Disclaimer: The transcript that follows has been generated using artificial intelligence. We strive to be as accurate as possible, but minor errors and slightly off timestamps may be present.
You can click the timestamp to jump to that time.
Lex Fridman (00:00):
The following is a conversation with Chris Tarbell, a former FBI special agent and cybercrime specialist who tracked down and arrested Russ Ulbricht, the leader of Silk Road, the billion-dollar drug marketplace. And he tracked down and arrested Hector Monsegur, aka Sabu, of LulzSec and Anonymous, which are some of the most influential hacker groups in history.
He is co-founder of Naxo, a complex cybercrime investigation firm, and is a co-host of a podcast called The Hacker and the Fed. This conversation gives the perspective of the FBI cybercrime investigator, both the technical and the human story. I would also like to interview people on the other side, the cybercriminals who have been caught, and perhaps the cybercriminals who have not been caught and are still out there.
And now, a quick few-second mention of each sponsor. Check them out in the description. It’s the best way to support this podcast. We got True Classic Tees for shirts, Insight Tracker for bio-monitoring, ExpressVPN for privacy, BetterHelp for mental health, and Blinkist for non-fiction. Choose wisely, my friends. And now, onto the full ad reads. As always, no ads in the middle. I try to make this interesting, but if you skip them, please still check out our sponsors. I enjoy their stuff. Maybe you will, too.
This show is brought to you by True Classic Tees, high-quality, soft, slim-fitted t-shirts for men. They also make other menswear staples like polos, workout shirts, and boxers, but I have a lot of their black t-shirts. That’s my main go-to. I’m not exactly sure why. There’s a certain kind of comfort in having a great t-shirt that all looks the same. Having many of them. So it removes that extra little decision in your life. So you can liberate your mind to focus on the more difficult decisions in your life. So it’s just this reliable thing I can count on. Either I wear a suit, or I wear a True Classic Tee t-shirt.
That’s it. That’s all I need to worry about. Life is simple. And there’s a kind of minimalist aesthetic to a black t-shirt that just brings out the best in me. Makes my soul sing. I think it’s also, in part, a programmer aesthetic, engineer aesthetic. I’m not exactly sure. But I do know that a lot of programmers I hang out with often wear black t-shirts. So I’m not sure what that’s about. That could also just be, in general, a guy thing.
I’m gonna have to get some data on that. Anyway, go to trueclassic.com and enter code LEX to get 25% off. This show is also brought to you by InsideTracker, a service I use to track biological data. Your lifestyle decisions should be made based on data coming from your own body. I can’t wait until the day that we have high bandwidth signal coming from the body at a frequency that is exceptionally high so we have this short-term and long-term data about what’s going on inside our body. Just raw data. So machine learning algorithms can just interpret that data to make decisions based on.
I mean, to me, that is such an exciting world of creating systems that are able to truly listen to our body. There’s experiences I have by going to doctors. I think the job of a doctor is so difficult. They get just few little inklings into the symptoms you provide. There’s some data they can collect. They can do MRIs and all that kind of scans.
It’s not a high-resolution picture of what’s going on in your body. Now, if you’re the average case for a particular condition or disease or a particular issue you’re having in your life, yeah, fine. But a lot of us are not the perfectly representative average case. In fact, most humans aren’t. And so it makes sense that we should be looking at that specific person to make decisions for that person. Anyway, get special savings for a limited time when you go to insighttracker.com slash flex.
This show is brought to you by ExpressVPN. I use them to protect my privacy on the internet. This conversation talks a lot about Tor, which is a super extreme way to protect your privacy on the internet. Now, that’s like advanced stuff. The basic stuff that everybody should be doing is a VPN. Everybody. And my favorite VPN, long, long, long before they were a sponsor, has been ExpressVPN. Big, sexy button. It just works. It’s super fast. Any operating system, including Linux, whatever your favorite flavor of Linux is, and I’ve tried them all.
I like all of the flavors. That’s actually factually incorrect because I love all the flavors of Linux that I’ve tried, but there’s a huge amount of them. I think there’s a website called DistroWatch that looks at the popularity based on how often they’re searched, I think, of different distributions of Linux. And it’s kind of cool to see all the different flavors. It’s really exciting how active the community is in the development of those flavors. Anyway, go to expressvpn.com slash LexPod for an extra three months free.
This episode is sponsored by BetterHelp, spelled H-E-L-P, help. I think there’s a lot of ways in which social media reveals the mental instabilities that we have, the sort of the rollercoaster of life. And it’s easy to lose yourself on that and not seek balance and a deep exploration of your mind beyond that kind of shallow rollercoaster. Now, I’m a huge believer of talk therapy as a way to do that kind of serious exploration, however you do that. And I think the great thing about BetterHelp is it’s super easy to do that. It makes it accessible to try. You get access to a licensed professional really quickly. Your mind is the most precious thing you have, so make sure you take care of it. It’s easy, private, affordable, available anywhere. You can check it out at betterhelp.com slash Lex and save on your first month.
This show is also brought to you by Blinkist, my favorite app for learning new things. Blinkist takes key ideas from thousands of nonfiction books and condenses them down into 15 minutes that you can read or listen to. There’s actually AI systems that I’ve recently been seeing pop up that do summarization. And let me tell you something.
While that’s nice and everything, they do not do nearly as good of a job as humans do, especially when those humans are the sort of world-class humans, whoever they are, behind Blinkist. There’s really an extra level, an extra depth of insight that Blinkist is able to do for nonfiction books. It’s not just that it’s brief. It’s also somehow reveals something new, even for books I’ve read. It’s revisiting the summaries gives me a new perspective in that book. I don’t know, it’s really, really powerful. So I recommend it not just for books you haven’t read, but also for books you have read. And it includes basically all the major nonfiction books you can think of. You can claim a special offer for savings if you visit blinkist.com slash Lex. This is a Lex Friedman podcast. To support it, please check out our sponsors in the description. And now, dear friends, here’s Chris Tarbell.
You are one of the most successful cybersecurity law enforcement agents of all time. You tracked and brought down Russ Albrecht, aka Dread Pirate Robbers, who ran Silk Road, and Sabu of LulzSec and Anonymous, who was one of the most influential hackers in the world. So first, can you tell me the story of tracking down Russ Albrecht and Silk Road? Let’s start from the very beginning. And maybe let’s start by explaining what is the Silk Road.
