WEBVTT 00:00:04.630 --> 00:00:06.990 JACK: [MUSIC] I went to Europe once, all by myself. 00:00:06.990 --> 00:00:11.400 I had to save up for like, a year to afford to go but once I got there, I had no money 00:00:11.400 --> 00:00:15.760 to do anything so I sometimes snuck into places. 00:00:15.760 --> 00:00:17.440 I won’t say specifics but I’ll give you some ideas. 00:00:17.440 --> 00:00:19.730 I snuck into a castle once. 00:00:19.730 --> 00:00:24.859 Yeah, my trick was to find the gift shop and see if the tours dumped out in the gift shop 00:00:24.859 --> 00:00:26.640 or something and sure enough, they did. 00:00:26.640 --> 00:00:28.660 So, I went in through the exit. 00:00:28.660 --> 00:00:30.279 The castle was pretty cool. 00:00:30.279 --> 00:00:35.350 I was able to scramble up long, twisting stairwells and get into higher floors and look at rooms 00:00:35.350 --> 00:00:36.810 and stuff. 00:00:36.810 --> 00:00:40.430 Eventually another tour came through and I just jumped in that and went back out. 00:00:40.430 --> 00:00:44.690 I had such little money on that trip; I remember once going to a hamburger stand and literally 00:00:44.690 --> 00:00:48.300 asking for half of a hamburger because I didn’t have enough for a whole one. 00:00:48.300 --> 00:00:53.090 The guy was flabbergasted but he was nice and gave me a hamburger with nothing extra 00:00:53.090 --> 00:00:56.800 on it, just plain, and told me I couldn’t even use any ketchup. 00:00:56.800 --> 00:01:01.079 Another time I remember going on a train with no ticket and just hiding in the bathroom 00:01:01.079 --> 00:01:04.739 the whole trip. 00:01:04.739 --> 00:01:08.090 When the train stopped at my station, I just ran off real quick. 00:01:08.090 --> 00:01:10.260 But ah, I miss traveling. 00:01:10.260 --> 00:01:11.440 You ready to take some trips again? 00:01:11.440 --> 00:01:15.580 I think we’re all itching to go on vacation when life returns to normal. 00:01:15.580 --> 00:01:17.130 But don’t take off just yet. 00:01:17.130 --> 00:01:19.180 In this episode, I have two stories for you. 00:01:19.180 --> 00:01:24.290 The first one is about an airplane boarding pass and the second is some travel hacks that 00:01:24.290 --> 00:01:26.420 you’re just not gonna believe. 00:01:26.420 --> 00:01:34.400 (INTRO): [INTRO MUSIC] These are true stories from the dark side of the internet. 00:01:34.400 --> 00:01:39.650 I’m Jack Rhysider. 00:01:39.650 --> 00:01:43.780 This is Darknet Diaries. 00:01:43.780 --> 00:01:52.730 [INTRO MUSIC ENDS] 00:01:52.730 --> 00:02:00.510 JACK: For this story, I’m talking with a person whose hacker name is “Alex”. 00:02:00.510 --> 00:02:05.020 ALEX: Do you want to hear the story of why they call me “Alex” with the quotes? 00:02:05.020 --> 00:02:06.020 JACK: Yeah. 00:02:06.020 --> 00:02:08.209 You always use it in double quotes there. 00:02:08.209 --> 00:02:09.460 ALEX: Yeah, it’s in double quotes. 00:02:09.460 --> 00:02:11.110 In fact, why is it in double quotes? 00:02:11.110 --> 00:02:12.260 Who does that? 00:02:12.260 --> 00:02:18.440 The answer is because when I wrote this blog post a few years ago, Vice Magazine, they 00:02:18.440 --> 00:02:22.570 read an article about my blog post where they referred to it and they said oh, according 00:02:22.570 --> 00:02:29.480 to a blog post written by a hacker who goes by the name “Alex” in double quotes, and 00:02:29.480 --> 00:02:30.480 that’s my real name. 00:02:30.480 --> 00:02:31.480 That’s not my hacker name. 00:02:31.480 --> 00:02:33.760 I just had my real name on the blog. 00:02:33.760 --> 00:02:38.140 They just said oh, that’s this hacker called “Alex”, and so that’s my hacker handle 00:02:38.140 --> 00:02:39.140 now, I guess. 00:02:39.140 --> 00:02:42.190 JACK: Okay, so their name is just Alex, and Alex lives in Australia. 00:02:42.190 --> 00:02:44.790 By trade, Alex works on the red team. 00:02:44.790 --> 00:02:49.500 ALEX: My job is to hack the places that I work exactly like a real attacker would, as 00:02:49.500 --> 00:02:54.300 realistically as possible but then instead of selling all the data on the dark web, we 00:02:54.300 --> 00:02:55.610 show them how we did it instead. 00:02:55.610 --> 00:03:00.790 Metaphorically, my job is to commit crimes and then write very, very detailed confession 00:03:00.790 --> 00:03:01.790 letters. 00:03:01.790 --> 00:03:04.660 JACK: Yes, but you’re not bringing me a red team story today. 00:03:04.660 --> 00:03:06.280 You’re bringing me a different story. 00:03:06.280 --> 00:03:07.280 ALEX: Nope. 00:03:07.280 --> 00:03:10.540 We’re just talking about a fun thing I love to do on the weekends, I guess. 00:03:10.540 --> 00:03:12.180 JACK: Alex has a blog. 00:03:12.180 --> 00:03:17.959 It’s called mango.pdf.zone where they document different things they’ve hacked. 00:03:17.959 --> 00:03:22.330 Like once, Alex got permission from a friend to hack into her stuff and so Alex went about 00:03:22.330 --> 00:03:24.470 doing that just to see if they could. 00:03:24.470 --> 00:03:27.769 It’s an amazing story which I learned a lot from. 00:03:27.769 --> 00:03:32.780 Then normally Alex gets permission from the person before trying to hack them. 00:03:32.780 --> 00:03:39.629 But one day Alex got a tip, a tip that asked if they could hack someone way outside of 00:03:39.629 --> 00:03:42.040 Alex’s friend group. 00:03:42.040 --> 00:03:47.250 [MUSIC] So, how did this all start? 00:03:47.250 --> 00:03:54.939 ALEX: It all started one Sunday afternoon when I was sitting at home at my desk, drinking 00:03:54.939 --> 00:03:59.530 from my water bottle in a way that did not possess any intent to subvert the commonwealth 00:03:59.530 --> 00:04:01.709 of Australia, where I live. 00:04:01.709 --> 00:04:06.599 Suddenly, my – I got this message in the group chat. 00:04:06.599 --> 00:04:09.790 The message just said @Alex, can you hack this man? 00:04:09.790 --> 00:04:15.180 It was a link to an Instagram post by former prime minister of Australia, Tony Abbott. 00:04:15.180 --> 00:04:18.380 JACK: Well, that’s quite the audacious challenge, isn’t it? 00:04:18.380 --> 00:04:22.560 To hack the former head of state of the country where Alex lives in? 00:04:22.560 --> 00:04:28.370 But this was not for some political agenda or even to get even with former PM Tony Abbott. 00:04:28.370 --> 00:04:31.350 No, it was much smaller than that. 00:04:31.350 --> 00:04:38.060 Tony Abbott is on Instagram and he just posted something that was very interesting to Alex. 00:04:38.060 --> 00:04:43.280 ALEX: Months before this, I was talking to people about boarding passes and saying yeah, 00:04:43.280 --> 00:04:45.449 people post their boarding pass online all the time. 00:04:45.449 --> 00:04:48.970 They just post it on Instagram saying ‘going on holiday; check it out.’ 00:04:48.970 --> 00:04:54.570 But they don’t realize that their boarding pass can be used for bad identity fraud somehow, 00:04:54.570 --> 00:04:58.380 so some hacker is just browsing #boardingpass on Instagram, being like yum, yum. 00:04:58.380 --> 00:05:03.720 JACK: That’s exactly what Tony Abbott [00:05:00] just posted on Instagram; a picture of his 00:05:03.720 --> 00:05:04.870 boarding pass. 00:05:04.870 --> 00:05:06.720 I don’t know why. 00:05:06.720 --> 00:05:10.570 I guess he was just showing off for the gram that he’s traveling around or something. 00:05:10.570 --> 00:05:11.730 But it doesn’t matter. 00:05:11.730 --> 00:05:15.800 What does matter is Alex was telling people that this is a bad thing to do. 00:05:15.800 --> 00:05:18.509 But can Alex prove why this is bad? 00:05:18.509 --> 00:05:22.800 ALEX: The post was a picture of his boarding pass for a flight and he’s like, taking 00:05:22.800 --> 00:05:24.180 a picture of the boarding pass. 00:05:24.180 --> 00:05:25.330 It’s kind of in his lap. 00:05:25.330 --> 00:05:27.280 He’s sitting in the plane and it’s just a photo of the boarding pass. 00:05:27.280 --> 00:05:29.440 It’s just showing that hey, I’m on a plane. 00:05:29.440 --> 00:05:31.980 The caption is something like ‘I’m coming back to Australia. 00:05:31.980 --> 00:05:32.980 Hello,’ or something. 00:05:32.980 --> 00:05:36.650 JACK: Okay, so the first thing that comes to mind for me is that if you post your boarding 00:05:36.650 --> 00:05:41.240 pass, people immediately know you’re not home and might take that opportunity to break 00:05:41.240 --> 00:05:42.960 into your home and rob you. 00:05:42.960 --> 00:05:47.400 So, that’s one thing and that’s a big thing, but is anything really bad about showing 00:05:47.400 --> 00:05:50.490 the world what flight and seat you’re gonna be on? 00:05:50.490 --> 00:05:55.390 I mean, it’s not like he’s posting his credit card or even passport which has details 00:05:55.390 --> 00:05:57.110 that he doesn’t want people seeing. 00:05:57.110 --> 00:06:01.780 So, Alex was curious exactly what information is contained on a boarding pass. 00:06:01.780 --> 00:06:04.680 ALEX: When you get a boarding pass from an airline or when I have at least, they don’t 00:06:04.680 --> 00:06:06.620 really tell you that it’s secret, right? 00:06:06.620 --> 00:06:11.110 When you type the booking reference into a website, it doesn’t come up as dots like 00:06:11.110 --> 00:06:12.110 a password. 00:06:12.110 --> 00:06:14.370 You can just type it in and you can see it as you’re typing. 00:06:14.370 --> 00:06:17.330 That’s sort of what people have learned means oh, okay, that means it’s not secret. 00:06:17.330 --> 00:06:18.729 But actually, it is secret. 00:06:18.729 --> 00:06:23.979 So, I think the messaging from the airlines is a bit confusing as to whether your boarding 00:06:23.979 --> 00:06:26.099 pass/booking reference is meant to be secret or not. 00:06:26.099 --> 00:06:30.580 JACK: So, that was the situation when Alex received this text asking if Alex can hack 00:06:30.580 --> 00:06:32.000 the former PM. 00:06:32.000 --> 00:06:36.680 Alex knew that this boarding pass contains sensitive information but did they really 00:06:36.680 --> 00:06:40.330 know how to get that or what someone could do with that? 00:06:40.330 --> 00:06:47.220 So, Alex took on the challenge of hacking the former PM Tony Abbott’s boarding pass 00:06:47.220 --> 00:06:49.460 to try to figure it out for themself. 00:06:49.460 --> 00:06:51.840 ALEX: [MUSIC] I was curious. 00:06:51.840 --> 00:06:58.509 I kind of just wondered oh, this famous person has done this thing that could be bad or dangerous. 00:06:58.509 --> 00:07:00.509 Is it? Is it dangerous? 00:07:00.509 --> 00:07:01.509 How bad is it? 00:07:01.509 --> 00:07:02.509 What has happened? 00:07:02.509 --> 00:07:03.509 I didn’t know. 00:07:03.509 --> 00:07:07.460 I didn’t even know anything about what you’re meant to do with a boarding pass but I wanted 00:07:07.460 --> 00:07:08.860 to find out. 00:07:08.860 --> 00:07:15.220 JACK: So, Alex who has training and experience as a red teamer and security incident responder 00:07:15.220 --> 00:07:18.440 began to figure out what they could do with this photo. 00:07:18.440 --> 00:07:21.289 What’s the tool you used to get started hacking this boarding pass? 00:07:21.289 --> 00:07:26.729 ALEX: Oh, I tried to use the most elite hacker tool I know, so I opened up Google Chrome 00:07:26.729 --> 00:07:29.860 and just started typing in the bar at the top that Googles things. 00:07:29.860 --> 00:07:33.550 JACK: Yeah, it’s true; Google has probably helped more hackers than any other tool in 00:07:33.550 --> 00:07:34.550 history. 00:07:34.550 --> 00:07:36.740 ALEX: I knew there was something bad about posting your boarding pass and I knew that 00:07:36.740 --> 00:07:40.819 something bad could happen if someone else had it but I had never done it before and 00:07:40.819 --> 00:07:44.280 I didn’t know where am I supposed to look, which information is the secret, important 00:07:44.280 --> 00:07:45.280 information. 00:07:45.280 --> 00:07:46.280 I don’t know. 00:07:46.280 --> 00:07:49.300 JACK: After some Googling, Alex found out that their first target should be the bar 00:07:49.300 --> 00:07:51.069 code on the boarding pass. 00:07:51.069 --> 00:07:56.639 This bar code contains all the important information for a person’s flight, including the booking 00:07:56.639 --> 00:08:00.070 reference number that Alex needed to gain access to Abbott’s account. 00:08:00.070 --> 00:08:04.530 ALEX: I tried to scan the bar code just using a bar code scanner app on my phone but it 00:08:04.530 --> 00:08:05.530 didn’t work. 00:08:05.530 --> 00:08:07.500 I thought oh, okay, maybe it’s too blurry. 00:08:07.500 --> 00:08:10.740 So, I tried making the picture bigger but then it still didn’t scan. 00:08:10.740 --> 00:08:15.300 Okay, so I went into Photoshop and tried to turn up the contrast and make the little bars 00:08:15.300 --> 00:08:18.790 more obvious so that the app could pick it up but it still wasn’t scanning the bar 00:08:18.790 --> 00:08:19.790 code. 00:08:19.790 --> 00:08:22.690 I spent a long time, like maybe fifteen minutes looking at this image, trying to fix the bar 00:08:22.690 --> 00:08:23.690 code. 00:08:23.690 --> 00:08:30.020 Then after that time, I noticed that the booking reference is also just printed on the baggage 00:08:30.020 --> 00:08:31.020 receipt in text. 00:08:31.020 --> 00:08:35.409 You could just read it with your eyes; you don’t need the bar code scanner app at all. 00:08:35.409 --> 00:08:42.140 I was like wow, I graduated university but it did not prepare me for this moment. 00:08:42.140 --> 00:08:44.570 JACK: Okay, so the bar code wasn’t even needed here. 00:08:44.570 --> 00:08:48.960 The airline just printed the booking reference number right on the ticket in plain text. 00:08:48.960 --> 00:08:52.220 Once they realized that, Alex went to the airline’s website to see what access this 00:08:52.220 --> 00:08:53.290 gets you. 00:08:53.290 --> 00:08:59.260 ALEX: [MUSIC] So, I went to the Qantas website – that’s the airline – and I went to 00:08:59.260 --> 00:09:02.350 the Manage Booking page where you log in with your booking. 