer security interests, and a knack for telling others about them; last month, he became the youngest-ever speaker at DerbyCon, and explained some of what he's picked up so far on what kids can learn about security, as well as what the security field can learn from kids. (One hard to dispute nugget: "Kids are the best social engineers, followed by puppies.") Ask of Reuben whatever you'd like, below (please, one question per post), and we'll get answers to selected questions when we catch up with him at next week's Houston Security Conference. (This year's conference is sold out, but there's always 2015.)

I like kids

Reuben, have you ever been...in a Turkish prison?

IWPTA

IWPTA "Paul Reubens".

The secret word is...hax0r.

Re:IWPTA

That's funny because IWPTA -> "IWPTA" = @ pee wee.

Re:IWPTA

Since you didn't know either,

IWPTA = I Wacky-Parsed This As

Also Paul Rubins is Pee Wee Herman's real name. But you probably did know that.

I hate kids

If I say, "practice it until you get it right," does that trigger your PTSD?

LOL ... Pee Wee ...

[gstoddart]

LOL, I thought for a moment we were having an interview with Pee Wee Herman/Paul Reubens.

Do you get tired of that? :-P

Rough Name

I completely misread that title at first. I didn't want to know what Paul Reuben could learn from an 8-year old.

Re:Why?

[ArcadeMan]

Why do you think anyone wants to watch powerpoint slides?

FTFY

please don't drink the koolaid

from your pop's site "HackFormers mission is simple and straightforward > Teach Security; Teach Christ; Teach Security In Christ."

Re:please don't drink the koolaid

Easily the most dubious Jesus tie-in marketing I've seen yet.

And I say this as a Christian.

Re:please don't drink the koolaid

[mythosaz]

I assumed you were joking until I looked it up.

Nothing spices up a good security discussion like some Jesus on the side.

mmmmmmm, superstition.

Re:please don't drink the koolaid

[sexconker]

I thought you were trolling.
I checked it out.

Hoooooooooooooooooly shiiiiiiiiiiit.

here's my question for the little brat: Do you ever do the potty dance when presenting your dad's work to a group of idiots?

Robots

[Scottingham]

Do you think robots will take all of our jobs? If so, how do you think society should handle the masses of unemployed?

why?

[slashdice]

surely you could have just jacked off at home and nobody would have been the wiser...

anyone else come here looking for

pee wee herman?

New Low For Slashdot?

Instead of interviewing an 8 year old security researcher, why not offer him a job as a Slashdot editor?

What's your favorite Pokemon?

[_xeno_]

OK, so since it seems no one else knows who RAPstar or Mano Paul is either, let's go with this dumb question: what's your favorite Pokemon?

Actually, I think I can turn this into something vaguely on topic since someone managed to do a TAS of Pokemon Yellow that manages to run arbitrary code, ultimately calculating pi to several digits.

So have you ever found an exploit in a game or something and used it to your advantage? Or what's the coolest, unintentional behavior you've done with a computer program?

One Thing About Kids

They start with a blank slate and don't accept that things can't be done and as a result, find solutions adults thought couldn't exist. Preconceived notions and the unwillingness to part with them are one of the biggest stumbling blocks to learning and progress.

Re:One Thing About Kids

[jbeaupre]

Amen.

Walked into the living room one day to see my 3 year old running a program on the windows log in screen! I've since looked it up, and it's possible. So much for my preconceptions.

Re:One Thing About Kids

possible? yes. Did your 3 year old that that? No, you're full of shit.

Re:One Thing About Kids

[jbeaupre]

Swear to God he had MS Word up and running on the login screen. Why and how, I have no idea. Just random banging on the keyboard probably.

Re:WTF

you mean the crazy evangelizing Christianity or computer security? LOL not hard to imagine how the former leads to the latter

Pee-Wee Herman?

[Chelloveck]

Did anyone else read that as "Ask Paul Reubens..."?

Re:Pee-Wee Herman?

No, it was just you.

Re:Pee-Wee Herman?

well.. it had "8 year old" in the title, so it was a valid link...

Security?

[MisterSquid]

Is security what you find most interesting in computing, or is there another area that interests you more? If security is what interests you most, what is it about security in particular you like?

I ask because it seems natural (as someone who was your age in the 1970s) that young people would either be interested in development programming (as I was) or games (which I sort of was).