Chris Tarbell (08:35):
It was really the first dark market website. You literally could buy anything there. Take that back. There’s two things you couldn’t buy there. You couldn’t buy guns because that was a different website. And you couldn’t buy fake degrees. So no one could become a doctor. But you could buy literally whatever else you wanted. You could- Drugs. You could buy heroin right from Afghanistan, the good stuff. Hacking tools, you could hack for hire. You could buy murders for hire if you wanted someone killed.
Now, so when I was an FBI agent, I had to kind of sell some of these cases. And this was a big drug case. That’s the way people saw Silk Road. So internally to the FBI, how I had to sell it, I had to find the worst thing on there that I could possibly find. And I think one time I saw a posting for baby parts. So let’s say that you had a young child and that needed a liver. You could literally go on there and ask for a six-month-old liver if you wanted to.
Lex Fridman (09:32):
For like surgical operations versus something darker.
Chris Tarbell (09:36):
Yeah, I never saw anything that dark as far as people wanted to e-body parts. I did interview a cannibal once when I was in the FBI. That’s another crazy story. But that one actually weirded me out.
Lex Fridman (09:46):
So I just watched Jeffrey Dahmer documented on Netflix and it just changed the way I see human beings because it’s a portrayal of a normal looking person doing really dark things and doing so not out of a place of insanity seemingly, but just because he has almost like a fetish for that kind of thing. It’s disturbing that people like that are out there. So people like that would then be using Silk Road, not like that necessarily, but people of different walks of life would be using Silk Road to primarily, what was the primary thing? Drugs?
Chris Tarbell (10:24):
Primary drugs, and that’s where it started. It started off with Ross Ulbrich growing mushrooms out in the wilderness of California and selling them. But really his was more of a libertarian viewpoint. I mean, it was like you choose what you wanna do for yourself and do it. And the way Silk Road kind of had the anonymity is it used what’s called TOR, the Onion Router, which is an anonymizing function on the deep web. It was actually invented by the US Navy back in the mid 90s or so, but it also used cryptocurrency. So it was the first time that we saw this birth on the internet of mixing cryptocurrency and an IP blocking software. So in cybercrime, you go after one, the IP address and trace it through the network, or two, you go after the cash. And this one kind of blocked both.
Lex Fridman (11:11):
Cash meaning the flow of money, physical or digital. And then IP is some kind of identifying thing of the computer.
Chris Tarbell (11:20):
It’s your telephone number on your computer. So yeah, all computers have a unique four octet numbers. So 22.214.171.124. And the computer uses DNS or domain name services to render that name. So if you were looking for cnn.com, your computer then translates that to that IP address or that telephone number where it can find that information.
Lex Fridman (11:46):
Didn’t Silk Road used to have guns in the beginning? Or was that considered to have guns? Or did it naturally emerge and then Russ realized like this is not good?
Chris Tarbell (11:56):
It went back and forth. I think there were guns on there and he tried to police it. You know, he told himself that the captain of the boat, so he had to follow his rules. So, you know, I think he would took off those posts eventually and moved guns elsewhere.
Lex Fridman (12:10):
What was the system of censorship that he used? Like of selecting what is okay and not okay? I mean- Him alone, he’s the captain of the boat. Do you know by chance if there was a lot of debates and criticisms internally amongst the criminals of what is and isn’t allowed? I mean, it’s interesting to see a totally different moral code emerge that’s outside the legal code of society.
Chris Tarbell (12:35):
We did get the server and was able to read all of the chat logs that happened. I mean, all the records were there. I don’t remember big debates. I mean, there was a clear leadership and that was the final decision. That was the CEO of Silk Road.
Lex Fridman (12:50):
And so primarily it was drugs and primarily out of an ideology of freedom, which is if you want to use drugs, you should be able to use drugs.
Chris Tarbell (13:02):
You should put into your body what you want to put in your body.
Lex Fridman (13:04):
And when you were presenting a case of why this should be investigated, you were trying to find, as you mentioned, the worst possible things on there. Is that what you were saying?
Chris Tarbell (13:14):
So we had arrested a guy named Jeremy Hammond and he hit himself. He was a hacker and we arrested him. It was the second time he had been arrested for hacking. He used Tor. And so that kind of brought us to a point. The FBI has a computer system where you look up things. You look up anything. I could look up your name or whatever if you’re associated with my case. And we were finding at the time a lot of things in, you look it up, a case would end. Be like, oh, this is Tor. And just stop.
Like we couldn’t get any further. So we had just had this big arrest of Sabu and took down Anonymous. And sometimes in the FBI, the way it used to, the old school FBI, when you had a big case and you’re working seven days a week and 14 hours, 15 hours a day, you sort of take a break. The boss kind of said, yeah, I’ll see you in a few months. Go get to know your family a little bit and come back.
The group of guys I was with was like, let’s find the next big challenge. And that’s when we were finding case closed. It was Tor, case closed, it was Tor. So said, let’s take a look at Tor and let’s see what we can do. Maybe we’ll take a different approach. And Silk Road was being looked at by other law enforcement, but it was taken like a drug approach where I’m going to find a drug buyer who got drugs sent to them in the mail and let’s arrest up, let’s go up the chain. But the buyers didn’t know their dealers. They never met them.
Lex Fridman (14:34):
And so you were taking a cybersecurity approach.
Chris Tarbell (14:37):
Yeah, we said, let’s try to look at this from a cyber approach and see if we can gleam anything out of it.
Lex Fridman (14:44):
So I’m actually indirectly connected to, I’m sure I’m not admitting anything that’s not already on my FBI file.
Chris Tarbell (14:53):
Oh, I can already tell you what you’re gonna tell me though. What’s that? That when you were at college, you wrote a paper and you’re connected to the person that started. You son of a bitch.
Lex Fridman (15:01):
You son of a bitch. You clever son of a bitch.
Chris Tarbell (15:03):
I’m an FBI agent or a former FBI agent. Well, how would I not have?
Lex Fridman (15:06):
No, but I could have told you other stuff.
Chris Tarbell (15:08):
No, that’s exactly what you were about to tell me.