00:09:02.350 --> 00:09:04.769 There’s two things you need to manage a flight booking. 00:09:04.769 --> 00:09:10.160 The first one is the booking reference which I just got and the second one is your last 00:09:10.160 --> 00:09:11.160 name. 00:09:11.160 --> 00:09:13.779 I knew the last name; it was Abbott. 00:09:13.779 --> 00:09:15.600 It was also printed on the boarding pass. 00:09:15.600 --> 00:09:20.339 JACK: So, taking these two pieces of information that Tony Abbott just posted to his Instagram 00:09:20.339 --> 00:09:24.510 account, Alex tries to log in to the airline’s website with these details. 00:09:24.510 --> 00:09:28.529 ALEX: I was kind of hoping that the second thing you need would be a password or something 00:09:28.529 --> 00:09:33.820 more secret, but then I realized that the booking reference is the password. 00:09:33.820 --> 00:09:35.399 I was like, okay. 00:09:35.399 --> 00:09:39.610 JACK: Yeah, it turns out that’s all you need to log into the site with. 00:09:39.610 --> 00:09:43.240 ALEX: So, I typed in the booking reference and last name and just clicked Log In. 00:09:43.240 --> 00:09:44.660 I haven’t done any hacking here. 00:09:44.660 --> 00:09:47.970 I’ve just read a six-digit code and typed it in. 00:09:47.970 --> 00:09:52.339 Then when I hit Log In, it was like hello, Mr. Abbott. 00:09:52.339 --> 00:09:54.110 Welcome to your flight and stuff. 00:09:54.110 --> 00:09:55.339 Here’s all your flight details. 00:09:55.339 --> 00:09:56.970 I was like, oh. 00:09:56.970 --> 00:10:02.589 JACK: Alex was now logged into Qantas Airline’s [00:10:00] website as the former Australian 00:10:02.589 --> 00:10:07.279 Prime Minister Tony Abbott without his permission. 00:10:07.279 --> 00:10:12.950 This felt illegal but at the same time, they just entered in some basic information that 00:10:12.950 --> 00:10:15.360 Abbott himself posted publicly on Instagram. 00:10:15.360 --> 00:10:19.760 I’m not even sure if this is classified as logging into a website. 00:10:19.760 --> 00:10:23.140 Like Alex was saying, they don’t obscure the booking reference when you’re typing 00:10:23.140 --> 00:10:25.790 it in, so it doesn’t feel like a password. 00:10:25.790 --> 00:10:28.190 Then it’s printed right there on your boarding pass. 00:10:28.190 --> 00:10:31.890 So yeah, airlines just don’t seem to be treating this as sensitive information. 00:10:31.890 --> 00:10:35.480 Like, airlines aren’t telling you to keep this secret and to not share it with others. 00:10:35.480 --> 00:10:39.540 This isn’t an area of their website where you can do much, especially after the flight 00:10:39.540 --> 00:10:40.540 has taken off. 00:10:40.540 --> 00:10:42.990 You can’t buy tickets or make reservations here. 00:10:42.990 --> 00:10:45.240 No, it’s just there to check your flight status. 00:10:45.240 --> 00:10:51.130 Yeah, it’s a gray area on whether this is a super-private area of the website or if 00:10:51.130 --> 00:10:54.350 it’s just security through obscurity kind of thing. 00:10:54.350 --> 00:10:58.389 But Alex was in there now and was looking around to see what was there. 00:10:58.389 --> 00:11:01.490 At first it didn’t look like there was anything important. 00:11:01.490 --> 00:11:05.269 The flight had already happened so it wasn’t like they could change the booking or anything 00:11:05.269 --> 00:11:09.639 and Alex could see that the flight was booked through a travel agency. 00:11:09.639 --> 00:11:12.920 Then Alex found Tony Abbott’s frequent flyer number. 00:11:12.920 --> 00:11:15.850 But what are you gonna do with that? 00:11:15.850 --> 00:11:20.131 This is not really a piece of identifying information and doesn’t do much, so even 00:11:20.131 --> 00:11:23.960 though Alex logged in, there really wasn’t anything on this website that would be a privacy 00:11:23.960 --> 00:11:26.110 problem or security concern. 00:11:26.110 --> 00:11:29.070 At this point, Alex was relieved to not have found anything. 00:11:29.070 --> 00:11:31.000 But what else could there be? 00:11:31.000 --> 00:11:34.380 ALEX: I wasn’t gonna give up just because there was nothing that I could see on the 00:11:34.380 --> 00:11:35.380 web page. 00:11:35.380 --> 00:11:37.430 I’m not gonna stop just ‘cause a web page says we’re done. 00:11:37.430 --> 00:11:42.079 JACK: Oh yeah, that’s right, ‘cause you’re a red teamer and you have access to the elite 00:11:42.079 --> 00:11:47.180 hacking tools such as Kali Linux, and you probably got an old back track hanging out 00:11:47.180 --> 00:11:48.180 somewhere. 00:11:48.180 --> 00:11:50.540 ALEX: Jack, you can’t say that to me. 00:11:50.540 --> 00:11:55.769 JACK: Alex wanted to analyze the website further and look for any hidden data that might be 00:11:55.769 --> 00:11:57.330 obscured somewhere. 00:11:57.330 --> 00:12:01.050 Maybe there’s secret information buried somewhere on the website and you need a super-special 00:12:01.050 --> 00:12:02.240 hacker tool to see it. 00:12:02.240 --> 00:12:08.500 ALEX: Then I used the only hacker tool I know which is to right click on a page and then 00:12:08.500 --> 00:12:12.779 click Inspect or Inspect Element. 00:12:12.779 --> 00:12:14.970 That opens up the page source of the page. 00:12:14.970 --> 00:12:17.899 It shows you the HTML of the page. 00:12:17.899 --> 00:12:22.310 Listen, somebody might one day try and tell you that this is hacking or this is an advanced 00:12:22.310 --> 00:12:23.310 computer skill. 00:12:23.310 --> 00:12:24.500 It’s definitely not. 00:12:24.500 --> 00:12:25.600 Anyone can do this. 00:12:25.600 --> 00:12:29.630 This is a tool that programmers use to try and understand websites. 00:12:29.630 --> 00:12:31.200 It’s not made for hacking. 00:12:31.200 --> 00:12:33.389 This is not an advanced, elite hacking tool. 00:12:33.389 --> 00:12:34.389 Anyone can do it. 00:12:34.389 --> 00:12:35.389 I hope that’s clear. 00:12:35.389 --> 00:12:38.000 JACK: So you’re saying right click, View Source is not illegal. 00:12:38.000 --> 00:12:41.149 ALEX: I’m not a lawyer but I’m confident on that one. 00:12:41.149 --> 00:12:46.020 JACK: Yeah, so the way a website works is your browser asks the web server for the information 00:12:46.020 --> 00:12:47.020 on the site. 00:12:47.020 --> 00:12:50.459 The web server sends the data over formatted in HTML. 00:12:50.459 --> 00:12:54.010 Now it’s just a matter for the browser to format and display the website. 00:12:54.010 --> 00:12:59.149 But yeah, in order for the browser to know what to display, it must have that HTML. 00:12:59.149 --> 00:13:04.010 Since the dawn of browsers, you were always able to right click on any website and then 00:13:04.010 --> 00:13:07.250 click View Source and see the raw HTML. 00:13:07.250 --> 00:13:13.100 It’s not illegal to view source because every website you ever visited ever, the browser 00:13:13.100 --> 00:13:15.420 is viewing the source for you. 00:13:15.420 --> 00:13:19.649 But the reason why Alex did this is because sometimes there’s extra bits of information 00:13:19.649 --> 00:13:24.029 that might not be displayed in the browser but it is there in the HTML. 00:13:24.029 --> 00:13:29.399 ALEX: When I started looking at the page source, I was like okay, yep, this is a web page, 00:13:29.399 --> 00:13:32.089 and so I kind of scrolled around ‘cause I didn’t know what I was looking for. 00:13:32.089 --> 00:13:36.160 I was just kind of wondering if there was more stuff in there. 00:13:36.160 --> 00:13:41.480 Then eventually after scrolling around I noticed there was this big section of JSON, this big 00:13:41.480 --> 00:13:46.079 section of data just in the page which is – I mean, sometimes that happens in web 00:13:46.079 --> 00:13:49.829 pages but it’s kind of strange for the page to have a whole bunch of extra data in there 00:13:49.829 --> 00:13:51.030 that it’s not showing. 00:13:51.030 --> 00:13:53.980 JACK: JSON data is just another way to format data. 00:13:53.980 --> 00:13:58.160 It works particularly good for web browsers to parse it and read it, and Alex said this 00:13:58.160 --> 00:14:03.520 chunk of data was just a little too big for them to look at and understand; long lines 00:14:03.520 --> 00:14:05.500 of text and data and numbers. 00:14:05.500 --> 00:14:07.959 It’s not encrypted; it’s just hard to read. 00:14:07.959 --> 00:14:12.070 ALEX: I realized that I wasn’t gonna find the passport number or anything like that 00:14:12.070 --> 00:14:18.470 by just rummaging around in the HTML ball pit, so eventually I just searched for ‘passport’ 00:14:18.470 --> 00:14:20.570 in the page. 00:14:20.570 --> 00:14:25.290 [MUSIC] One of them was this thing called Passport and it had a thing called Date of 00:14:25.290 --> 00:14:27.449 Birth and it had a thing called Document Number. 00:14:27.449 --> 00:14:30.410 The Document Number sure looked like a passport number. 00:14:30.410 --> 00:14:34.070 Then I sort of looked at the birthday and it was the same birthday that Tony Abbott 00:14:34.070 --> 00:14:35.500 had when I looked him up on Wikipedia. 00:14:35.500 --> 00:14:37.970 I was like, oh no. 00:14:37.970 --> 00:14:39.449 It’s just there. 00:14:39.449 --> 00:14:41.880 It’s just in the page. 00:14:41.880 --> 00:14:47.350 At that point, I was fairly sure I was looking at the extremely secret government-issued 00:14:47.350 --> 00:14:53.790 ID of the former prime minister of Australia and former servant to Queen Elizabeth and 00:14:53.790 --> 00:15:00.660 I was kind of worried that maybe I was doing something wrong somehow, but not enough to 00:15:00.660 --> 00:15:02.709 stop [00:15:00] looking. 00:15:02.709 --> 00:15:07.480 JACK: This, I would say, is a privacy problem. 00:15:07.480 --> 00:15:12.009 By posting your boarding pass, someone can use that information to log into the airline’s 00:15:12.009 --> 00:15:17.550 website and click View Source and see your birth date, passport number, frequent flyer 00:15:17.550 --> 00:15:19.730 number, and flight details. 00:15:19.730 --> 00:15:22.970 With this information, a bad actor could do some nasty stuff. 00:15:22.970 --> 00:15:25.790 You don’t want to be just telling the world what your passport number is. 00:15:25.790 --> 00:15:31.850 Somewhere in here, Alex dubbed this the Do Not Get Arrested Challenge of 2020 because 00:15:31.850 --> 00:15:35.560 this felt wrong but where was the line? 00:15:35.560 --> 00:15:37.190 Alex wasn’t sure. 00:15:37.190 --> 00:15:42.589 So, at this point, I mean what’s the nerves feel like for you? 00:15:42.589 --> 00:15:47.861 ALEX: At this point I was like hah, I think I have the former prime minister’s passport 00:15:47.861 --> 00:15:49.260 number. 00:15:49.260 --> 00:15:56.420 I was thinking oh boy, oh jeez, because for all I know, other people are looking at this 00:15:56.420 --> 00:15:57.850 page at the same time as me. 00:15:57.850 --> 00:16:00.350 There’s no guarantee that I’m the only one here. 00:16:00.350 --> 00:16:04.920 So, this is basically public, this passport number, and so I was thinking okay, I better 00:16:04.920 --> 00:16:09.759 get someone somehow to reset his passport number like you reset a password. 00:16:09.759 --> 00:16:11.769 Can you even reset a passport number? 00:16:11.769 --> 00:16:16.790 Then I was thinking, this all seems okay but is it possible that I’ve done a crime? 00:16:16.790 --> 00:16:21.199 After I found the passport number, I was wondering well, is there anything else in this page 00:16:21.199 --> 00:16:22.430 or is it just the passport number? 00:16:22.430 --> 00:16:27.569 So, I wondered if there was a phone number, so I searched for phone and number and things 00:16:27.569 --> 00:16:29.330 like that but nothing came up. 00:16:29.330 --> 00:16:34.490 But then I, in an extremely big-brain move, searched for 614 which is the first three 00:16:34.490 --> 00:16:37.250 digits of an Australian format phone number. 00:16:37.250 --> 00:16:42.380 [MUSIC] That led me to this really weird section of text in the page. 00:16:42.380 --> 00:16:48.140 There was a phone number that was enough digits beginning with 614, but it didn’t just say 00:16:48.140 --> 00:16:50.019 like, phone number equals this. 00:16:50.019 --> 00:16:55.430 It had all this strange uppercase, all caps spaghetti airline code. 00:16:55.430 --> 00:17:03.620 Like, the phone number said all caps CTCM SPACE QF SPACE HK1 SPACE and then the phone 00:17:03.620 --> 00:17:04.620 number. 00:17:04.620 --> 00:17:08.870 There was all this other weird uppercase stuff all over the place. 00:17:08.870 --> 00:17:13.580 JACK: It turned out that Alex had found a section of the code called SSR for Special 00:17:13.580 --> 00:17:15.150 Service Request. 00:17:15.150 --> 00:17:19.339 This is a special airline language that’s code for things like whether or not this passenger 00:17:19.339 --> 00:17:23.230 wants a vegetarian meal or the passenger is an unaccompanied minor. 00:17:23.230 --> 00:17:28.760 In Tony Abbott’s SSR, Alex could see notes left by the airline and one of the notes started 00:17:28.760 --> 00:17:31.410 with the code CTCM. 00:17:31.410 --> 00:17:35.520 When Alex looked up what CTCM meant, it was a note that contained the passenger’s phone 00:17:35.520 --> 00:17:36.520 number. 00:17:36.520 --> 00:17:39.990 This is so if the airlines need to text you about delays or whatever. 00:17:39.990 --> 00:17:44.650 At this point, Alex thought they’re now looking at Tony Abbott’s phone number. 00:17:44.650 --> 00:17:47.539 This was about the point where Alex knew they needed some help. 00:17:47.539 --> 00:17:52.200 After all, this was the Do Not Get Arrested Challenge of 2020, so Alex reached out to 00:17:52.200 --> 00:17:56.030 the Australian Free Government Legal Aid Hotline. 00:17:56.030 --> 00:17:59.770 But whoever answered the phone, they just didn’t know enough about computers to be 00:17:59.770 --> 00:18:01.280 able to help Alex with this. 00:18:01.280 --> 00:18:06.690 ALEX: I didn’t think that anything I had done sounded like a crime but I understood 00:18:06.690 --> 00:18:13.880 that sometimes when the other person is famous or something, that things can suddenly become 00:18:13.880 --> 00:18:14.919 a crime. 