(My apologies if you answered this in your talk, which I'm only just getting around to watching.)

What security problems do you notice?

Do you see lax security at school, for instance? When I was your age, Matthew Broderick was in two movies that taught me all I knew at the time about computer security. OK, so they're fictional, but have some interesting doses social engineering of a few different kinds:

- Ferris Bueller (how to bluff your way into a restaurant, for one thing), and, of course,
- War Games (weak password, in a known place, let David Lightman give himself As on the school's computerized grading system, and then various other strategems got him into NORAD, nearly caused World War III, etc).

What kind of things do you end up noticing at your school? If you were of the right bent, do you think you'd be able to change your grades without anything being the wiser, for instance?
 

Question for RAPstar

Reuben, have you ever said to your daddy, "there is no god, prove me wrong"? If not, you should.

Re:Question for RAPstar

Kid probably already is into some particular musician he thinks is "best", and so already knows when "prove it" is an inappropriate expectation.

Along with most everything he's taught in school. And most of your viewpoints. As you already knew when you made the suggestion.

What do you do with clueless grownups?

[MisterSquid]

Have you ever one-upped an adult who condescended to you or greatly underestimated your technical understanding? What happened?

Bullying?

[MisterSquid]

Have you ever been bullied by people your age and, if so, how did you deal with it? (If you don't mind, please share what the matter was.)

Why?

Why do you think anyone wants to watch an 8 year old read a powerpoint slide?

This kid is no more a security researcher than Mark Zuckerburg is a highly-skilled computer programmer. Reminds me of the stories lately on /. touting genius children inventing some novel scientific breakthrough.

US Government surveillance

[MisterSquid]

What are your thoughts about the US government's efforts (apocryphal and confirmed) to surveil nearly all Internet systems and traffic and how such efforts affect security?

Kids will be kids

[MisterSquid]

The whole domain of computer security is very serious and, well, I'm also wondering what kinds of things do you like to do that's just kid stuff that's not directly related to computing? You know, like riding a bicycle, going on hikes, playing tag (not trying to patronize as these are things I did when I was 8).

(This is the last question I will post in this thread. Thanks for considering.)

the best social engineers are not kids

Just people who are ignorant of the rules of the system and has some passion about it.

Kids are good at it cause they don;t understand the system--hence fit the above description to a great extent.

Now if you have a smart adult that fit the above, you have a genius... or an evil mastermind.

Question for RAPstar

Should really be "daddy, prove what you say is true".

Re:WTF

Are you disturbed that *every* parent essentially brainwashes their children to believe whatever they do? And if they don't, then someone else does? As a parent, I'd rather brainwash my child into what I believe, rather than allowing someone else to brainwash my child into what they believe.

Why aren't more kids interested? (Or are they?)

Not necessarily in Information Security, but why aren't more kids at your age interested in actually learning about how things work in the world around them? Or, to put it more positively, perhaps, what got *you* interested at such a young age, and how did you first start?

When I have kids, I'd like them to be smart but more importantly curious, and I'd like to know what factors helped spark this quality in you. Innate? Your parents? Your school?

Feel free to correct me if you think that I'm wrong to say that many kids do *not* seem very curious about how the world works; people do operate on different time scales ...

Curiosity

[Peter+(Professor)+Fo]

Hi! It's great you're curious and not afraid to (what other people would disparagingly call shoot your mouth off ) tell us about what you've found interesting. The world needs people who find the world interesting. Like Richard Feynman who was one of those ace boffins who found everything interesting and tried to make all of us interested in 'being interested'. (I particularly like the craft he used in his lecture 'cargo cult science' to draw us into his way of thinking.) But if I asked you, say, "What's interesting about bed' would you say nothing? There are dozens of questions to be asked, some of which may have been answered but it's the curious mind that wonders simple things like why are beds raised off the ground and what sort of bedclothes and why we might change into specialist nightwear? From what's the smallest uninteresting number to what's the economic impact of being able to identify a protozoa in the salivary glands of a particular species of mosquito we need inquisitive people without narrow vision. So here is my question. Are you a fanatical specialist or a sponge for all the world's knowledge?

Re:Why?

[Half-pint+HAL]

There is the issue of "learner mind": it's easier to imagine unorthodox situations and strategies before you're accustomed to the orthodoxy. Sadly, he seems a little over-coached, so seems to be trained in the orthodoxy.