Lex Fridman (15:10):
I was looking up his name because I forgot it. So one of my advisors for my PhD was Rachel Greenstead and she is married to Roger Dingle Dine, which is the co-founder of the Tor Project. And I actually reached out to him last night to do a little podcast together. I don’t know. No, it was a good party trick. I mean, it’s cool that you know this and the timing of it, it was just like beautiful. But just to linger on the Tor Project and so we understand. So Tor is this black box that people disappear in, in terms of like the, when you were tracking people. Can you paint a picture of what Tor is used in general? Are there, it’s like when you talk about Bitcoin, for example, cryptocurrency, especially today, much more people use it for legal activity versus illegal activity. What about Tor?
Chris Tarbell (16:10):
Tor was originally invented by the U.S. Navy so that like spies inside countries could talk to spies and no one could find them. There was no way of tracing them. And then they released that information free to the world. So Tor has two different versions of, not versions, two different ways it can be utilized. There’s.onionsites, which is like a normal website, a.com, but it’s only found within the Tor browser. You can only get there if you know the whole address and get there. The other way Tor is used is to go through the internet and then come out the other side if you want a different IP address, if you’re trying to hide your identity. So if you were doing like, say, cybercrime, I would have the victim computer and I would trace it back out to a Tor relay. And then because you don’t have an active connection or what’s called a circuit at the time, I wouldn’t be able to trace it back. But even if you had an active circuit, I would have to go to each machine physically live and try to rebuild that, which is literally impossible. Literally impossible.
Lex Fridman (17:04):
So what do you feel about Tor, ethically, philosophically, as a human being on this world that spent quite a few years of your life and still trying to protect people?
Chris Tarbell (17:16):
So part of my time in the FBI was working on child exploitation, kiddie porn, as they call it. That really changed my life in a way. And so anything that helps facilitate the exploitation of children fucking pisses me off. And that sort of jaded my opinion towards Tor, because that, because it helps facilitate those sites.
Lex Fridman (17:39):
So this ideal of freedom that Russell Albrecht, for example, tried to embody, is something that you don’t connect with anymore because of what you’ve seen that ideal being used for.
Chris Tarbell (17:56):
I mean, the child exploitation is a specific example for it. And it’s easy for me to sit here and say child exploitation, child porn, because no one listening to this is ever going to say that I’m wrong and that we should allow child porn. Should, because some people utilize it in a bad way, should it go away? No, I mean, I’m a technologist. I want technology to move forward. People are gonna do bad things and they’re going to use technology to help them do bad things.
Lex Fridman (18:25):
Well, let me ask you then, oh, we’ll jump around a little bit, but the things you were able to do in tracking down information, and we’ll get to it, there is some suspicion that this was only possible with mass surveillance, like with NSA, for example. First of all, is there any truth to that? And second of all, what do you feel are the pros and cons of mass surveillance?
Chris Tarbell (18:52):
There is no truth to that. And then my feelings on mass surveillance. If there was, would you tell me? Probably not.
Lex Fridman (18:58):
Yeah. I love this conversation so much. But what do you feel about the, given that you said child porn, what are the pros and cons of surveillance at a society level?
Chris Tarbell (19:13):
I mean, nobody wants to give up their privacy. I say that, I say no one wants to give up their privacy, but I mean, I used to have to get a search warrant to look inside your house, or I can just log onto your Facebook and you’ve got pictures of all inside your house and what’s going on. I mean, it’s not, you know, so people like the idea of not giving up their privacy, but they do it anyways. They’re giving away their freedoms all the time. They’re carrying watches that gives out their heartbeat to a weight of companies that are storing that. I mean, what’s more personal than your heartbeat?
Lex Fridman (19:42):
So I think people on mass really want to protect their privacy. And I would say most people don’t really need to protect their privacy. But the case against mass surveillance is that if you want to criticize the government in a very difficult time, you should be able to do it. So when you need the freedom, you should have it. So when you wake up one day and realize there’s something going wrong with the country I love, I want to be able to help. And one of the great things about the United States of America is there’s that individual revolutionary spirit.
Like so that the government doesn’t become too powerful. You can always protest. There’s always the best of the ideal of freedom of speech. You can always say, fuck you to the man.
And I think there’s a concern of direct or indirect suppression of that through mass surveillance. You might not, is that that little subtle fear that grows with time, that why bother criticizing the government? It’s going to be a headache. I’m going to get a ticket every time I say something bad, that kind of thing. So it can get out of hand. The bureaucracy grows and the freedoms slip away. That’s the criticism, right?
Chris Tarbell (21:01):
I completely see your point and I agree with it. I mean, on the other side, people criticize the government of these freedoms, but I mean, tech companies talk about destroying your privacy and controlling what you can say. I realize they’re private platforms and they can decide what’s on their platform, but they’re taking away your freedoms of what you can say. And we’ve heard some things where maybe government officials were in line with tech companies to take away some of that freedom. And I agree with you, that gets scary.
Lex Fridman (21:29):
Yeah, there’s something about government that feels, maybe because of the history of human civilization, maybe because tech companies are a new thing, but just knowing the history of abuses of government, there’s something about government that enables the corrupting nature of power to take hold at scale, more than tech companies, at least what we’ve seen so far.
Chris Tarbell (21:54):
Yeah, I agree, I agree. But I mean, we haven’t had a voice like we’ve had until recently. I mean, anyone that has a Twitter account now can speak and become a news article. You know, my parents didn’t have that voice. If they wanted to speak out against the government or do something, they had to go to a protest or organize a protest or, you know, do something along those lines. So, you know, we have more of a place to put our voice out now.
Lex Fridman (22:20):
Yeah, that’s incredible, but that’s why it hurts. And that’s why you notice it when certain voices get removed. The president of the United States of America was removed from all such platforms, and that hurts.
Chris Tarbell (22:34):
Yeah, that’s crazy to me. That’s insane. That’s insane that we took that away, but.
Lex Fridman (22:39):
Let’s return to Silk Road and Russell Briggs. So how did your path with this very difficult, very fascinating case cross?