00:18:14.919 --> 00:18:18.159 So, I was like well, what if it’s the former prime minister? 00:18:18.159 --> 00:18:19.159 Is it illegal to do this? 00:18:19.159 --> 00:18:20.159 I don’t know. 00:18:20.159 --> 00:18:24.380 I don’t know the laws, so I should probably try and find an adult who can tell me how 00:18:24.380 --> 00:18:25.380 it all works. 00:18:25.380 --> 00:18:29.179 JACK: When the free telephone lawyer told Alex they didn’t know, Alex went looking 00:18:29.179 --> 00:18:32.679 for themself to understand if they had committed any crimes. 00:18:32.679 --> 00:18:35.620 ALEX: I was kind of just Googling it, being like hey, what are the laws? 00:18:35.620 --> 00:18:36.620 Can I read them? 00:18:36.620 --> 00:18:37.830 It turns out there is. 00:18:37.830 --> 00:18:42.650 There’s this thing called the Legislation and it’s just the laws written down. 00:18:42.650 --> 00:18:47.549 I had no problem scrolling through and reading all the HTML of that page, but whoever wrote 00:18:47.549 --> 00:18:49.169 the legislation was just making up words. 00:18:49.169 --> 00:18:55.380 There was just so many complicated words and it’s so not obvious what they mean. 00:18:55.380 --> 00:19:00.780 But I was eventually able to divine from the Times New Roman tea leaves that having the 00:19:00.780 --> 00:19:02.950 passport number shouldn’t be a crime. 00:19:02.950 --> 00:19:04.010 That seems fine. 00:19:04.010 --> 00:19:08.059 I was worried about defamation which is where you publish it and it makes someone look bad, 00:19:08.059 --> 00:19:13.110 but I realized that in the laws it says that it’s not defamation if it’s true. 00:19:13.110 --> 00:19:16.159 So, just publishing that it’s a true story, that’s okay. 00:19:16.159 --> 00:19:20.250 But then the laws that I read that were about computers were like, it’s illegal to do 00:19:20.250 --> 00:19:21.390 anything with a computer. 00:19:21.390 --> 00:19:23.850 If you ever log in to a computer, that’s a crime. 00:19:23.850 --> 00:19:26.500 So, I was like oh, okay, I should ask a lawyer about this. 00:19:26.500 --> 00:19:28.900 JACK: Okay, let’s take a moment to gather ourselves here. 00:19:28.900 --> 00:19:32.980 Alex’s whole goal in doing this was to show their friends that they should not be posting 00:19:32.980 --> 00:19:37.870 photos of their boarding pass on Instagram and now Alex has this really cool story about 00:19:37.870 --> 00:19:42.190 how the former PM posted his boarding pass and how Alex was able to easily get all kinds 00:19:42.190 --> 00:19:44.570 of private information just from that. 00:19:44.570 --> 00:19:48.120 Alex wants to blog about this or at least be able to show this to their friends. 00:19:48.120 --> 00:19:52.580 ALEX: My end goal was to publish a blog post about all this and also fix the problem. 00:19:52.580 --> 00:19:54.930 So, step one was to figure out whether I’ve done a crime. 00:19:54.930 --> 00:20:01.159 [MUSIC] Step two was to notify somebody that this happened so they can fix it and notify 00:20:01.159 --> 00:20:03.190 someone that the passport [00:20:00] number got made public. 00:20:03.190 --> 00:20:04.460 Maybe Tony Abbott, maybe the government. 00:20:04.460 --> 00:20:08.659 Step three was to get permission to publish that blog post about it and step four was 00:20:08.659 --> 00:20:14.290 to tell the airline, tell Qantas that – about the fact that all this information was just 00:20:14.290 --> 00:20:15.700 in the page so they can fix it. 00:20:15.700 --> 00:20:19.140 JACK: At this point in the story, Alex’s interpretation of the law puts them on the 00:20:19.140 --> 00:20:20.140 safe side. 00:20:20.140 --> 00:20:24.180 But is Alex’s interpretation actually good enough to stay out of jail? 00:20:24.180 --> 00:20:28.360 Interpreting the law is very tricky, so they continued calling lawyers and seeking help 00:20:28.360 --> 00:20:33.140 to get some answers which was not so easy because they didn’t want to admit anything. 00:20:33.140 --> 00:20:37.820 Alex just wanted to know hypothetically if somebody did do this, would it be illegal? 00:20:37.820 --> 00:20:42.600 Eventually Alex heard enough people say it’s probably safe and Alex was feeling confident 00:20:42.600 --> 00:20:43.600 enough. 00:20:43.600 --> 00:20:47.850 But I want to emphasize something here; Alex’s motives mattered on whether or not this was 00:20:47.850 --> 00:20:48.940 illegal. 00:20:48.940 --> 00:20:54.070 This was done for research and to do responsible disclosure so even though this was legal for 00:20:54.070 --> 00:20:59.140 Alex to do, it probably wouldn’t be legal for a criminal to do the same thing but with 00:20:59.140 --> 00:21:02.669 the intention of doing some kind of malicious activity. 00:21:02.669 --> 00:21:06.799 Step two was to notify Tony Abbott that his personal information might have been seen 00:21:06.799 --> 00:21:08.020 by other people. 00:21:08.020 --> 00:21:12.000 That should be easy enough; I mean, his personal number was just one of the things that Alex 00:21:12.000 --> 00:21:13.330 found in the HTML. 00:21:13.330 --> 00:21:16.530 Plus, he obviously was on Instagram since he posts photos there. 00:21:16.530 --> 00:21:21.450 So, Alex could just call Tony Abbott’s cell phone directly to report this or send him 00:21:21.450 --> 00:21:22.450 a DM on Insta. 00:21:22.450 --> 00:21:23.760 But what are you gonna say? 00:21:23.760 --> 00:21:25.840 Uh, hi, Mr. Abbott? 00:21:25.840 --> 00:21:28.059 I hacked your boarding pass. 00:21:28.059 --> 00:21:31.720 ALEX: That’s the other thing, is that I wanted to be really careful about the way 00:21:31.720 --> 00:21:37.480 I reported it or communicated it because it’s – there sometimes is this yikes thing that 00:21:37.480 --> 00:21:38.480 happens. 00:21:38.480 --> 00:21:41.429 I’m sure you’ve seen where someone’s trying to be responsible and report a security 00:21:41.429 --> 00:21:45.270 problem and help the person fix it but the people misunderstand and they think that you’re 00:21:45.270 --> 00:21:48.520 trying to hack them or ransom them or something and they get really mad. 00:21:48.520 --> 00:21:50.230 I didn’t want to play that game. 00:21:50.230 --> 00:21:54.549 JACK: Okay, so, no, Alex didn’t want to just DM Tony Abbott about his passport but 00:21:54.549 --> 00:21:57.980 Abbott left office in 2015 so now Alex had a new challenge. 00:21:57.980 --> 00:22:02.289 Who in the government do you call to leave a message for the former prime minister? 00:22:02.289 --> 00:22:04.980 Alex reached out to some friends to see if they had any advice. 00:22:04.980 --> 00:22:08.440 At first there was nothing but then one friend had an idea. 00:22:08.440 --> 00:22:12.980 ALEX: One of my hacker friends told me to call 1300 CYBER1. 00:22:12.980 --> 00:22:17.309 JACK: [MUSIC] 1300 CYBER1. 00:22:17.309 --> 00:22:19.910 ALEX: I was like, excuse me? 00:22:19.910 --> 00:22:20.910 That’s not real. 00:22:20.910 --> 00:22:21.910 You can’t be serious. 00:22:21.910 --> 00:22:22.910 You can’t say that. 00:22:22.910 --> 00:22:26.930 But apparently that’s the Australian phone number to call Cyber or something. 00:22:26.930 --> 00:22:30.679 I’m not really sure but you know I called that number. 00:22:30.679 --> 00:22:32.049 JACK: You called Cyber? 00:22:32.049 --> 00:22:36.890 ALEX: I instantly dialed 1300 CYBER1 and the person on the other end was like, hello? 00:22:36.890 --> 00:22:38.780 I was like, incredible. 00:22:38.780 --> 00:22:40.380 It’s real. 00:22:40.380 --> 00:22:44.730 I vaguely explained what was going on and they said oh yeah, no worries. 00:22:44.730 --> 00:22:48.250 Here’s this e-mail address where you can report this to ASD. 00:22:48.250 --> 00:22:50.520 ASD is the Australian Signals Directorate. 00:22:50.520 --> 00:22:53.770 It’s like the Australian equivalent of NSA. 00:22:53.770 --> 00:22:57.580 JACK: Admitting all this to the Australian version of the NSA? 00:22:57.580 --> 00:23:04.580 That seemed a bit intense but apparently in Australia, that’s who you go to for stuff 00:23:04.580 --> 00:23:05.580 like this. 00:23:05.580 --> 00:23:10.369 ALEX: I wrote them an e-mail just like the person said and I said you know, hello, I 00:23:10.369 --> 00:23:13.060 found the former prime minister’s passport number. 00:23:13.060 --> 00:23:15.760 Here’s the last digit and stuff to prove that I found it. 00:23:15.760 --> 00:23:16.760 Let me know if I can help. 00:23:16.760 --> 00:23:18.470 Let me know if this is useful for you. 00:23:18.470 --> 00:23:22.169 They replied instantly which is great ‘cause no one else had been replying instantly. 00:23:22.169 --> 00:23:26.820 JACK: They replied right away and it was interesting because the e-mail’s subject said Security 00:23:26.820 --> 00:23:33.159 Level Sensitive which is some kind of security rating the ASD assigned to the e-mail which 00:23:33.159 --> 00:23:34.159 was pretty interesting to Alex. 00:23:34.159 --> 00:23:36.510 ALEX: I knew that I had made it to the big time. 00:23:36.510 --> 00:23:40.400 JACK: In their reply that ASD asked for more information from Alex. 00:23:40.400 --> 00:23:44.000 Once Alex gave it to them, Alex says they basically told them alright, thanks for the 00:23:44.000 --> 00:23:45.000 help, kid. 00:23:45.000 --> 00:23:46.000 We’ll take it from here. 00:23:46.000 --> 00:23:50.600 So, that seemed like it was the right thing to do and at least security would be addressing 00:23:50.600 --> 00:23:52.510 something with the former prime minister. 00:23:52.510 --> 00:23:56.900 Like, maybe someone was calling him right now saying take those images down from Instagram. 00:23:56.900 --> 00:24:00.660 But next, Alex wanted to let Qantas know about this vulnerability on their website. 00:24:00.660 --> 00:24:05.550 ALEX: I wanted to tell them hey, inside the page source of the Manage Booking page is 00:24:05.550 --> 00:24:08.981 – you send the passenger their own passport number and their own phone number and their 00:24:08.981 --> 00:24:11.600 own – whatever else is in that weird uppercase spaghetti. 00:24:11.600 --> 00:24:16.210 JACK: Alex found an e-mail for the security team at Qantas and told them about this vulnerability. 00:24:16.210 --> 00:24:21.320 Just like with ASD, Qantas sent them an e-mail that basically said thanks, we’re on it, 00:24:21.320 --> 00:24:22.679 and then radio silence. 00:24:22.679 --> 00:24:27.050 So, that’s two official bodies alerted and both times they said they would take it from 00:24:27.050 --> 00:24:28.050 there. 00:24:28.050 --> 00:24:30.549 So technically, Alex had done all they needed to do. 00:24:30.549 --> 00:24:35.059 But now, Alex wanted to get some kind of permission to be able to post this story on Alex’s 00:24:35.059 --> 00:24:36.059 blog. 00:24:36.059 --> 00:24:40.410 So, you wanted permission to post this and specifically you wanted permission to post 00:24:40.410 --> 00:24:45.140 hey, this is Tony Abbott’s, not just like, here’s what you can do with a boarding pass. 00:24:45.140 --> 00:24:48.870 ALEX: Yeah, I wanted to tell the whole story exactly as it happened to me without leaving 00:24:48.870 --> 00:24:50.080 out anything important. 00:24:50.080 --> 00:24:51.179 JACK: Why is this? 00:24:51.179 --> 00:24:52.770 ‘Cause I like this. 00:24:52.770 --> 00:24:57.580 I like it when people blog and stuff, so why is it important to you to publish this story? 00:24:57.580 --> 00:25:02.980 ALEX: Lots of reasons but firstly I love writing dumb blog posts where I [00:25:00] do stupid 00:25:02.980 --> 00:25:05.200 jokes and also try and say something meaningful. 00:25:05.200 --> 00:25:06.919 Love to do that. 00:25:06.919 --> 00:25:12.700 But I wanted to show all the details and how simple it was because I wanted everyone to 00:25:12.700 --> 00:25:14.020 feel like oh, I could do that. 00:25:14.020 --> 00:25:16.970 The idea is yeah, you absolutely could do this. 00:25:16.970 --> 00:25:18.500 I didn’t do anything special. 00:25:18.500 --> 00:25:19.970 Anyone could have done this. 00:25:19.970 --> 00:25:23.700 I wanted to show that oh, well, if it’s that easy for it to happen to somebody famous, 00:25:23.700 --> 00:25:24.840 then it could happen to anyone. 00:25:24.840 --> 00:25:27.190 JACK: Alex seems like a good person. 00:25:27.190 --> 00:25:31.610 They wanted to get that stamp of approval or at least let Tony Abbott know that his 00:25:31.610 --> 00:25:33.890 name was going to be attached to the story. 00:25:33.890 --> 00:25:35.360 But the only problem was… 00:25:35.360 --> 00:25:37.000 ALEX: I didn’t really know who I needed to get it from. 00:25:37.000 --> 00:25:38.740 I was like, from the government? 00:25:38.740 --> 00:25:41.669 From Tony Abbott’s – does he have a security team? 00:25:41.669 --> 00:25:42.669 I don’t know. 00:25:42.669 --> 00:25:43.669 Do I tell Tony Abbott himself? 00:25:43.669 --> 00:25:44.669 I didn’t know. 00:25:44.669 --> 00:25:45.669 JACK: Right. 00:25:45.669 --> 00:25:47.220 So, how did you go about trying to figure it out? 00:25:47.220 --> 00:25:50.460 ALEX: I spent a long time not finding anyone to talk to. 00:25:50.460 --> 00:25:55.159 I spent a long time not knowing how to contact his staff or who to contact, and a lot of 00:25:55.159 --> 00:25:59.279 time waiting for the government to reply to e-mails that they never would reply to and 00:25:59.279 --> 00:26:00.279 never did. 00:26:00.279 --> 00:26:04.909 But then one day, in a burst of motivation or something, I told a journalist friend about 00:26:04.909 --> 00:26:08.110 this and asked them if they knew how to – what I should do next. 00:26:08.110 --> 00:26:11.630 They had really, really good ideas ‘cause they’re a professional journalist. 00:26:11.630 --> 00:26:16.300 So, they said I should try and find his former staff from when he was the prime minister, 00:26:16.300 --> 00:26:22.080 so his former ministers and stuff, and contact their offices and see if they have his contact 00:26:22.080 --> 00:26:23.080 details. 