Chris Tarbell (22:52):
Well, we were looking to open a case against TOR because it was a problem. All the cases were closing because TOR. So we went on TOR and we came up with 26 web, different onion, dotting onions that we targeted. We were looking for nexuses to hacking because I was on a squad called CY2, and we were like the premier squad in New York that was working criminal cyber intrusions. And so any website that was offering hackers for hire or hacking tools for free or paid services, now we’re seeing ransomware as a paid service and phishing as a paid service, anything that offered that. So we opened this case on, I think we called it, so you have to name cases. One of the fun thing in the FBI is when you start a case, you get to name it. You would not believe how much time is spent in coming up with the name, in case you go spy. I think we called this Onion Peeler because.
Lex Fridman (23:50):
So a little bit of humor, a little bit of wit, and some profundity to the language, yeah, yeah. Yeah. Because you’re gonna have to work with this for quite a lot, so.
Chris Tarbell (24:00):
Yeah, this one had the potential of being a big one because I think Silk Road was like the sixth on the list for that case, but we all knew that was sort of the golden ring. If you could make the splash that that Onion site was going down, then it would probably get some publicity. And that’s part of law enforcement is getting some publicity out of it that makes others think not to do it.
Lex Fridman (24:22):
I wish to say that Tor is the name of the project, the browser, what is the Onion technology behind Tor?
Chris Tarbell (24:30):
Let’s say you wanna go to a.onion site. You’ll put in the.onion you wanna go to, and your computer will build communications with a Tor relay, which are all publicly available out there but you’ll encrypt it, you’ll put a package around your data and so it’s encrypted and so can’t read it. It goes to that first relay. That first relay knows about you and then knows about the next relay down the chain. And so it takes your data and then encrypts that on the outside and sends it to relay number two.
Now, relay number two only knows about relay number one. It doesn’t know who you are asking for this. And it goes through there, adding those layers on top, layers of encryption till it gets to where it is. And then even the Onion service doesn’t know, except for the relay it came from, who it’s talking to. And so it peels back that, gives the information, puts another layer back on. And so it’s layers like you’re peeling an onion back of the different relays and that encryption protects who the sender is and what information they’re sending.
Lex Fridman (25:31):
The more layers there are, the more exponentially difficult it is to decrypt it.
Chris Tarbell (25:36):
I mean, you get to a place where you don’t have to have so many layers because it doesn’t matter anymore. It’s mathematically impossible to decrypt it. But the more relays you have, the slower it is. I mean, that’s one of the big drawbacks on Tor is how slow it operates.
Lex Fridman (25:52):
So how do you peel the onion? So what are the different methodologies for trying to get some information from a cybersecurity perspective on these operations like the Silk Road?
Chris Tarbell (26:05):
It’s very difficult. People have come up with different techniques. There’s been techniques to put out in the news media about how they do it, running like massive amounts of relays and you’re controlling those relays. I think somebody tried that once.
Lex Fridman (26:20):
So there’s a technical solution. And what about social engineering? What about trying to infiltrate the actual humans that are using the Silk Road and trying to get in that way?
Chris Tarbell (26:34):
Yeah, I mean, I definitely could see the way of doing that. And in this case, in our takedown, we used that. There was one of my partners, Jared Derrigan, he was an HSI investigator and he had worked his way up to be a system admin on the site. So that did gleam quite a bit of information because he was inside and talking to, at that time, we only know it as DPR or Dread Pirate Roberts. We didn’t know who that was yet, but we had that open communication.
And one of the things, the technical aspects on that is there was a Jabber server that was, that’s a type of communication server that was being used. And we knew that Ross had his Jabber set to Pacific time. So we had a pretty good idea what part of the country he was in.
Lex Fridman (27:28):
I mean, isn’t that, from DPR’s perspective, from Russ’s perspective, isn’t that clumsy?
Chris Tarbell (27:35):
He wasn’t a, he wasn’t a big computer guy.
Lex Fridman (27:37):
Do you notice that aspect of like the technical savvy of some of these guys doesn’t seem to be quite, why weren’t they good at this?
Chris Tarbell (27:44):
Well, the real techie savvy ones, we don’t arrest.
Lex Fridman (27:47):
We don’t get to them, we don’t find them. You don’t get to them. Shout out to the techie criminals. They’re probably watching this.
Chris Tarbell (27:56):
I mean, yeah, I mean, we’re getting the low hanging fruit. I mean, we’re getting the ones that can be caught. I mean, you know, I’m sure we’ll talk about it, but the anonymous case, there was a guy named A.V. Unit. He’s still, I lose sleep over him because we didn’t catch him. We caught everybody else, we didn’t catch him. He’s good though. He pops up too once in a while on the internet and it pisses me off. Yeah, what’s his name again? A.V. Unit, that’s all I know is his A.V. Unit. A.V. Unit. I got a funny story about him and who people think he is.
Lex Fridman (28:23):
Can I actually, can we go on that brief tangent? Sure, I love tangents. Well, let me ask you, since he’s probably he or she, do we know it’s a he?
Chris Tarbell (28:34):
We have no idea. Okay. I mean, that’s another funny story about hackers, the he-she issue.
Lex Fridman (28:39):
What’s the funny story?
Chris Tarbell (28:40):
Well, one of the guys in LulzSec was a she, it was a 17-year-old girl. And my source in the case, the guy, Sabu, that I arrested and part of it, we sat side by side for nine months and then took down the case and all that. He was convinced she was a girl and he said, and he was in love with her almost at one point. It turns out to be a 35-year-old guy living in England.
Lex Fridman (29:05):
Oh, so he was convinced it was a girl? Oh, so he was convinced it was a… Yes, he was absolutely convinced. Based on what exactly, by linguistic, like human-based linguistic analysis or what?
Chris Tarbell (29:15):
She, he, whatever, you know, Kayla, so it ended up being like a modification of his sister’s name, the real guy’s sister’s name, was so good at building the backstory. All these guys, and it’s funny, these guys are part of a hacking crew, they social engineer the shit out of each other. Just to build, if one of them ever gets caught, they’ll convince everybody else that they’re a Brazilian ISP owner or something like that, and that’s how I’m so powerful.
Lex Fridman (29:43):
Well, yeah, that social engineering aspect is part of living a life of cybercrime or cybersecurity on the offensive or defensive. So AV unit, can I ask you also just a tangent of a tangent first? That’s my favorite tangent. Okay. Is it possible for me to have a podcast conversation with somebody who hasn’t been caught yet, and because they have the conversation, they still won’t be caught? And is that a good idea? Meaning, is there a safe way for a criminal to talk to me on a podcast?