00:26:23.080 --> 00:26:26.400 JACK: The logic here is that Alex didn’t want to call Tony Abbott directly. 00:26:26.400 --> 00:26:31.419 They wanted the office of Tony Abbott to let his people know about this because surely 00:26:31.419 --> 00:26:34.360 a former PM has people, right? 00:26:34.360 --> 00:26:39.580 Alex thought that the current administration might have connections to the former administration’s 00:26:39.580 --> 00:26:40.580 people. 00:26:40.580 --> 00:26:45.470 Alex went to Wikipedia and searched through Tony Abbott’s staff when he was in office. 00:26:45.470 --> 00:26:46.470 Minister of the Arts? 00:26:46.470 --> 00:26:47.600 No, he’s retired. 00:26:47.600 --> 00:26:48.600 Minister of Agriculture? 00:26:48.600 --> 00:26:50.480 No, he’s retired too. 00:26:50.480 --> 00:26:53.220 Eventually Alex noticed one name that did sound familiar. 00:26:53.220 --> 00:26:58.070 ALEX: One of his former ministers was Scott Morrison who is the current prime minister 00:26:58.070 --> 00:26:59.179 of Australia today. 00:26:59.179 --> 00:27:02.270 I was like oh, well, he definitely has an office. 00:27:02.270 --> 00:27:06.480 JACK: Calling the current prime minister’s office looking for the old prime minister; 00:27:06.480 --> 00:27:08.480 yeah, that sounds like a good plan to me. 00:27:08.480 --> 00:27:12.049 ALEX: I was like, hello? 00:27:12.049 --> 00:27:16.700 I was trying to explain that hi, I know that this is not Tony Abbott’s office but I was 00:27:16.700 --> 00:27:19.940 wondering if you had his contact details ‘cause I have this media inquiry which is what my 00:27:19.940 --> 00:27:21.279 journalist friend said to say. 00:27:21.279 --> 00:27:25.410 The person I was talking to interrupts and explained so, Tony Abbott isn’t the prime 00:27:25.410 --> 00:27:26.410 minister anymore. 00:27:26.410 --> 00:27:27.410 This is actually Scott Morrison’s office. 00:27:27.410 --> 00:27:28.410 I was like yeah, I know. 00:27:28.410 --> 00:27:31.279 Please, can you check if you have the contact details? 00:27:31.279 --> 00:27:35.940 She said that she wouldn’t have them and went to check for like a long time, like maybe 00:27:35.940 --> 00:27:38.080 fifteen, thirty seconds. 00:27:38.080 --> 00:27:42.320 Then after that time she was like oh, actually, I can give you Tony Abbott’s personal assistant’s 00:27:42.320 --> 00:27:43.320 mobile number. 00:27:43.320 --> 00:27:44.320 Is that good? 00:27:44.320 --> 00:27:45.900 I was like yes, that is extremely good. 00:27:45.900 --> 00:27:47.580 That’s what I’ve been looking for this whole time. 00:27:47.580 --> 00:27:48.580 Yes, thanks. 00:27:48.580 --> 00:27:51.380 JACK: Alex jots down the number, hangs up, and dials that number. 00:27:51.380 --> 00:27:54.880 ALEX: Then I called it right away and I – the person who answered, I was like hello, is 00:27:54.880 --> 00:27:56.840 this Tony Abbott’s personal assistant? 00:27:56.840 --> 00:28:01.970 The person was like no, actually, that’s not me but I am one of Tony Abbott’s staff. 00:28:01.970 --> 00:28:03.960 I was like, amazing, incredible. 00:28:03.960 --> 00:28:06.779 This is what I’ve been trying to find for months. 00:28:06.779 --> 00:28:10.380 I started explaining the thing that I’d rehearsed on the phone so many times, explaining 00:28:10.380 --> 00:28:12.799 the security issue and I want to report it. 00:28:12.799 --> 00:28:18.591 Halfway through, the person says sorry, who are you and what organization are you calling 00:28:18.591 --> 00:28:19.591 from? 00:28:19.591 --> 00:28:21.830 I was like oh, no, no, I’m just Alex. 00:28:21.830 --> 00:28:22.920 I’m just a person. 00:28:22.920 --> 00:28:24.270 I’m not calling from anywhere. 00:28:24.270 --> 00:28:25.620 I just found this thing. 00:28:25.620 --> 00:28:28.549 But they were understanding and they were like, I’ll have to call you back. 00:28:28.549 --> 00:28:33.299 JACK: It sounds straightforward but getting this far actually took a long time, like at 00:28:33.299 --> 00:28:37.600 least a month of trying to figure out someone close to Tony Abbott to explain the impact 00:28:37.600 --> 00:28:40.789 of posting his boarding pass on Instagram like that. 00:28:40.789 --> 00:28:42.429 This felt like major progress. 00:28:42.429 --> 00:28:46.020 ALEX: An hour later I get a call from another number that I don’t recognize and it’s 00:28:46.020 --> 00:28:49.130 a beautiful moment for me because he says [MUSIC] that he knows what I’m talking about. 00:28:49.130 --> 00:28:51.290 He’s like yes, I’ve seen the e-mails from ASD. 00:28:51.290 --> 00:28:55.169 I’m currently in the process of getting Tony Abbott a new passport number. 00:28:55.169 --> 00:28:56.169 It’s like, amazing. 00:28:56.169 --> 00:29:01.460 It’s so good for me to talk to someone who knows what I’m talking about. 00:29:01.460 --> 00:29:02.700 JACK: Wow, success. 00:29:02.700 --> 00:29:06.799 After all this time, Alex finally got confirmation that all those e-mails weren’t just going 00:29:06.799 --> 00:29:07.890 into the void. 00:29:07.890 --> 00:29:11.750 I didn’t even know you could get a new passport number but apparently that is a thing. 00:29:11.750 --> 00:29:14.700 Thanks to Alex, Tony Abbott was getting a new one. 00:29:14.700 --> 00:29:18.250 Alex said this phone conversation went on for a while, discussing things like how they 00:29:18.250 --> 00:29:21.600 found all this information on Tony Abbott and what kind of stuff Alex wants to put in 00:29:21.600 --> 00:29:22.600 the blog post. 00:29:22.600 --> 00:29:27.490 The assistant asked to see a draft of the blog before Alex posted it so they can review 00:29:27.490 --> 00:29:28.490 it. 00:29:28.490 --> 00:29:31.490 ALEX: Then he says these things do interest him. 00:29:31.490 --> 00:29:34.330 He’s quite keen to talk to you. 00:29:34.330 --> 00:29:36.160 I was like, excuse me? 00:29:36.160 --> 00:29:38.710 Tony Abbott wants to call me on the phone? 00:29:38.710 --> 00:29:43.080 I suppose I owe this service to my country at this point. 00:29:43.080 --> 00:29:45.169 What does he want to talk about? 00:29:45.169 --> 00:29:48.960 He said oh, he’s – just to pick your brain on these things. 00:29:48.960 --> 00:29:52.380 He’s quite keen to learn about it or something. 00:29:52.380 --> 00:29:55.590 I was like, alright, let’s absolutely go. 00:29:55.590 --> 00:30:01.190 JACK: So you set up a date for the call and then, what, does Tony Abbott call you or you 00:30:01.190 --> 00:30:02.190 call him? 00:30:02.190 --> 00:30:06.420 ALEX: [00:30:00] No, yeah, then my phone rings at 3:30 as we planned and it’s from a private 00:30:06.420 --> 00:30:08.200 number; nice. 00:30:08.200 --> 00:30:09.840 On the other end is Tony Abbott. 00:30:09.840 --> 00:30:15.000 He started telling me about how – mostly the thing that he wanted was to check that 00:30:15.000 --> 00:30:19.150 his understanding of how that I found his passport number worked; like, check his understanding 00:30:19.150 --> 00:30:22.049 was correct, and it was. 00:30:22.049 --> 00:30:27.070 He also wanted to ask how to learn about the IT, which is what he called it. 00:30:27.070 --> 00:30:28.419 JACK: How long did you guys talk? 00:30:28.419 --> 00:30:29.919 ALEX: How long did we talk? 00:30:29.919 --> 00:30:31.409 About half an hour, an hour? 00:30:31.409 --> 00:30:32.570 At least half an hour. 00:30:32.570 --> 00:30:33.570 JACK: Whoa. 00:30:33.570 --> 00:30:38.519 ALEX: I mean, we had a lot to – and he had lots of questions like how did it all happen 00:30:38.519 --> 00:30:42.210 and what can I do to learn about it? 00:30:42.210 --> 00:30:48.220 He was telling me about how he tried to log into a Microsoft Teams meeting earlier and 00:30:48.220 --> 00:30:52.270 he got fairly bamboozled by that whole process of trying to do it. 00:30:52.270 --> 00:30:56.710 He said he can now log into a Teams meeting in a way that he couldn’t before. 00:30:56.710 --> 00:31:02.100 Then suddenly he said you could drop me in the bush and I’d feel perfectly confident 00:31:02.100 --> 00:31:06.299 navigating my way out, looking at the sun and the direction of rivers and figuring out 00:31:06.299 --> 00:31:08.210 where to go but this? 00:31:08.210 --> 00:31:09.210 Hah. 00:31:09.210 --> 00:31:11.820 That was some incredibly powerful Australian energy. 00:31:11.820 --> 00:31:16.130 That’s like, the most Australian thing anyone’s ever said about – that anyone could ever 00:31:16.130 --> 00:31:18.870 say, saying oh, being dropped into the bush? 00:31:18.870 --> 00:31:19.870 No worries. 00:31:19.870 --> 00:31:21.330 That’s easy; I can just navigate my way out. 00:31:21.330 --> 00:31:22.330 That’s normal. 00:31:22.330 --> 00:31:23.850 But learning how to use a computer? 00:31:23.850 --> 00:31:25.850 Hm, that’s hard. Hm. 00:31:25.850 --> 00:31:26.850 Like, who does that? 00:31:26.850 --> 00:31:30.799 JACK: Alex talked Tony Abbott through the entire process of how they ended up with his 00:31:30.799 --> 00:31:32.230 passport number. 00:31:32.230 --> 00:31:35.399 Then Alex started answering some tech questions that Tony had. 00:31:35.399 --> 00:31:39.799 ALEX: Then at one point he asked is – if there was a book that he could read to learn 00:31:39.799 --> 00:31:43.769 about the basics of IT, since he wanted to learn how it works. 00:31:43.769 --> 00:31:48.169 I was like oh, I mean, there probably is a book out there called The Basics of IT or 00:31:48.169 --> 00:31:51.649 IT for Dummies or something but it probably won’t help because I didn’t learn from 00:31:51.649 --> 00:31:52.649 a book. 00:31:52.649 --> 00:31:53.649 Everyone just figures it out. 00:31:53.649 --> 00:31:58.010 So, I told him the story about my mom which was that when I was growing up, my mom always 00:31:58.010 --> 00:32:01.700 said there were too many buttons and that she was afraid to press the buttons ‘cause 00:32:01.700 --> 00:32:04.059 she didn’t know what they did. 00:32:04.059 --> 00:32:08.039 I would always say no, no, no, mom, you just gotta press all the buttons and then you know 00:32:08.039 --> 00:32:09.220 what they do. 00:32:09.220 --> 00:32:10.280 I don’t know if that helped him. 00:32:10.280 --> 00:32:12.220 JACK: Did you actually tell him about your mom? 00:32:12.220 --> 00:32:14.840 ALEX: Yeah. Is that okay? 00:32:14.840 --> 00:32:17.260 JACK: No, I think it’s brilliant. 00:32:17.260 --> 00:32:22.039 That chat that Alex had with Tony Abbott about his mom, yeah, that resonates with me. 00:32:22.039 --> 00:32:26.330 My parents, heck, even my grandparents have been using computers way longer than I have 00:32:26.330 --> 00:32:31.990 yet for some strange reason, I’m better at computers than they are, way better. 00:32:31.990 --> 00:32:33.130 What is with that? 00:32:33.130 --> 00:32:38.000 Well, for one, when I got a computer, I felt compelled to push buttons. 00:32:38.000 --> 00:32:42.000 They were afraid to push buttons which always reminds me of this quote from The Hitchhiker’s 00:32:42.000 --> 00:32:43.200 Guide to the Galaxy. 00:32:43.200 --> 00:32:44.399 TRILLIAN: Buttons aren’t toys. 00:32:44.399 --> 00:32:45.779 ZAPHOD: Buttons aren’t toys. 00:32:45.779 --> 00:32:47.110 JACK: Yes, they are. 00:32:47.110 --> 00:32:48.440 To me, buttons are toys. 00:32:48.440 --> 00:32:50.419 I want to push them all to see what they do. 00:32:50.419 --> 00:32:54.389 Something inside me just can’t help it and it’s this innate curiosity of mine that 00:32:54.389 --> 00:32:57.779 has absolutely led me into a lot of trouble with computers. 00:32:57.779 --> 00:33:02.840 I’ve ruined them, deleted important stuff, and whoopsed the whole thing many times. 00:33:02.840 --> 00:33:03.840 But then, you know what? 00:33:03.840 --> 00:33:06.330 I had to rebuild and restore it and fix it. 00:33:06.330 --> 00:33:11.590 So, for me, the way I learned how to be good at IT was simply being fearless at pushing 00:33:11.590 --> 00:33:12.590 buttons. 00:33:12.590 --> 00:33:17.630 Yes, sometimes I had really bad moments like that time in ‘05 when I somehow wiped twenty 00:33:17.630 --> 00:33:19.540 gigs of music from my iPod. 00:33:19.540 --> 00:33:21.831 Man, I’ll never forget that. 00:33:21.831 --> 00:33:26.860 That was the worst data loss experience ever for me but it’s moments like that that really 00:33:26.860 --> 00:33:29.549 teach you how to respect the tech. 00:33:29.549 --> 00:33:33.750 That’s my suggestion at getting good at IT, too; push the buttons and push them a 00:33:33.750 --> 00:33:34.750 lot. 00:33:34.750 --> 00:33:39.779 Well, so after Alex’s call with Tony Abbott, Alex got approval to publish the blog post. 00:33:39.779 --> 00:33:41.570 So, it was published. 00:33:41.570 --> 00:33:45.820 The post was a hit too, echoing across many tech publications as a lesson to be learned 00:33:45.820 --> 00:33:50.309 on why you don’t post pictures of your boarding pass to social media. 00:33:50.309 --> 00:33:55.240 But it also meant that the Do Not Get Arrested Challenge of 2020 was a success. 00:33:55.240 --> 00:33:57.720 We’ve got one more story for you after the break. 00:33:57.720 --> 00:33:59.220 Stay with us. 00:33:59.220 --> 00:34:02.780 Alright, so I have another flight-hacking story for you. 00:34:02.780 --> 00:34:04.029 This one is from TProphet. 00:34:04.029 --> 00:34:05.029 TPROPHET: TProphet. 00:34:05.029 --> 00:34:07.370 JACK: Now, TProphet is no stranger to the hacking scene. 00:34:07.370 --> 00:34:09.790 I asked him how many Defcons has he been to? 00:34:09.790 --> 00:34:10.790 He told me… 00:34:10.790 --> 00:34:12.349 TPROPHET: Yeah, all of them. 00:34:12.349 --> 00:34:17.310 JACK: So, the first Defcon was in 1993 and has been a yearly event since. 00:34:17.310 --> 00:34:20.510 So, going to all of them is quite an accomplishment. 00:34:20.510 --> 00:34:25.329 Now there’s over 30,000 people who attend Defcon but that first one, like only 100 people 00:34:25.329 --> 00:34:27.450 showed up and TProphet was one of them. 00:34:27.450 --> 00:34:33.630 TPROPHET: It was at the Sands and we had maybe fifty people in one small room. 00:34:33.630 --> 00:34:37.500 Yeah, that’s kinda how it started and it just grew from there. 00:34:37.500 --> 00:34:40.629 JACK: You can imagine someone who’s been in the hacker scene for over thirty years 00:34:40.629 --> 00:34:43.169 must have a lot of stories, right? 00:34:43.169 --> 00:34:47.359 Yeah, well, TProphet isn’t sharing any of those stories with us today. 00:34:47.359 --> 00:34:49.089 I wish, but maybe another time. 00:34:49.089 --> 00:34:50.530 But TProphet likes to write. 00:34:50.530 --> 00:34:55.210 No, I’m not talking about the 120,000 tweets he’s written at this point. 00:34:55.210 --> 00:34:59.680 He’s a regular contributor to the 2600 Magazine, The Hacker Quarterly. 00:34:59.680 --> 00:35:05.050 But he also likes writing a travel blog called [00:35:00] seat31B.com. 00:35:05.050 --> 00:35:07.560 This travel blog is unlike any travel blog I’ve ever seen. 00:35:07.560 --> 00:35:10.599 TPROPHET: In my free time, I like to travel. 00:35:10.599 --> 00:35:16.020 My goal is to join the Travelers’ Century Club which means that you visited at least 00:35:16.020 --> 00:35:18.010 100 countries or territories around the world. 00:35:18.010 --> 00:35:19.920 I’ve been to all seven continents so far. 00:35:19.920 --> 00:35:21.000 JACK: Even Antarctica? 00:35:21.000 --> 00:35:22.450 TPROPHET: Yeah, including Antarctica. 00:35:22.450 --> 00:35:24.290 I went with a bunch of hackers, actually. 00:35:24.290 --> 00:35:30.460 The tour camp people and Tour Con did a cruise to Antarctica a few years ago called World 00:35:30.460 --> 00:35:33.690 Tour and so we went down. 00:35:33.690 --> 00:35:35.910 Hackers took over a ship; we had a 3D printer. 00:35:35.910 --> 00:35:37.099 It was awesome. 00:35:37.099 --> 00:35:41.800 It was like a former Norwegian icebreaker with mostly Russian crew which was pretty 00:35:41.800 --> 00:35:42.800 fun. 00:35:42.800 --> 00:35:45.480 JACK: So, his blog is basically a bunch of travel hacks. 00:35:45.480 --> 00:35:47.480 Now, you might think oh, travel hacks. 00:35:47.480 --> 00:35:49.330 Yeah, I’ve seen stuff like that on BuzzFeed. 00:35:49.330 --> 00:35:53.290 Like, when traveling, wrap your shoes up in a shower cap so that you don’t get your 00:35:53.290 --> 00:35:54.750 clean clothes dirty. 00:35:54.750 --> 00:35:58.710 Or here’s a real advanced one; enable private browsing when booking your flight because 00:35:58.710 --> 00:36:02.970 sometimes websites will jack up the price next time you visit their site, knowing that 00:36:02.970 --> 00:36:05.290 you made up your mind and you’re ready to buy. 00:36:05.290 --> 00:36:09.420 But TProphet’s blog goes way beyond these amateur-level tips. 00:36:09.420 --> 00:36:13.829 TPROPHET: I look at things from the hacker perspective and that includes getting there 00:36:13.829 --> 00:36:18.260 ‘cause one thing about travel is it can be pretty expensive, right? 00:36:18.260 --> 00:36:23.490 But I don’t like to pay money for things if I don’t have to pay money for things. 00:36:23.490 --> 00:36:29.550 I’m kind of an extreme couponer and that guy that’s like, going through the self-checkout 00:36:29.550 --> 00:36:36.770 with every single stacked coupon you can possibly do to get a pizza for $0.03, that’s me. 00:36:36.770 --> 00:36:42.349 I buy stuff I don’t even want to eat because I can get it cheap or free and I kinda do 00:36:42.349 --> 00:36:44.440 almost the same with plane tickets. 00:36:44.440 --> 00:36:48.750 JACK: Now, my tricks to get cheap flights is to first do a comparison of all the flights 00:36:48.750 --> 00:36:50.210 to find the cheapest one. 00:36:50.210 --> 00:36:54.569 My second trick is to always book at least thirty days in advance which can save hundreds 00:36:54.569 --> 00:36:55.569 of dollars. 00:36:55.569 --> 00:37:00.460 TPROPHET: Those are decent rules to try to follow but they’re not – you’re actually 00:37:00.460 --> 00:37:02.839 paying cash for a flight if you do that. 00:37:02.839 --> 00:37:04.190 Money is leaving your bank account. 00:37:04.190 --> 00:37:07.500 I don’t like paying money for flights. 00:37:07.500 --> 00:37:08.730 JACK: Ooh, Bitcoin. 00:37:08.730 --> 00:37:10.780 TPROPHET: No, no, Bitcoin’s money. 00:37:10.780 --> 00:37:11.900 You can turn it into money. 00:37:11.900 --> 00:37:19.580 No, I like paying points for flights because if you can get points for free and you pay 00:37:19.580 --> 00:37:26.890 for your flights with points, then you didn’t actually spend any or maybe not much money 00:37:26.890 --> 00:37:28.190 on your flight. 00:37:28.190 --> 00:37:31.250 JACK: [MUSIC] Uh-huh. 00:37:31.250 --> 00:37:32.280 See? 00:37:32.280 --> 00:37:37.170 TProphet has figured out a way to get free flights to almost anywhere in the world by 00:37:37.170 --> 00:37:39.540 using points to buy tickets. 00:37:39.540 --> 00:37:44.710 This is so much different than a travel hack which might save you twenty dollars or something. 00:37:44.710 --> 00:37:48.359 Yeah, people who travel a lot get frequent flyer miles which are the same as airline 00:37:48.359 --> 00:37:52.940 points and this is a way for airlines to give thanks to their loyal customers. 00:37:52.940 --> 00:37:57.060 You can exchange frequent flyer miles or points for free trips to places. 00:37:57.060 --> 00:38:01.950 Now, historically, airlines gave these to loyal customers, people who flew a lot. 00:38:01.950 --> 00:38:06.690 But in the last few decades, airlines have been looking for new ways to find customers 00:38:06.690 --> 00:38:10.530 and can sometimes offer these points as a sort of marketing strategy. 00:38:10.530 --> 00:38:16.690 TPROPHET: Generally speaking, what I do is I use my good credit to take the banks to 00:38:16.690 --> 00:38:17.690 the cleaners. 00:38:17.690 --> 00:38:22.360 They are falling all over themselves to give me credit cards and that’s totally fine. 00:38:22.360 --> 00:38:23.500 I’ll sign up for all of them. 00:38:23.500 --> 00:38:28.620 I get the points that go with the cards but if you can bank a bunch of points that the 00:38:28.620 --> 00:38:34.640 bank essentially gave you for very little or free, a points bank can turn into tickets 00:38:34.640 --> 00:38:38.599 that are worth way more than you would ever pay for the points, especially if you can 00:38:38.599 --> 00:38:40.080 get them free through credit cards. 00:38:40.080 --> 00:38:44.130 JACK: Using this basic strategy, TProphet has gone to some pretty exotic places. 00:38:44.130 --> 00:38:48.079 TPROPHET: I can actually talk about a trip that I took to St. Helena. 00:38:48.079 --> 00:38:49.349 JACK: Where’s this? 00:38:49.349 --> 00:38:52.800 TPROPHET: St. Helena is a British territory in the South Atlantic. 00:38:52.800 --> 00:38:54.880 It’s the final resting place of Napoleon. 00:38:54.880 --> 00:38:59.450 JACK: South Atlantic; I can’t – I still don’t even picture this. 00:38:59.450 --> 00:39:01.470 So, this is off of Africa? 00:39:01.470 --> 00:39:02.470 TPROPHET: Yeah. 00:39:02.470 --> 00:39:04.280 Well, you know where Walvis Bay is, right? 00:39:04.280 --> 00:39:05.280 JACK: No. 00:39:05.280 --> 00:39:06.280 TPROPHET: Namibia. 00:39:06.280 --> 00:39:07.280 JACK: No. 00:39:07.280 --> 00:39:08.280 Okay, I’m sorry. 00:39:08.280 --> 00:39:09.280 TPROPHET: Not Nambia, as the president says. 00:39:09.280 --> 00:39:11.280 Namibia. JACK: Namibia. 00:39:11.280 --> 00:39:12.280 That’s Africa. 00:39:12.280 --> 00:39:13.280 TPROPHET: Yeah, yeah, exactly. 00:39:13.280 --> 00:39:15.280 Africa. JACK: Okay. 00:39:15.280 --> 00:39:21.560 TPROPHET: So, go to Walvis Bay and head due west for around four and a half hours on a 00:39:21.560 --> 00:39:26.089 plane equipped with special extra tanks to make it that far. 00:39:26.089 --> 00:39:28.270 Then land at the windiest airport in the world. 00:39:28.270 --> 00:39:33.740 JACK: Okay, so if I were to fly from the US to – what’s this place called again? 00:39:33.740 --> 00:39:34.860 TPROPHET: St. Helena. 00:39:34.860 --> 00:39:35.990 JACK: St. Helena. 00:39:35.990 --> 00:39:37.720 TPROPHET: Wonderful place to visit, by the way. 00:39:37.720 --> 00:39:39.300 I totally recommend it. 00:39:39.300 --> 00:39:42.500 JACK: How much would that cost in airfare for a typical person? 00:39:42.500 --> 00:39:43.760 TPROPHET: That depends. 00:39:43.760 --> 00:39:47.960 Do you want to sit all the way in the back in the middle seat with somebody reclining 00:39:47.960 --> 00:39:54.440 into you and a baby throwing up in your lap, or do you want a personal lie-flat suite with 00:39:54.440 --> 00:39:59.350 champagne and caviar brought to you, where you’re waited on hand and foot the whole 00:39:59.350 --> 00:40:00.350 way? 00:40:00.350 --> 00:40:01.350 JACK: What did you choose? 00:40:01.350 --> 00:40:04.040 TPROPHET: [00:40:00] Of course the latter. 00:40:04.040 --> 00:40:08.329 JACK: [MUSC] That’s the other thing about TProphet; he’s not just trying to squeeze 00:40:08.329 --> 00:40:11.790 his way onto the cheapest seat of the plane just to get somewhere for free. 00:40:11.790 --> 00:40:16.970 No, he upgrades the experience to sit in the special seats at the front of the plane, like 00:40:16.970 --> 00:40:20.510 the ones that recline all the way down into a flat bed. 00:40:20.510 --> 00:40:31.480 Okay, so to get from say Seattle to St. Helena on a lie-flat business class ticket would 00:40:31.480 --> 00:40:32.930 be how much? 00:40:32.930 --> 00:40:35.400 TPROPHET: Business class? 00:40:35.400 --> 00:40:40.880 You would be paying somewhere in the neighborhood of $10,000 for that if it’s business class. 00:40:40.880 --> 00:40:44.069 But I didn’t go business because that’s so gauche. 00:40:44.069 --> 00:40:48.609 I went first class for part of it where they bring you the cru champagne. 00:40:48.609 --> 00:40:49.609 JACK: Okay. 00:40:49.609 --> 00:40:53.000 I didn’t know there was a difference between business and first. 00:40:53.000 --> 00:40:54.730 TPROPHET: Oh yeah, yeah. 00:40:54.730 --> 00:40:59.240 First class is – I mean, just to give you an idea of first class; on this particular 00:40:59.240 --> 00:41:05.210 trip, the first class lounge in Hong Kong, I’m pretty sure Elon Musk was in there. 00:41:05.210 --> 00:41:11.130 The reason why there’s first class is because who you’re flying with are people like Hong 00:41:11.130 --> 00:41:17.150 Kong movie stars and celebrities, billionaire hedge fund managers. 00:41:17.150 --> 00:41:21.630 They’re paying more money so they don’t have to be around you. 00:41:21.630 --> 00:41:23.860 That’s really what this is. 00:41:23.860 --> 00:41:27.660 It’s not all that much better than business class. 00:41:27.660 --> 00:41:30.430 You get a lie-flat seat in both cabins. 00:41:30.430 --> 00:41:33.290 You get pretty nice food in both cabins. 00:41:33.290 --> 00:41:38.230 You get some really ridiculous expensive luxury stuff in first class. 00:41:38.230 --> 00:41:42.800 They bring you a box of chocolates before you leave that’s pretty nice, and you get 00:41:42.800 --> 00:41:46.230 access to lounges that are not for you. 00:41:46.230 --> 00:41:49.750 In fact, there’s so much not for you that when I started walking to the first class 00:41:49.750 --> 00:41:56.069 lounge in Hong Kong, I got swarmed by easily eight Cathay Pacific staff who came out of 00:41:56.069 --> 00:41:57.069 nowhere. 00:41:57.069 --> 00:41:58.470 It was just like, bam. 00:41:58.470 --> 00:42:02.170 There’s all these people there and they’re like sir, can we see your ticket? 00:42:02.170 --> 00:42:06.230 When they looked at it they’re like oh, right this way. 00:42:06.230 --> 00:42:11.450 I don’t exactly look like a fancy billionaire hedge fund manager, right? 00:42:11.450 --> 00:42:15.280 JACK: I mean, Mark Zuckerberg wears a sweater, wears a hoodie sometimes, so… 00:42:15.280 --> 00:42:16.490 TPROPHET: Yeah, exactly. 00:42:16.490 --> 00:42:17.690 That’s the thing. 00:42:17.690 --> 00:42:21.510 There’s now a mental model that they assume you’re some kind of Silicon Valley entrepreneur 00:42:21.510 --> 00:42:24.740 or something, so I just try to give off that vibe now. 00:42:24.740 --> 00:42:27.450 JACK: Yeah, did you – where did you fly out of to get there? 00:42:27.450 --> 00:42:32.170 TPROPHET: I started in Seattle, flew to San Francisco and then did first class – San 00:42:32.170 --> 00:42:37.660 Francisco on that trip and then I did first class from there to Hong Kong. 00:42:37.660 --> 00:42:42.110 Then business from Hong Kong to Johannesburg because that’s the only cabin the Cathay 00:42:42.110 --> 00:42:44.480 operates to there. 00:42:44.480 --> 00:42:50.630 But that would have been around an $11,000 flight if I paid for it, just for that part. 00:42:50.630 --> 00:42:51.630 JACK: Right. 00:42:51.630 --> 00:42:56.290 So roughly $11,000 plane ticket is what a normal person would have to pay for that. 00:42:56.290 --> 00:42:57.290 TPROPHET: Yes. 00:42:57.290 --> 00:42:58.640 JACK: What did you pay for it? 00:42:58.640 --> 00:43:05.520 TPROPHET: 70,000 Alaska Airline Mileage Plan points and around $22.00 in taxes. 00:43:05.520 --> 00:43:07.130 I got all those points for free. 00:43:07.130 --> 00:43:09.250 JACK: [MUSIC] Free? 00:43:09.250 --> 00:43:13.880 That means the only out-of-pocket cost he had to pay for his flight there and back was 00:43:13.880 --> 00:43:18.800 $22.00 in airport fees and he’s traveling on the luxury seats? 00:43:18.800 --> 00:43:22.119 These kind of seats are not typically offered to people like you and me. 00:43:22.119 --> 00:43:25.830 You’ve gotta know that this even exists and then it’s crazy expensive. 00:43:25.830 --> 00:43:28.359 Yet, he got these tickets for free. 00:43:28.359 --> 00:43:30.520 That’s just incredible. 00:43:30.520 --> 00:43:34.309 But how do you get 70,000 Alaskan Mileage points for free? 00:43:34.309 --> 00:43:38.990 TPROPHET: The typical way most people get points with Alaska Airlines is by flying Alaska 00:43:38.990 --> 00:43:41.530 Airlines but there’s tons of other ways that you can get points. 00:43:41.530 --> 00:43:45.760 These frequent flyer programs partner with banks and Alaska Airlines partners with the 00:43:45.760 --> 00:43:48.349 Bank of America. 