Chris Tarbell (30:19):
I would think so. I would think that someone could, I mean, someone who has been living a double life for long enough where you think they’re not a criminal.
Lex Fridman (30:29):
No, no, no, no, they would have to admit that they would say I am AV unit.
Chris Tarbell (30:34):
Oh, you would wanna have a conversation with AV unit? Yes.
Lex Fridman (30:39):
Is there a way? I’m just speaking from an FBI perspective, technically speaking, because I, so let me explain my motivation. Sure. I think I would like to be able to talk to people from all walks of life and understanding criminals, understanding their mind, I think is very important.
And I think there’s fundamentally something different between a criminal who’s still active versus one that’s been caught. The mind, just from observing it, changes completely once you’re caught. You have a big shift in your understanding of the world. I mean, I do have a question about the ethics of having such conversations, but first, technically, is it possible?
Chris Tarbell (31:27):
If I was technically advising you, I would say, first off, don’t advertise it. The fewer people that you’re gonna tell that you’re having this conversation with, the better. And yeah, you could, are you doing it in person?
Lex Fridman (31:39):
Are you doing it in- In person would be amazing, yeah, but their face would not be shown.
Chris Tarbell (31:43):
Face would not be shown. Yeah, I mean, you couldn’t publish the show for a while. They’d have to put a lot of trust in you, that you are not going to, you’re gonna have to alter those tapes. I say tapes, because it’s old school, you know? It’s a tape. Exactly, I’m sure a lot of people just said that, like, oh, shit, this old guy just said, tape.
Lex Fridman (32:01):
I heard of VHS, it was in the 1800s, I think.
Chris Tarbell (32:05):
But yeah, yeah, you could do it. They’d have to have complete faith and trust in you, that you destroy the originals after you’ve altered it.
Lex Fridman (32:14):
What about if they don’t have faith? Is there a way for them to attain security? So, like, for me to go through some kind of process where I meet them somewhere,
Chris Tarbell (32:25):
where I’m, I mean, you’re not gonna do it without a bag over your head. I don’t know if that’s the life you wanna live.
Lex Fridman (32:30):
I’m fine with a bag over my head. That’s gonna get taken out of context. But I just, I think it’s a worthy effort. It’s worthy to go through the hardship of that, to understand the mind of somebody. I think, fundamentally, conversations are a different thing than the operation of law enforcement. Understanding the mind of a criminal, I think, is really important.
Chris Tarbell (32:51):
I don’t know if you’re gonna have the honest conversation that you’re looking for. I mean, it may sound honest, but it may not be the truth. I found most times when I was talking to criminals, it’s lies mixed with half-truths. And you kinda, if they’re good, they can keep that story going for long enough. If they’re not, you kind of see the relief in them when you finally break that wall down.
Lex Fridman (33:13):
That’s the job of an interviewer. If the interviewer is good, then perhaps not directly, but through the gaps, seeps out the truth of the human being. So not necessarily the details of how they do the operations and so on, but just who they are as a human being, what their motivations are, what their ethics are, how they see the world, what is good, what is evil, do they see themselves as good, what do they see their motivation as, do they have resentment, what do they think about love for the people within their small community, do they have resentment for the government or for other nations or for other people, do they have childhood issues that led to a different view of the world than others perhaps have, do they have certain fetishes, like sexual and otherwise, that led to the construction of the world. They might be able to reveal some deep flaws to the cybersecurity infrastructure of our world, not in detail, but like philosophically speaking.
They might have, I know you might say it’s just a narrative, but they might have a kind of ethical concern for the well-being of the world, that they’re essentially attacking the weakness of the cybersecurity infrastructure because they believe ultimately that would lead to a safer world. So the attacks will reveal the weaknesses. And if they’re stealing a bunch of money, that’s okay because that’s gonna enforce you to invest a lot more money in defending, yeah, defending things that actually matter, you know, nuclear warheads and all those kinds of things. I mean, I could see, you know, it’s fascinating to explore the mind of a human being like that because I think it will help people understand. Now, of course, it’s still a person that’s creating a lot of suffering in the world, which is a problem. So do you think ethically it’s a good thing to do?
Chris Tarbell (35:12):
I don’t, I mean, I feel like I have a fairly high ethical bar that I have to put myself on and I don’t think I have a problem with it. I would love to listen to it.
Lex Fridman (35:24):
Okay, great. Yeah.
Chris Tarbell (35:25):
I mean, not that I’m your ethical coach or here.
Lex Fridman (35:27):
Yeah, well, that’s interesting. I mean, so, because I thought you would have become jaded and exhausted by the criminal mind.
Chris Tarbell (35:41):
It’s funny, you know, I’m, you know, fast forward in our story, I’m very good friends with Hector Monsigur, the Sabu, the guy I arrested. And he tells stories of what he did in his past. And I’m like, oh, I’m that Hector, you know? But then I listened to your episode with Brett Johnson and I was like, this guy stealing money from the US government and welfare fraud and all this sort of things, it just pissed me off. And I don’t know why I have that differentiation in my head. I don’t know why I think one’s just, oh, Hector will be Hector, and then this guy just pissed me off.
Lex Fridman (36:19):
Well, you didn’t feel that way about Hector until you probably met him.
Chris Tarbell (36:22):
Well, I didn’t know Hector, I knew Sabu. So I hunted down Sabu and I learned about Hector over those nine months.
Lex Fridman (36:31):
We’ll talk about it later. Let’s finish with, let’s return tangent to back to tangent. Oh, one tangent up, who’s AV unit? I don’t know. Interesting. So he’s at the core of Anonymous. He’s one of the critical people in Anonymous. What is known about him?
Chris Tarbell (36:47):
There’s what’s known in public and what was known because I sat with Hector and he was sort of like the set things up guy. So if LulzSec had like their hackers, which was Sabu and Kayla, and they had their media guy, this guy Topiary. He lived up in the Northern end of England and they had a few other guys, but AV unit was the guy that set up infrastructure. So if you need a VPN in Brazil or something like that to pop through. One of the first things Hector told me after we arrested him is that AV unit was a secret service agent.