00:43:48.349 --> 00:43:52.970 The thing with their partnerships is they give you a big bonus to sign up for their 00:43:52.970 --> 00:43:54.300 credit card. 00:43:54.300 --> 00:44:00.250 Right now you can get 40,000 Alaska Airlines bonus miles in addition to I think $100 statement 00:44:00.250 --> 00:44:05.230 credit just for a card sign-up and needing their minimum spend which is I think $2,000. 00:44:05.230 --> 00:44:06.730 JACK: That’s $2,000 a year? 00:44:06.730 --> 00:44:08.390 TPROPHET: No, it’s just one time. 00:44:08.390 --> 00:44:09.390 JACK: Oh, okay. 00:44:09.390 --> 00:44:13.630 TPROPHET: So, put everything that you’re gonna buy on a card for any given month on 00:44:13.630 --> 00:44:19.559 that card and you’ll get one mile per dollar that you spend on the card and then in addition 00:44:19.559 --> 00:44:21.930 to that, they’ll give you the sign-up bonus. 00:44:21.930 --> 00:44:23.390 JACK: Okay, so that’s 40,000? 00:44:23.390 --> 00:44:28.480 TPROPHET: Well, you get 40,000 for that card but then the Bank of America has a business 00:44:28.480 --> 00:44:34.460 card too and I own a rental property so I’m clearly a business owner, so I can sign up 00:44:34.460 --> 00:44:35.460 for the business card. 00:44:35.460 --> 00:44:38.530 If I was ever gonna buy anything for the rental property, I could do it on that. 00:44:38.530 --> 00:44:42.040 That’s another 30,000 points that you get for that card. 00:44:42.040 --> 00:44:43.890 JACK: Just signing up, or…? 00:44:43.890 --> 00:44:47.790 TPROPHET: Signing up and meeting the minimum spend which is generally minimal, so I had 00:44:47.790 --> 00:44:50.190 some – I had to genuinely own a rental property. 00:44:50.190 --> 00:44:56.320 I had some expenses that needed to be paid relative to improvements for that property, 00:44:56.320 --> 00:45:00.470 so I put all of that on the second card, on the business card, and between the personal 00:45:00.470 --> 00:45:04.610 card and the business card – and it [00:45:00] wasn’t exactly this but very, very close 00:45:04.610 --> 00:45:08.589 – I ended up with 70,000 points. 00:45:08.589 --> 00:45:10.430 So, what did I do? 00:45:10.430 --> 00:45:16.040 I used my good credit and a little extreme couponing to get all the way to Johannesburg 00:45:16.040 --> 00:45:19.329 essentially for free. 00:45:19.329 --> 00:45:21.240 It was maybe $22.00 in taxes. 00:45:21.240 --> 00:45:22.990 JACK: Ah, very clever. 00:45:22.990 --> 00:45:24.400 I love the way hackers think. 00:45:24.400 --> 00:45:27.320 They’re always trying to figure out new ways to exploit the system. 00:45:27.320 --> 00:45:30.800 One time in college, we had to buy textbooks for our classes, right? 00:45:30.800 --> 00:45:33.089 It was like, $100 per book. 00:45:33.089 --> 00:45:36.300 One of the other guys in my class came to school with a book which said Property of 00:45:36.300 --> 00:45:38.109 the School Library on it. 00:45:38.109 --> 00:45:41.230 I asked him, can you actually just borrow a book all semester? 00:45:41.230 --> 00:45:47.010 He’s like, no, but the late fees for borrowing it only add up to $50, so it’s cheaper to 00:45:47.010 --> 00:45:50.790 just borrow it and then pay the fee at the end versus buying it. 00:45:50.790 --> 00:45:54.400 If you’re that kind of person who thinks like this, I got news for you; you have the 00:45:54.400 --> 00:45:56.420 mentality of how a hacker thinks. 00:45:56.420 --> 00:46:00.630 TPROPHET: But that’s Johannesburg, South Africa and you don’t want to hang out there. 00:46:00.630 --> 00:46:03.440 It’s not a very safe city. 00:46:03.440 --> 00:46:06.580 I wanted to go onward from there to St. Helena. 00:46:06.580 --> 00:46:10.980 The way that I did that wasn’t in a first class cabin. 00:46:10.980 --> 00:46:14.849 You can be strategic about how you mix this up. 00:46:14.849 --> 00:46:19.920 The way to fly to St. Helena; there’s one airline that goes and it’s called Airlink. 00:46:19.920 --> 00:46:27.140 They’re a partner of but not owned by South African Airlines and there’s literally no 00:46:27.140 --> 00:46:29.570 way to book that thing with regular points. 00:46:29.570 --> 00:46:34.900 The only airline that they partner with where you can use their points is South African 00:46:34.900 --> 00:46:39.410 and getting South African Voyageur points just means that you have to fly South African 00:46:39.410 --> 00:46:40.410 Airlines a lot. 00:46:40.410 --> 00:46:44.410 They don’t have a lot of ways to get those points that are easy. 00:46:44.410 --> 00:46:51.810 But Chase allows you to spend Ultimate Rewards points through their Expedia portal and you 00:46:51.810 --> 00:46:56.020 can buy cash flights with that. 00:46:56.020 --> 00:47:02.040 This flight’s around almost $1,000 from Johannesburg to St. Helena and back but I 00:47:02.040 --> 00:47:07.130 was able to redeem Chase points at 1.5 cents per point for that flight. 00:47:07.130 --> 00:47:15.840 So, I went Johannesburg to St. Helena and then St. Helena back to Cape Town since I 00:47:15.840 --> 00:47:17.250 wanted to return from Cape Town. 00:47:17.250 --> 00:47:20.440 JACK: With his flight booked, he set off on his trip. 00:47:20.440 --> 00:47:25.170 [MUSIC] Yeah, these were long flights, so he did take advantage of those lie-flat seats 00:47:25.170 --> 00:47:26.170 and fell asleep. 00:47:26.170 --> 00:47:28.010 TPROPHET: Oh yeah, like a baby. 00:47:28.010 --> 00:47:29.559 It’s super nice. 00:47:29.559 --> 00:47:35.630 They have turndown service, so they give you pajamas; they’re free. 00:47:35.630 --> 00:47:38.220 Then when you go to – you finish your dinner. 00:47:38.220 --> 00:47:40.220 They bring out a five-course meal. 00:47:40.220 --> 00:47:45.341 There’s a menu so they come out just like waiters and they’re like well, sir, these 00:47:45.341 --> 00:47:50.040 are the options that we have today and just pick anything that you’d like. 00:47:50.040 --> 00:47:58.450 Then they just bring you a multi-course meal on a linen tablecloth with the whole very 00:47:58.450 --> 00:48:03.880 intricate china service, with all the different sizes of forks and stuff. 00:48:03.880 --> 00:48:08.740 It’s super fancy but if you’re a billionaire, you expect this, right? 00:48:08.740 --> 00:48:13.550 They’re giving you the level of service that hedge fund billionaire managers and celebrities 00:48:13.550 --> 00:48:14.550 get. 00:48:14.550 --> 00:48:18.240 That’s what they bring for you. 00:48:18.240 --> 00:48:24.400 It’s just, they’d really rather people like me not know this is a thing because I 00:48:24.400 --> 00:48:28.559 was definitely polluting their rarefied atmosphere. 00:48:28.559 --> 00:48:31.500 JACK: Okay. 00:48:31.500 --> 00:48:37.290 So, this sounds too easy; to sign up for two different credit cards, spend money on them, 00:48:37.290 --> 00:48:42.060 and you’re flying first class with this kind of service. 00:48:42.060 --> 00:48:43.060 It just sounds too easy. 00:48:43.060 --> 00:48:48.230 I’m surprised that American – Alaskan Airlines hasn’t realized that how simple 00:48:48.230 --> 00:48:51.079 it is and said well, you can only pay for half your flight like this or something. 00:48:51.079 --> 00:48:54.890 TPROPHET: No, no, no, it’s not easy at all, man, ‘cause you have to find availability 00:48:54.890 --> 00:48:57.400 and then you have to know how to book this. 00:48:57.400 --> 00:49:00.950 Alaska doesn’t put Cathay Pacific flights on their website. 00:49:00.950 --> 00:49:04.270 They’ll never show up if you do a search. 00:49:04.270 --> 00:49:09.110 You have to call somebody who books them in a different system and then they don’t have 00:49:09.110 --> 00:49:14.420 a really good way to search with Alaska Airlines, so you have to use the websites of other airlines. 00:49:14.420 --> 00:49:19.359 Like, the one that I use the most for finding Cathay flights is Qantas. 00:49:19.359 --> 00:49:28.109 You look for a flight that you could book with Qantas points and those flights are usually 00:49:28.109 --> 00:49:30.819 available to also book with Alaska points. 00:49:30.819 --> 00:49:35.380 There’s some rules; it’s like, there’s usually one fewer seat than you see available 00:49:35.380 --> 00:49:36.380 with Qantas. 00:49:36.380 --> 00:49:38.000 It’s available to Alaska. 00:49:38.000 --> 00:49:45.640 Then you have to call and when you get somebody who’s like, dusts off their manual and realizes 00:49:45.640 --> 00:49:48.500 how to book this thing, then you can get it. 00:49:48.500 --> 00:49:52.170 But I mean, Cathay doesn’t want to give these away. 00:49:52.170 --> 00:49:55.740 They only do it to maintain credibility in their program and they especially don’t 00:49:55.740 --> 00:49:59.579 want to give these seats away to partners, so there was – there will be one day you 00:49:59.579 --> 00:50:05.130 can go in a given [00:50:00] month and you’ve got to book almost a year in advance to be 00:50:05.130 --> 00:50:07.280 able to get this so yeah, it’s not easy. 00:50:07.280 --> 00:50:08.280 In fact… 00:50:08.280 --> 00:50:09.660 JACK: Why is it only one day you can go? 00:50:09.660 --> 00:50:14.151 TPROPHET: Well, they only release a handful of seats and so you have to find those, jump 00:50:14.151 --> 00:50:17.660 on them, and book it really early, as soon as it’s available. 00:50:17.660 --> 00:50:23.430 They release seats to their own Asia Miles members before they release to partners. 00:50:23.430 --> 00:50:29.839 JACK: Okay, so this is becoming more complicated just because it’s one of those – you’re 00:50:29.839 --> 00:50:34.480 not – this isn’t for you kind of service or, you know, airfare. 00:50:34.480 --> 00:50:35.619 It’s not for you. 00:50:35.619 --> 00:50:37.400 TPROPHET: No, it’s not for you. 00:50:37.400 --> 00:50:42.109 It’s for you if you work really, really hard and really want to be there but yeah, 00:50:42.109 --> 00:50:45.360 no, it’s not like you can just go get some credit cards. 00:50:45.360 --> 00:50:49.410 The points guy makes it seem really easy to do that ‘cause they make most of their money 00:50:49.410 --> 00:50:54.089 with commission links for credit card sign ups, so they’re totally right on the earn 00:50:54.089 --> 00:50:59.790 side that earning points is relatively easy by signing up for cards and you do need to 00:50:59.790 --> 00:51:03.579 be strategic how you do it and you definitely don’t ever want to play this game if you’re 00:51:03.579 --> 00:51:09.211 the kind of person that gets into debt, so you will pay way more in interest to the bank 00:51:09.211 --> 00:51:12.140 than you ever would save in flights. 00:51:12.140 --> 00:51:15.470 If you haven’t paid off all your credit cards, if you have any debt at all, this game 00:51:15.470 --> 00:51:16.840 is not for you. 00:51:16.840 --> 00:51:18.910 I have a mortgage but that’s it. 00:51:18.910 --> 00:51:22.030 But if you’re the kind of person that can pay off your card every month and you can 00:51:22.030 --> 00:51:26.670 be really strategic about what you sign up for and you can stay on top of these cards 00:51:26.670 --> 00:51:31.150 and their annual fees and cancel them before the new fees come due, then you can really 00:51:31.150 --> 00:51:32.720 rack up a lot of points. 00:51:32.720 --> 00:51:36.970 Just think like a hacker and keep the detailed notes of a freak. 00:51:36.970 --> 00:51:39.510 That’s basically the plan. 00:51:39.510 --> 00:51:44.250 Then finding the farers, yeah, it isn’t super easy. 00:51:44.250 --> 00:51:49.950 You have to know that with Alaska points, you can book a flight on Cathay Pacific over 00:51:49.950 --> 00:51:53.420 the phone which you found on Qantas’ website. 00:51:53.420 --> 00:51:58.920 Qantas and Cathay Pacific are not the same airline, so that’s the challenge that you’re 00:51:58.920 --> 00:52:01.580 up against when you actually want to use these points. 00:52:01.580 --> 00:52:06.470 JACK: Do you have to call someone and realize this person’s not gonna help you and try 00:52:06.470 --> 00:52:10.010 calling another day and try it over and over until you finally find somebody who knows 00:52:10.010 --> 00:52:13.579 exactly how to get through the Qantas website to find the flight you need? 00:52:13.579 --> 00:52:16.160 TPROPHET: We have a word for it; HUACA. 00:52:16.160 --> 00:52:18.600 JACK: What is that? 00:52:18.600 --> 00:52:20.420 TPROPHET: Hang up and call again. 00:52:20.420 --> 00:52:21.500 JACK: Oh, okay. 00:52:21.500 --> 00:52:25.859 TPROPHET: There’s a scene of people that are into this kind of stuff, so it’s – yeah, 00:52:25.859 --> 00:52:28.770 I mean, we have our own words and HUACA’s a word. 00:52:28.770 --> 00:52:30.000 JACK: Crazy, huh? 00:52:30.000 --> 00:52:33.720 Not only is he able to get on free flights but he’s getting on flights that even travel 00:52:33.720 --> 00:52:35.829 agents don’t know exist. 00:52:35.829 --> 00:52:38.980 But all these methods and schemes are all legit and legal. 00:52:38.980 --> 00:52:43.280 The airlines are the ones who set these systems up and while it seems like he’s exploiting 00:52:43.280 --> 00:52:48.290 the system, he’s really just using it the way it was intended, just kind of in an extreme 00:52:48.290 --> 00:52:49.770 couponing kind of way. 00:52:49.770 --> 00:52:58.010 Okay, so let’s say I’m not as exotic as you in trying to go to all these crazy places. 00:52:58.010 --> 00:53:03.990 Is it just as easy for me to sign up for two credit cards, get those points, and then travel 00:53:03.990 --> 00:53:10.230 all over the US on just regular class tickets and get tons of free flights that way? 00:53:10.230 --> 00:53:11.480 Is that as simple as that? 00:53:11.480 --> 00:53:12.480 TPROPHET: You can. 00:53:12.480 --> 00:53:17.510 It’s not the best way to spend the points though because the value that you’re gonna 00:53:17.510 --> 00:53:25.380 get redeeming points for premium cabin international flights is far and above what you would get 00:53:25.380 --> 00:53:28.829 by redeeming for, say, a flight to Tulsa, right? 