And I was like, oh shit. Just because he kind of lived that lifestyle. He’d be around for a bunch of days and then all of a sudden gone for three weeks. And I tried to get more out of Hector early on in that relationship. I’m sure he was a little bit guarded, maybe trying to social engineer me. Maybe he wanted that, oh shit, there’s law enforcement involved in this.
And not to say, I mean, I was in over my head with that case, just the amount of work that was going on. So to track them all down, plus the 350 hacks that came in about just military institutions, it was swimming in the deep end. So it was just at the end of the case, I looked back and I was like, AV unit, I could have had them all. Maybe that’s the perfectionist in me.
Lex Fridman (38:10):
Oh man, well, reach out somehow. I can’t, I won’t say how, right?
Chris Tarbell (38:16):
We’ll have to figure out. Would you have him on? Yeah. Oh my God. Just let me know. And just talk shit about you the whole time. That’s perfect. He probably doesn’t even care about me.
Lex Fridman (38:24):
Well, now he will. Yeah. Because there’s a certain pleasure of a guy who’s extremely good at his job, not catching another guy who’s extremely good at his job. Obviously better, he got away. There you go, he’s still eating at you. I love it.
Chris Tarbell (38:38):
Yeah. He or she. If I can meet that guy one day, he or she, that’d be great. I mean, I have no power.
Lex Fridman (38:45):
So yes, Silk Road, can you speak to the scale of this thing? Just for people who are not familiar, how big was it and any other interesting things you understand about its operation when it was active?
Chris Tarbell (39:00):
So it was when we finally got looking through the books and the numbers came out, it was about $1.2 billion in sales. It’s kind of hard with the fluctuation value of Bitcoin at the time to come up with a real number. So you kind of pick a daily average and go across. Most of the operation was done in Bitcoin. It was all done in Bitcoin. You couldn’t, you had escrow accounts on, you came in and you put money in an escrow account and the transaction wasn’t done until the client got the drugs or whatever they had bought. And then the drug dealers had sent it in.
There was some nice stuff going on. There was some talk at the time that the cartel was starting to sell on there. So that started getting a little hairy there at the end.
Lex Fridman (39:42):
What was the understanding of the relationship between organized crime like the cartels and this kind of more ad hoc new age market that is the Silk Road?
Chris Tarbell (39:56):
I mean, it was all just chatter. It was just, you know, because like I said, Jared was on the inside. So we saw some of it from the admin sides and Ross had a lot of private conversations with the different people that he had advised him. But no one knew each other. And I mean, the only thing that they knew were the admins had to send an ID to Ross, had to send a picture of their driver’s license or passport, which I always found very strange because if you are an admin on a site that sells fake IDs, why would you send your real ID? And then why would the guy running the site who profits from selling fake IDs believe that it was?
But fast forward, they were all real IDs. All the IDs that we found on Ross’s computer as the admins were the real people’s IDs. What do you make of that? Just other clumsiness? Yeah, low hanging fruit, I guess. I guess that’s what it is. I mean, I would have bought, I mean, even Ross bought fake IDs off the site. He had federal agents knock on his door, you know, and then he got a little cocky about it.
Lex Fridman (40:57):
The landscape, the dynamics of trust is fascinating here. So you trust certain ideas are, like who do you trust in that kind of market? What was your understanding of the network of trust?
Chris Tarbell (41:08):
I don’t think anyone trusts anybody, you know? I mean, I think Ross had his advisors of trust, but outside of that, I mean, he required people to send their ID for their trust. He, you know, people stole from him. There was, there’s open cases of that. It’s a criminal world. You can’t trust anybody.
Lex Fridman (41:28):
What was his life like, you think?
Chris Tarbell (41:31):
Lonely. Can you imagine being trapped in something like that where you, the whole world focused on that and you can’t tell people what you do all day? Could he have walked away? Like someone else take over, or the site just shut down?
Lex Fridman (41:45):
Either one. Just you putting yourself in his shoes, the loneliness, the anxiety, the just the growing immensity of it. So walk away with some kind of financial stability. I could.
Chris Tarbell (41:58):
I made it past two days. I don’t like loneliness. I mean, if my wife’s away, I’d probably call her 10, 12 times a day. We just talk about things, you know, I just, you know, something crossed my mind. I want to talk about it. And I’m sure she.
Lex Fridman (42:12):
And you’d like to talk to her, like honestly, about everything. So if you were running so crowded, you wouldn’t be able to like.
Chris Tarbell (42:19):
Hopefully I’d have a little protection. I’d only mention to her when we were in bed to have that marital connection. But who knows? I mean, she’s going to question why the Ferrari is outside and things like that. Yeah.
Lex Fridman (42:33):
I’m sure you can come up with something. Why didn’t he walk away? It’s another question. Why don’t criminals walk away in these situations?
Chris Tarbell (42:40):
Well, I mean, I don’t know every criminal mind and some do. I mean, AV Unit walked away. I mean, not to go back to that son of a bitch, but. There’s a theme to this. But you know, Ross started counting his dollars. I mean, he realized he was going to be one of the richest people in the world. And he was making a lot of dollars. I mean, he really kept track of how much money he was making and it started, you know, getting exponentially growth. I mean, if he would have stayed at it,
Lex Fridman (43:05):
he would have probably been one of the richest people in the world. And do you think he liked the actual money
Chris Tarbell (43:10):
or the fact of the number growing? I mean, have you ever held a Bitcoin?
Lex Fridman (43:13):
Yeah. Oh, you have? Well, he never did. What do you mean held a Bitcoin?
Chris Tarbell (43:17):
He held a briefcase of Bitcoin or something like that. He liked the idea of it growing. He liked the idea. I mean, I think it started off as sharing this idea, but then he really did turn to, like, I am the captain of this ship and that’s what goes. And he was making a lot of money. And again, my interaction with Ross was about maybe five or six hours over a two-day period. I knew DPR because I read his words and all that. I didn’t really know Ross.
There was a journal found on his computer and so it sort of kind of gave me a little inside. So I don’t like to do a playbook for criminals, but I’ll tell you right now, don’t write things down. There was a big fad about people, like, remember kids going around and shooting people with paintballs and filming it? I don’t know why you would do that. Why would you videotape yourself committing crime and then publish it? Like, if there’s one thing I’ve taught my children, don’t record yourself doing bad things. It never goes back.
Lex Fridman (44:14):
As well, so. And you actually give advice on the other end of logs being very useful for the defense perspective for, you know, if information is useful for being able to figure out what the attacks were all about.
Chris Tarbell (44:28):
Logs are the only reason I found Hector Monsegor. I mean, the one time his VPN dropped during a Fox hack, and he says he wasn’t even hacking, he just was sent a link and he clicked on it. And in 10 million lines of logs, there was one IP address that stuck out.
Lex Fridman (44:44):
This is fascinating. We’ll explore several angles of that. So what was the process of bringing down Ross Ross and the Silk Road?
Chris Tarbell (44:55):
All right, so that’s a long story. You want the whole thing or you want to break it up? Let’s start at the beginning. Once we had the information of the chat logs and all that from the server, we found- What’s the server? What’s the chat log? So the.onion was running the website, the Silk Road was running on a server in Iceland.
Lex Fridman (45:17):
How did you figure that out? That was one of the claims that the NSA.
Chris Tarbell (45:21):
Yeah, that’s the one that we said that, yeah, I wouldn’t tell you if it was. It’s on the internet. I mean, the internet has their conspiracy theories.
Lex Fridman (45:27):
Yeah. But you figure out, that’s the part of the thing you do. It’s puzzle pieces and you have to put them together and look for different pieces of information and figure out, okay. So you figure out the server is in Iceland.
Chris Tarbell (45:38):
And we get a copy of it. And so we started getting clues off of that. Was it a physical copy of the server? Yeah, you fly over there. So you go, if you’ve been to Iceland, if you’ve never been, you should definitely go to Iceland. Is it beautiful? I love it. I love it. So I’ll tell you this. So, sorry, tangents. I love this, yeah. So I went to Iceland for the anonymous case. Then I went to Iceland for the Silk Road case. And I was like, oh shit, all cyber crime goes through Iceland. It was just my sort of thing. And I was over there for like the third time and I said, if I ever can bring my family here. Like, so there’s a place called Thingavar and I’m sure I’m fucking up the name. The Icelandics are pissed right now. But it’s where the North American continental plate and the European continental plate are pulling apart. And it’s being filled in with volcanic material in the middle.
And it’s so cool. Like, I was like, one day I’ll be able to afford to bring my family here. And once I left-
Lex Fridman (46:32):
Just like the humbling and the beauty of nature.
Chris Tarbell (46:34):
Just everything, man. It was a different world. It was insane how great Iceland is. And so we went back and we rented a van and we took friends and we drove around the entire country. Absolutely, like a beautiful place. Like Reykjavik’s nice, but get out of Reykjavik as quick as you can and see the countryside. How is this place even real? Well, it’s so new. I mean, that’s, so, you know, our rivers have been going through here for millions of years and flattened everything out and all that. These are new, this is new land being carved by these rivers. You can walk behind a waterfall in one place. It’s the most beautiful place I’ve ever been.
Lex Fridman (47:12):
You understand why this is a place where a lot of hacking is being done?
Chris Tarbell (47:16):
Because the energy is free and it’s cool. So you have a lot of servers going on there. Server farms, the energy has come up out of the ground, geothermal, and then it keeps all the servers nice and cool. So why not keep your computers there at a cheap rate?
Lex Fridman (47:33):
I’ll definitely visit for several reasons, including to talk to AV Unit. Yeah, he’ll want you there. Well, the servers are there, but they don’t probably live there. I mean, that’s interesting. I mean, the Pacific, the PST, the time zones, there’s so many fascinating things to explore here.
Chris Tarbell (47:49):
But so you got- Sorry, to add to that, I mean, the European internet cable goes through there, so across to Greenland, then down through Canada and all that. So they have backbone access with cheap energy and free cold weather, you know? And beautiful.
Lex Fridman (48:03):
Oh, and beautiful, yes. So chat logs on that server, what was in the chat logs?
Chris Tarbell (48:11):
Everything. He kept them all. That’s another issue. If you’re writing a criminal enterprise, please don’t keep all… Again, I’m not making a guidebook of how to commit your perfect crime, but every chat he ever had, and everyone’s chat, it was like going into Facebook of criminal activity.
Lex Fridman (48:27):
Yeah, just looking at texts with Elon Musk being part of the conversations. I don’t know if you’re familiar, but they’ve been made public for the court cases going through, was going through, is going through, was going through with Twitter. I don’t know where it is. But it made me realize that, oh, okay.
I’m generally, that’s my philosophy on life, is like anything I text or email or say, publicly or privately, I should be proud of. So I tried to kind of do that because you basically, you say, don’t keep chat logs, but it’s very difficult to erase chat logs from this world. I guess if you’re a criminal, that should be, like you have to be exceptionally competent at that kind of thing. To erase your footprints is very, very difficult.
Chris Tarbell (49:16):
Can’t make one mistake. All it takes is one mistake of keeping it. But yeah, I mean, not only do you have to be, whatever you put in a chat log or whatever you put in an email it has to hold up and you have to stand behind it publicly when it comes out. If it comes out 10 years from now, you have to stand behind it.
Lex Fridman (49:34):
I mean, we’re seeing that now in today’s society. Yeah, but that’s a responsibility you have to take really, really seriously. If I was a parent and advising teens, you kind of have to teach them that. I know there’s a sense like, no, we’ll become more accustomed to that kind of thing, but in reality, no, I think in the future we’ll still be held responsible for the weird shit
Chris Tarbell (49:54):
we do. Yeah, a friend of mine, his daughter got kicked out of college because of something she posted in high school and the shittiest thing for him, but great for my kids. Great lesson. Look over there and you don’t want that to happen to you.
Lex Fridman (50:05):
Yeah, okay. So in the chat logs was useful information like breadcrumbs of information that you can then pull out.
Chris Tarbell (50:16):
Yeah, great evidence and stuff. You know, I mean, obviously, yeah, a lot of evidence. Here’s a sale of this much heroin because, you know, Ross ended up getting charged with czar status on certain things. And that’s, it’s a certain weight in each type of drug that you had, like, I think it’s four or five employees of your empire and that you made more than $10 million. And so it’s, you know, it’s just like what the narco traffickers get charged with, or, you know, anybody out of Columbia, you know, so.