00:53:28.829 --> 00:53:32.730 JACK: Ah, yes, there’s this whole theory of how to use your points in the most effective 00:53:32.730 --> 00:53:34.470 way that comes into play. 00:53:34.470 --> 00:53:37.299 Just credit card points by themselves are actually worth money. 00:53:37.299 --> 00:53:41.589 I mean, you can use them to pay off the credit card if you want or get gift cards in stores 00:53:41.589 --> 00:53:43.059 that you’re already visiting. 00:53:43.059 --> 00:53:47.500 So you might want to calculate how much you’re getting per point if you book a domestic trip 00:53:47.500 --> 00:53:48.500 using this. 00:53:48.500 --> 00:53:53.099 TPROPHET: Suppose that a 70,000-point flight costs $7,000 normally. 00:53:53.099 --> 00:53:56.860 Well, that’s around $0.10 per point, right, in value. 00:53:56.860 --> 00:54:00.040 If the flight was $11,000, it’s even more. 00:54:00.040 --> 00:54:06.069 JACK: Alright, so if you bought an $11,000 trip with those 70,000 points, you’re getting 00:54:06.069 --> 00:54:11.309 $0.15 per point which means the more expensive the trip is, it’s actually a better value 00:54:11.309 --> 00:54:13.720 as far as where you spend your points. 00:54:13.720 --> 00:54:17.099 Think about it like this; imagine going to a buffet but you’re charged on how much 00:54:17.099 --> 00:54:18.180 your food weighs. 00:54:18.180 --> 00:54:23.480 Well, a potato is pretty heavy versus, say, a salad so you can either have one potato 00:54:23.480 --> 00:54:26.660 or five giant salads for the same price. 00:54:26.660 --> 00:54:31.079 So, you could run calculations all day trying to figure out the most cost-effective way 00:54:31.079 --> 00:54:36.450 to spend your points, but I first laughed at TProphet for wasting money on first class 00:54:36.450 --> 00:54:39.130 airfare, knowing that it’s just overpriced. 00:54:39.130 --> 00:54:41.790 But first of all, he got it free. 00:54:41.790 --> 00:54:46.490 Second of all, flying from San Francisco to Hong Kong is a fourteen-hour flight and Hong 00:54:46.490 --> 00:54:49.310 Kong to Johannesburg is another thirteen-hour flight. 00:54:49.310 --> 00:54:55.080 When you’re doing trips that long, it is really nice to have a bed to sleep in on the 00:54:55.080 --> 00:54:56.089 way. 00:54:56.089 --> 00:55:00.299 Yeah, I guess I’m just flabbergasted at this point. 00:55:00.299 --> 00:55:07.550 Gosh, to [00:55:00] understand all this, it’s a little dizzying to know all these options. 00:55:07.550 --> 00:55:11.839 I think most people don’t even understand all these options exist out there when just 00:55:11.839 --> 00:55:17.390 – you – when I book a flight, I go to Hipmunk and then I find the cheapest one and 00:55:17.390 --> 00:55:18.390 I get on it. 00:55:18.390 --> 00:55:23.540 TPROPHET: That’s a totally valid approach if travel isn’t a super high priority to 00:55:23.540 --> 00:55:28.250 you and you don’t want to throw a lot of your personal bandwidth at it. 00:55:28.250 --> 00:55:34.470 I have a small business helping people book flights and so I just work in these programs 00:55:34.470 --> 00:55:35.770 every day. 00:55:35.770 --> 00:55:41.039 I got into owning a business doing this by just doing it with my own personal travel 00:55:41.039 --> 00:55:46.940 and then it kind of grew into a blog and then it grew into the small business that I have. 00:55:46.940 --> 00:55:53.750 Clearly, I’ve taken this way farther than most people do and that’s totally okay. 00:55:53.750 --> 00:56:00.890 The thing to know is that if you want to consume the output of what getting a bunch of points 00:56:00.890 --> 00:56:06.170 can get you, there are people who for money will help you with this. 00:56:06.170 --> 00:56:13.990 They’re just professional travel hackers and that is a thing. 00:56:13.990 --> 00:56:18.059 Totally okay to go that route if you don’t want to learn it all on your own. 00:56:18.059 --> 00:56:23.079 JACK: See, I didn’t even know any of this existed until now but as it turns out, TProphet 00:56:23.079 --> 00:56:29.480 actually started a company which helps people do this and his website is called Award.Cat 00:56:29.480 --> 00:56:31.970 and there’s another epic trip TProphet went on. 00:56:31.970 --> 00:56:37.400 In 2019, he went to travel from Seattle to Sri Lanka which is an island off the southern 00:56:37.400 --> 00:56:38.410 tip of India. 00:56:38.410 --> 00:56:45.170 TPROPHET: [MUSIC] I booked Seattle, LA on Alaska first class, Alaska and then this was 00:56:45.170 --> 00:56:47.540 again using Alaska Mileage Plan miles. 00:56:47.540 --> 00:56:50.280 That’s my favorite way to get Cathay Pacific. 00:56:50.280 --> 00:56:54.599 Cathay Pacific first, LA, Hong Kong, and then Cathay Pacific business ‘cause that’s 00:56:54.599 --> 00:56:57.010 the only cabin they operate from Hong Kong to Sri Lanka. 00:56:57.010 --> 00:57:01.220 JACK: Okay, so just regular class to LA? 00:57:01.220 --> 00:57:03.990 TPROPHET: No, no, regular first class on Alaska. 00:57:03.990 --> 00:57:05.119 So like, in the front of the plane. 00:57:05.119 --> 00:57:06.119 JACK: Okay, so first class to LA… 00:57:06.119 --> 00:57:09.059 TPROPHET: But not a lie-flat seat ‘cause Alaska just has those recliners, right? 00:57:09.059 --> 00:57:10.839 JACK: Yeah, it’s just the extra-wide one. 00:57:10.839 --> 00:57:12.720 TPROPHET: Yeah, it’s the extra-wide one. 00:57:12.720 --> 00:57:15.050 JACK: So, it’s first class there to LA and then… 00:57:15.050 --> 00:57:19.960 TPROPHET: Then the fancy Qantas lounge in LA, the Qantas first class lounge. 00:57:19.960 --> 00:57:23.300 You get lounges too with these tickets. 00:57:23.300 --> 00:57:25.580 You can be in the very, very fancy lounge. 00:57:25.580 --> 00:57:28.800 JACK: What’s in the fancy lounge in LA’s Qantas? 00:57:28.800 --> 00:57:32.880 TPROPHET: It’s the best first class lounge in the US. 00:57:32.880 --> 00:57:38.109 They bring you a proper Australian breakfast which was very much appreciated ‘cause I 00:57:38.109 --> 00:57:39.520 started way too early in the morning. 00:57:39.520 --> 00:57:40.520 JACK: In LA. 00:57:40.520 --> 00:57:41.520 TPROPHET: In LA. 00:57:41.520 --> 00:57:42.520 JACK: Okay. 00:57:42.520 --> 00:57:45.599 TPROPHET: I mean, they’re – yeah, it’s Qantas. 00:57:45.599 --> 00:57:46.599 JACK: Yeah. 00:57:46.599 --> 00:57:49.520 TPROPHET: Yeah, I mean, it’s nice. 00:57:49.520 --> 00:57:53.230 They have fast WiFi, it’s – they have tableside service. 00:57:53.230 --> 00:57:54.690 They just kind of bring food to you. 00:57:54.690 --> 00:57:56.250 You don’t have to go to a buffet or anything. 00:57:56.250 --> 00:57:58.960 They’re just like – they wait on you hand and foot in there. 00:57:58.960 --> 00:58:00.210 You get massage chairs. 00:58:00.210 --> 00:58:01.210 It’s really nice. 00:58:01.210 --> 00:58:05.710 JACK: Now, in case you don’t know, in these first class lounges, everything is free. 00:58:05.710 --> 00:58:09.630 Free WiFi, free buffet with food, free alcoholic drinks. 00:58:09.630 --> 00:58:13.359 In this one, there was a free massage. 00:58:13.359 --> 00:58:17.000 That is included with the flight or you have to pay extra for that, or how did you get 00:58:17.000 --> 00:58:18.000 in there? 00:58:18.000 --> 00:58:19.390 TPROPHET: No, it’s included ‘cause you’ve got a first class ticket, so you’ve got 00:58:19.390 --> 00:58:22.750 all the first class services and amenities including the fancy lounge. 00:58:22.750 --> 00:58:24.180 JACK: Yeah, okay, so… 00:58:24.180 --> 00:58:27.400 TPROPHET: I could have gone to the Cathay lounge but the Qantas one’s fancier and 00:58:27.400 --> 00:58:30.920 Cathay and Qantas are partners, so I was able to get into the Qantas lounge. 00:58:30.920 --> 00:58:33.380 JACK: Okay, so then you get on your Cathay flight. 00:58:33.380 --> 00:58:35.150 That’s a first class to Hong Kong. 00:58:35.150 --> 00:58:37.790 TPROPHET: Yeah, you know, cru champagne, caviar, the whole nine yards. 00:58:37.790 --> 00:58:39.040 I don’t eat caviar. 00:58:39.040 --> 00:58:40.290 Can’t do the fish. 00:58:40.290 --> 00:58:43.460 But yeah, you get waited on hand and foot, turndown service, everything. 00:58:43.460 --> 00:58:44.990 It’s super nice. 00:58:44.990 --> 00:58:54.160 Then in Hong Kong, somebody meets you at the plane and they whisk you through back corridors 00:58:54.160 --> 00:58:57.960 to your next flight, expedited security, the whole nine yards. 00:58:57.960 --> 00:59:02.040 You walk off the plane; you’re one of the first people off and there’s somebody holding 00:59:02.040 --> 00:59:05.600 a sign with your name on it and they’re like, right this way, Mr. TProphet. 00:59:05.600 --> 00:59:10.700 Yeah, it’s just like boom, they just whisk you to the next gate. 00:59:10.700 --> 00:59:14.299 Full VIP security treatment, the whole nine yards. 00:59:14.299 --> 00:59:16.290 You go through a special security. 00:59:16.290 --> 00:59:17.660 It’s not the normal one. 00:59:17.660 --> 00:59:20.390 It’s a special one just for you. 00:59:20.390 --> 00:59:24.280 Yeah, then you’re on – then I was on my next flight to – which was pretty empty 00:59:24.280 --> 00:59:25.650 – to Sri Lanka. 00:59:25.650 --> 00:59:30.241 JACK: But while he was on the trip to Sri Lanka, disaster struck and I don’t mean 00:59:30.241 --> 00:59:33.920 he lost his baggage or his headphones’ battery went dead. 00:59:33.920 --> 00:59:35.240 Much worse than that. 00:59:35.240 --> 00:59:38.200 HOST: We begin tonight with a horrific scene unfolding overseas. 00:59:38.200 --> 00:59:43.780 Eight bomb attacks targeting Christians and tourists in Sri Lanka and a ninth bomb targeting 00:59:43.780 --> 00:59:44.780 police. 00:59:44.780 --> 00:59:50.079 The series of explosions tearing through churches filled with worshipers attending Easter Mass. 00:59:50.079 --> 00:59:51.780 More than 200 people killed. 00:59:51.780 --> 00:59:53.059 Hundreds hurt. 00:59:53.059 --> 00:59:54.390 Several Americans among the victims. 00:59:54.390 --> 00:59:58.780 JACK: He learned about this just before he started the trip so he could have canceled 00:59:58.780 --> 01:00:03.549 this whole flight but he scheduled this a year in [01:00:00] advance and went through 01:00:03.549 --> 01:00:05.319 a ton of hoops to make this happen. 01:00:05.319 --> 01:00:08.839 TPROPHET: Well, I could have left the airport if I wanted to but there’s – the whole 01:00:08.839 --> 01:00:11.809 country was on state of emergency curfew lockdown. 01:00:11.809 --> 01:00:17.440 It’s like, not a – when there’s just been a series of coordinated terrorist attacks 01:00:17.440 --> 01:00:22.640 in a country, this isn’t a really fun time to be running around being a tourist. 01:00:22.640 --> 01:00:24.940 You don’t want to do that. 01:00:24.940 --> 01:00:26.589 JACK: You booked this whole flight a year in advance? 01:00:26.589 --> 01:00:29.609 TPROPHET: Yeah, I booked it almost a year in advance which was why I didn’t want to 01:00:29.609 --> 01:00:34.990 give it up, why I was like okay, what can I do to go onward from Sri Lanka? 01:00:34.990 --> 01:00:39.930 JACK: Yeah, so you – the thing is is that you’re arriving in this place that you don’t 01:00:39.930 --> 01:00:44.799 want to be in and so you’ve gotta – you’re looking for a flight out but usually you buy 01:00:44.799 --> 01:00:47.010 a flight a year in advance for the cheapest price. 01:00:47.010 --> 01:00:49.900 TPROPHET: Well so, here’s how I did this. 01:00:49.900 --> 01:00:53.280 SriLankan Airlines is part of oneworld. 01:00:53.280 --> 01:01:00.520 So is Cathay Pacific, so I looked for how I could get onto SriLankan Airlines onward 01:01:00.520 --> 01:01:01.520 to somewhere. 01:01:01.520 --> 01:01:07.069 There were two places I looked at; one was the Maldives and the other was the Seychelles. 01:01:07.069 --> 01:01:11.730 The thing with the Maldives is it’s really, really expensive once you get there. 01:01:11.730 --> 01:01:16.400 It’s a place to go for a honeymoon or a babymoon or something. 01:01:16.400 --> 01:01:18.650 I don’t have any romantic whatever. 01:01:18.650 --> 01:01:25.900 In fact, I had just been broken up with so I was like, not really in the mood for that. 01:01:25.900 --> 01:01:32.130 So, I looked at the Seychelles and there’s mid-range places that mostly cater to French 01:01:32.130 --> 01:01:33.710 people, for some reason. 01:01:33.710 --> 01:01:38.150 So, that’s fifty, sixty, seventy dollars a night. 01:01:38.150 --> 01:01:40.730 I thought okay, that’s a little more reasonable. 01:01:40.730 --> 01:01:45.980 I can do that in a rental car and I’ll be really near these – and the beaches in the 01:01:45.980 --> 01:01:50.220 Seychelles are all public so even if there’s a really fancy resort there, you can still 01:01:50.220 --> 01:01:51.410 go to the beach. 01:01:51.410 --> 01:01:53.560 That’s what I did. 01:01:53.560 --> 01:01:58.760 I booked a local place which was thoroughly immemorable but it was fine. 01:01:58.760 --> 01:02:05.190 I booked a local car and I booked SriLankan Airlines to the Seychelles onward from Sri 01:02:05.190 --> 01:02:08.440 Lanka on an itinerary that all walked. 01:02:08.440 --> 01:02:14.950 JACK: [MUSIC] So, to buy that flight to Seychelles was – you used points to get there too or 01:02:14.950 --> 01:02:16.190 did you have to pay out of pocket? 01:02:16.190 --> 01:02:17.190 TPROPHET: Of course. 01:02:17.190 --> 01:02:21.480 So, I used my favorite friend, British Airways Avios. 01:02:21.480 --> 01:02:25.230 What I did is I transferred some points from Chase over to British Airways and I used British 01:02:25.230 --> 01:02:29.200 Airwaves program to book on SriLankan Airlines. 01:02:29.200 --> 01:02:30.260 I got right up in the front. 01:02:30.260 --> 01:02:33.569 I got to sit next to the chief engineer which was super fun. 01:02:33.569 --> 01:02:35.140 JACK: How long was this flight? 01:02:35.140 --> 01:02:37.609 TPROPHET: It’s maybe a four-hour flight. 01:02:37.609 --> 01:02:38.940 JACK: Wow, that’s farther than I thought. 01:02:38.940 --> 01:02:40.650 TPROPHET: Yeah, it’s not super far. 01:02:40.650 --> 01:02:42.069 It’s four hours up there. 01:02:42.069 --> 01:02:45.829 You’re going from Sri Lanka all the way to – off the coast of – it’s actually 01:02:45.829 --> 01:02:49.010 off the coast of Mogadishu. 01:02:49.010 --> 01:02:52.799 If you go due west, then you’re in Somalia. 01:02:52.799 --> 01:02:57.849 JACK: I think this is an extraordinary skill or knowledge set to have; to first understand 01:02:57.849 --> 01:03:02.079 what banks and credit card companies offer the most points for using their cards, then 01:03:02.079 --> 01:03:05.430 to know what airlines these points can be redeemed at, then to know what trips those 01:03:05.430 --> 01:03:10.470 airlines offer with those points and then to be able to navigate this whole system to 01:03:10.470 --> 01:03:15.240 make changes so that even if there’s a terrorist attack, you still have a lovely time. 01:03:15.240 --> 01:03:17.710 TPROPHET: Yeah, it’s pretty fun. 01:03:17.710 --> 01:03:22.130 Onward from the Seychelles; so, here’s the thing, coming back, I had a ticket coming 01:03:22.130 --> 01:03:29.460 back from Sri Lanka and I had to – it wasn’t only getting from Sri Lanka to somewhere else. 01:03:29.460 --> 01:03:34.440 It was also fixing my return, right, ‘cause I had booked that well in advance as well. 01:03:34.440 --> 01:03:35.819 It was on Qatar Qsuites. 01:03:35.819 --> 01:03:38.750 JACK: Oh, right, so he didn’t go back the way he came. 01:03:38.750 --> 01:03:44.000 His return trip was to go from Sri Lanka to Doha, Qatar, a country in the Middle East, 01:03:44.000 --> 01:03:48.650 then take one of those Qsuite flights all the way to Los Angeles back home. 01:03:48.650 --> 01:03:50.720 These Qsuite seats are amazing. 01:03:50.720 --> 01:03:57.990 HOST2: Each spacious seat a private, personal living space, sets a new precedent in comfort. 01:03:57.990 --> 01:04:03.720 Featuring maximum compatibility for all your devices including HDMI and USB ports. 01:04:03.720 --> 01:04:09.480 Your seat also comes equipped with ambient adjustable mood lighting and fully lie-flat 01:04:09.480 --> 01:04:10.480 beds. 01:04:10.480 --> 01:04:14.349 JACK: These luxury seats sometimes have multiple TVs in your seat. 01:04:14.349 --> 01:04:18.660 Qsuites has one TV in your suite, but the thing’s like a 23-inch plasma screen and 01:04:18.660 --> 01:04:22.420 you get a table next to you to put your laptop on and there’s ports all over the place 01:04:22.420 --> 01:04:26.480 for laptops or tablets, whatever, which is really nice for a sixteen-hour flight. 01:04:26.480 --> 01:04:28.760 TPROPHET: Which are really, really, really hard to book. 01:04:28.760 --> 01:04:30.890 It’s the best business class in the world. 01:04:30.890 --> 01:04:35.130 There’s this door that slides shut, you get your own little suite. 01:04:35.130 --> 01:04:36.340 It’s pretty amazing. 01:04:36.340 --> 01:04:39.790 I didn’t want to give that up. 01:04:39.790 --> 01:04:45.859 What I ended up doing was looking and there was availability from the Seychelles up to 01:04:45.859 --> 01:04:47.339 Doha. 01:04:47.339 --> 01:04:51.350 What I ended up doing was just throwing myself on the mercy of American Airlines, so I found 01:04:51.350 --> 01:04:55.829 an itinerary that could work, but normally American charges you a lot of money to change 01:04:55.829 --> 01:04:56.980 a flight. 01:04:56.980 --> 01:05:01.300 It’s like, $150 change fee plus the difference in the miles. 01:05:01.300 --> 01:05:06.490 I called them up and I’m [01:05:00] like um, there were just terrorist attacks in Sri 01:05:06.490 --> 01:05:09.500 Lanka and I’m not going there anymore. 01:05:09.500 --> 01:05:13.900 Is there any possible way you’d make an exception and change the return from – to 01:05:13.900 --> 01:05:14.900 a different city? 01:05:14.900 --> 01:05:19.000 I know this isn’t in policy but terrorism; a terrorist attack. 01:05:19.000 --> 01:05:26.150 They’re like yeah, we’ll make a one-time exception because there’s active attacks 01:05:26.150 --> 01:05:30.450 going on in that country but don’t expect this in the future, blah, blah, blah. 01:05:30.450 --> 01:05:35.730 They did charge me the difference in miles which was another 5,000 miles, I think. 01:05:35.730 --> 01:05:40.089 JACK: He was able to arrange his flight back again using just points, but he couldn’t 01:05:40.089 --> 01:05:41.369 get the timing just right. 01:05:41.369 --> 01:05:45.730 His trip was screwed up just a little bit, so he had a fourteen-hour overnight layover 01:05:45.730 --> 01:05:47.950 in Qatar. 01:05:47.950 --> 01:05:51.440 One option is just to sleep at the gate in the terminal somewhere. 01:05:51.440 --> 01:05:55.160 I’ve done this before; in fact, I slept right on the doorway to my gate so that when 01:05:55.160 --> 01:05:58.880 they open the door and start letting passengers on, they would have to wake me up. 01:05:58.880 --> 01:06:01.460 But of course, TProphet has a better plan. 01:06:01.460 --> 01:06:06.090 TPROPHET: Fun thing; Qatar Airlines, if you have a business class ticket, you can buy 01:06:06.090 --> 01:06:09.099 up to the first class lounge. 01:06:09.099 --> 01:06:11.460 The first class lounge has bedrooms. 01:06:11.460 --> 01:06:14.890 They’re like little hotel rooms. 01:06:14.890 --> 01:06:23.010 I paid around $70 to get one of those bedrooms and I was able to just sleep overnight in 01:06:23.010 --> 01:06:27.110 the first class lounge, come out, have a very fancy breakfast in the morning, and then hop 01:06:27.110 --> 01:06:28.800 my flight back to LA. 01:06:28.800 --> 01:06:31.059 JACK: Do you have something booked for the future? 01:06:31.059 --> 01:06:32.059 TPROPHET: I do. 01:06:32.059 --> 01:06:37.089 I’ve got a flight to Uzbekistan, returning from Kazakhstan, and that’s in May. 01:06:37.089 --> 01:06:41.309 JACK: So you’re flying to Uzbekistan, then flying to Kazakhstan, then flying back? 01:06:41.309 --> 01:06:42.309 TPROPHET: Yeah. 01:06:42.309 --> 01:06:43.930 It’s a little dicey though ‘cause it’s in May. 01:06:43.930 --> 01:06:45.420 JACK: Yeah, that’s a little early. 01:06:45.420 --> 01:06:50.820 TPROPHET: It’s from Vancouver, BC ‘cause here in the Pacific Northwest, we have three 01:06:50.820 --> 01:06:53.930 major airports; Seattle, Portland, and Vancouver, BC. 01:06:53.930 --> 01:06:59.880 A lot of the time, fairly often I end up flying from Vancouver when I’m going internationally 01:06:59.880 --> 01:07:03.930 ‘cause it’s just easier to find availability. 01:07:03.930 --> 01:07:11.859 This is on Turkish from Vancouver to Istanbul and then Istanbul to Tashkent, and then I’m 01:07:11.859 --> 01:07:17.990 returning from Almaty to Istanbul and Istanbul back to Vancouver. 01:07:17.990 --> 01:07:19.799 JACK: These are all first class? 01:07:19.799 --> 01:07:20.799 TPROPHET: Business. 01:07:20.799 --> 01:07:23.460 That’s what Turkish operates. 01:07:23.460 --> 01:07:25.500 They have the world’s best catering on board. 01:07:25.500 --> 01:07:26.540 That’s their thing. 01:07:26.540 --> 01:07:28.280 They’ve got an on-board chef. 01:07:28.280 --> 01:07:29.280 JACK: Wow. 01:07:29.280 --> 01:07:31.060 TPROPHET: It’s pretty fun. 01:07:31.060 --> 01:07:33.310 JACK: Wow. 01:07:33.310 --> 01:07:35.560 That’s something. 01:07:35.560 --> 01:07:41.270 So, where do we learn more about how to do this or do you want to talk about how you 01:07:41.270 --> 01:07:42.410 can help people? 01:07:42.410 --> 01:07:43.849 TPROPHET: Sure. 01:07:43.849 --> 01:07:49.190 You can check Award.Cat and that’s our paid service. 01:07:49.190 --> 01:07:53.190 If you want to read my blog, it’s kind of out of date but that’s seat31B.com. 01:07:53.190 --> 01:07:59.289 That’s S-E-A-T 31B like ‘boy’ .com. 01:07:59.289 --> 01:08:02.839 JACK: Why is 31B the thing – the seat for you? 01:08:02.839 --> 01:08:09.480 TPROPHET: For me – keep in mind, I like this fancy stuff sitting up in front, but 01:08:09.480 --> 01:08:12.480 for me, remember, my goal is to join the Traveler’s Century Club. 01:08:12.480 --> 01:08:16.310 I want to visit 100 countries or territories and that’s kind of the track that I’m 01:08:16.310 --> 01:08:23.850 on right now which means that if I’m going somewhere like Palau and the only seat is 01:08:23.850 --> 01:08:27.750 the one all the way in the back next to the toilets that doesn’t recline, I am happy 01:08:27.750 --> 01:08:29.890 to have that seat as long as it’s free. 01:08:29.890 --> 01:08:32.230 JACK: These are all legal ways to get free flights. 01:08:32.230 --> 01:08:36.690 Not only does TProphet follow the letter of the law, but also follows the spirit of the 01:08:36.690 --> 01:08:37.730 rules. 01:08:37.730 --> 01:08:41.660 But there are people doing some gray and even black hat travel hacks out there. 01:08:41.660 --> 01:08:46.480 For instance, there’s this one crazy dude who prints up fake business cards just to 01:08:46.480 --> 01:08:47.719 get better deals in places. 01:08:47.719 --> 01:08:50.980 HACKER: [MUSIC] My business cards are not a hoax, okay? 01:08:50.980 --> 01:08:54.239 It’s a matter of excellence. 01:08:54.239 --> 01:09:00.719 If it’s $1,000 a night but Raytheon gets it for $195, I think you’re a schmuck if 01:09:00.719 --> 01:09:04.940 you don’t become a Raytheon employee through Vistaprint for $4.95. 01:09:04.940 --> 01:09:09.640 JACK: Yeah, so he uses a fake business card to sort of prove he works at some place to 01:09:09.640 --> 01:09:11.299 get a corporate discount. 01:09:11.299 --> 01:09:14.529 Another thing this guy likes to do is book a refundable ticket which comes with free 01:09:14.529 --> 01:09:18.580 access to the airport’s first class lounge, and then he’ll go to the lounge all day 01:09:18.580 --> 01:09:22.949 and do work, and then he’ll cancel his flight and get his money back which essentially gave 01:09:22.949 --> 01:09:25.120 him free lounge access. 01:09:25.120 --> 01:09:27.730 What he’s doing is wrong and he knows it. 01:09:27.730 --> 01:09:28.730 You know what? 01:09:28.730 --> 01:09:31.839 If airlines figure out that you’re trying to cheat the system, they’ll come at you 01:09:31.839 --> 01:09:32.980 and cancel your flight. 01:09:32.980 --> 01:09:37.920 There’s a thing called a contract of carriage which many airlines adopt as their rules. 01:09:37.920 --> 01:09:41.650 If you break the rules by misrepresenting yourself or just being too much of a pain 01:09:41.650 --> 01:09:45.759 in the butt, they’ll straight up cancel your return trip home and leave you stranded, 01:09:45.759 --> 01:09:48.640 so you really got to watch out what advice you follow. 01:09:48.640 --> 01:09:52.549 Another gray area of getting free flights is this whole credit card juggling thing where 01:09:52.549 --> 01:09:58.010 you just go back and forth paying off credit cards with credit cards to get free points. 01:09:58.010 --> 01:10:01.780 Of course, credit card companies don’t like it and will try to spot this sort of thing. 01:10:01.780 --> 01:10:05.449 Also, I want to [01:10:00] reiterate this whole method that TProphet uses to get points 01:10:05.449 --> 01:10:10.040 through credit cards; only try that if you’re good at paying off your credit cards every 01:10:10.040 --> 01:10:11.040 month. 01:10:11.040 --> 01:10:16.280 If you have to pay interest fees to get points, it’s never worth the points. 01:10:16.280 --> 01:10:21.130 This method isn’t for everyone and there’s also black hat methods for free flights. 01:10:21.130 --> 01:10:25.750 Like, this is when you’re stealing other people’s miles or points and transferring 01:10:25.750 --> 01:10:27.820 them to your account. 01:10:27.820 --> 01:10:33.409 Because if you could somehow put 100,000 points into your account, you could fly wherever 01:10:33.409 --> 01:10:38.430 you wanted for free and you could do this by hacking into someone else’s credit card 01:10:38.430 --> 01:10:43.070 rewards portal and transferring the points to you or hack into the airlines themselves 01:10:43.070 --> 01:10:45.390 and just put points into your account. 01:10:45.390 --> 01:10:48.420 Don’t do that because that’s illegal. 01:10:48.420 --> 01:10:52.739 But if you’re really bent on hacking an airline to get free flights, there is a legal 01:10:52.739 --> 01:10:54.350 way to do that. 01:10:54.350 --> 01:10:59.980 United Airlines has a bug bounty program where they pay rewards for anyone who can find vulnerabilities 01:10:59.980 --> 01:11:01.410 in their systems. 01:11:01.410 --> 01:11:02.410 Guess what? 01:11:02.410 --> 01:11:04.920 They can pay you in rewards points if you prefer. 01:11:04.920 --> 01:11:09.219 So, go check out their bug bounty program, figure out what’s in scope, and go hack 01:11:09.219 --> 01:11:10.330 your way to some free trips. 01:11:10.330 --> 01:11:22.580 (OUTRO):[OUTRO MUSIC] A big thank you to Alex Hope, AKA Mango PDF 01:11:22.580 --> 01:11:23.580 for your story. 01:11:23.580 --> 01:11:26.739 You can find more about Alex at his blog which is mango.pdf.zone. 01:11:26.739 --> 01:11:32.380 Also, thanks to TProphet for sharing some pretty extreme flight hacking tips with us. 01:11:32.380 --> 01:11:37.969 You can read his blog at seat31B.com and check out Award.Cat if you want help spending your 01:11:37.969 --> 01:11:38.969 travel points effectively. 01:11:38.969 --> 01:11:43.670 If you like this show, if it brings value to you, consider donating to it through Patreon. 01:11:43.670 --> 01:11:47.250 By directly supporting the show, it really does help keep the show going because most 01:11:47.250 --> 01:11:50.210 of all, it tells me that you like it and want more of it. 01:11:50.210 --> 01:11:55.020 Please visit patreon.com/darknetdiaries and consider supporting the show. 01:11:55.020 --> 01:11:56.020 Thank you. 01:11:56.020 --> 01:11:58.690 This show is made by me, the low-flier, Jack Rhysider. 01:11:58.690 --> 01:12:02.610 This episode was produced by the travel-sized Christian Green and our theme music is done 01:12:02.610 --> 01:12:05.300 by the sonic booming Breakmaster Cylinder. 01:12:05.300 --> 01:12:10.510 Even though I root around in an HTML ball pit just for fun sometimes, this is Darknet 01:12:10.510 --> 01:12:18.130 Diaries.