Lex Fridman (50:46):
And that was primarily what he was charged with during when he was arrested is the drug.
Chris Tarbell (50:52):
Yeah, and he got charged with some of the hacking tools too.
Lex Fridman (50:55):
Okay, because he’s in prison, what, for? Two life sentences plus 40 years.
Chris Tarbell (51:01):
And no possibility of parole? In the federal system, there’s no possibility of parole when you have life. The only way you get out is if the president pardons you. There’s always a chance. There is. I think it was close. I heard rumors there was close.
Lex Fridman (51:18):
Well, right. So it depends. Given, it’s fascinating, but given the political, the ideological ideas that he represented and espoused, it’s not out of the realm of possibility.
Chris Tarbell (51:32):
Yeah, I mean, I’ve been asked before, who, you know, does he get out of prison first, or does Snowden come back into America? And I don’t know. I have no idea.
Lex Fridman (51:39):
Just became a Russian.
Chris Tarbell (51:40):
I saw that, and I’ve heard a lot of weird theories about that one.
Lex Fridman (51:44):
Well, actually, on another tangent, let me ask you, do you think Snowden is a good or a bad person? A bad person. Can you make the case that he’s a bad person?
Chris Tarbell (51:58):
There’s ways of being a whistleblower, and there’s rules set up on how to do that. He didn’t follow those rules. I mean, they, you know, I’m red, white, and blue, so I’m pretty, you know, he was a federal government. So you think his actions were anti-American? I think the results of his actions were anti-American. I don’t know if his actions were anti-American.
Lex Fridman (52:18):
Do you think he could have anticipated the negative consequences of his action? Yes. Should we judge him by the consequences or the ideals of the intent of his action?
Chris Tarbell (52:28):
I think we all get to judge him based on our own beliefs, but I believe what he did was wrong.
Lex Fridman (52:34):
Can you steelman the case that he’s actually a good person and good for this country, for the United States of America, as a flag bearer for the whistleblowers, the check on the power of government?
Chris Tarbell (52:50):
Yeah, I mean, I’m not big government-type guy, you know? So, you know, even that sounds weird coming from a government guy for so many years. But there’s rules in place for a reason. I mean, he put, you know, some of our best capabilities, he made them publicly available. They really kind of set us back in the, and this isn’t my world at all, but the offensive side of cybersecurity.
Lex Fridman (53:15):
Right, so he revealed stuff that he didn’t need to reveal in order to make the point. Correct. So you could imagine a world where he leaked stuff that revealed the mass surveillance efforts and not reveal other stuff. Like, is the mass surveillance, I mean, that’s the thing that, of course, in the interpretation of that, there’s fear-mongering, but at the core, that was a real shock to people that it’s possible for government to collect data at scale.
Chris Tarbell (53:53):
And it’s surprising to me that people are that shocked by it.
Lex Fridman (53:56):
Well, there’s conspiracies, and then there’s like actual evidence that that is happening. I mean, there’s a lot of reality that people ignore, but when it hits you in the face, you realize, holy shit, we’re living in a new world. This is the new reality, and we have to deal with that reality. Just like you work in cybersecurity, I think it really hasn’t hit most people how fucked we all are in terms of cybersecurity.
Okay, let me rephrase that. How many dangers there are in a digital world, how much under attack we all are, and how more intense the attacks are getting, and how difficult the defense is, and how important it is, and how much we should value it, and all the different things we should do at the small and large scale to defend. Like most people really haven’t woken up. They think about privacy from tech companies. They don’t think about attacks, cyber attacks.
Chris Tarbell (54:53):
People don’t think they’re a target, and that message definitely has to get out there. I mean, if you have a voice, you’re a target. If the place you work, you might be a target. See, your husband might work at some place, because now people are working from home, so they’re gonna target you to get access to his network
Lex Fridman (55:10):
in order to get in. Well, in that same way, the idea that the U.S. government, or any government could be doing mass surveillance on its citizens is one that was a wake-up call, because you could imagine the ways in which that could be, like you could abuse the power of that to control a citizenry for political reasons and purposes.
Chris Tarbell (55:35):
Absolutely, you could abuse it. I think during the part of the Snowden League, saw that two NSA guys were monitoring their girlfriends, and there’s rules in place for that. Those people should be punished for abusing that. But how else are we going to hear about terrorists that are in the country talking about birthday cakes? And that was a case where that was the trip word, that we’re gonna go bomb New York City’s subway.
Lex Fridman (56:01):
Yeah, it’s complicated, but it just feels like there should be some balance of transparency. There should be a check in that power, because in the name of the war on terror, you can sort of sacrifice, there is a trade-off between security and freedom, but it just feels like there’s a giant, slippery slope on the sacrificing of freedom in the name of security.
Chris Tarbell (56:25):
I hear you, and we live in a world where, well, I live in a world, where I had to tell you exactly when I arrested someone, I had to write a 50-page document of how I arrested you, and all the probable cause I have against you and all that. Well, bad guys are reading that. They’re reading how I caught you, and they’re changing the way they’re doing things. They’re changing their MO. They’re doing it to be more secure. If we tell people how we’re monitoring, what we’re surveilling, we’re gonna lose that. I mean, the terrorists are just gonna go a different way. And I’m not trying to, again, I’m not big government. I’m not trying to say that it’s cool that we’re monitoring, the US government’s monitoring everything, big tech’s monitoring everything. They’re just monetizing it versus possibly using it against you.
Lex Fridman (57:11):
But there’s a balance, and those 50 pages, they have a lot of value. They make your job harder, but they prevent you from abusing the power of the job. Yeah, there’s a balance. That’s a tricky balance. So the chat logs in Iceland give you evidence of the heroin and all the large-scale czar-level drug trading. What else did it give you in terms of how to catch?
Chris Tarbell (57:44):
It gave us infrastructure. So the Onion name was actually running on a server in France. So if you like, and it only commuted through a back channel of VPN to connect to the Iceland server. There was a Bitcoin vault server that was also in Iceland. And I think that was so that the admins couldn’t get into the Bitcoins, the other admins that were hired to work on the site. So you could get into the site, but you couldn’t touch the money. Only Ross had access to that.
And then another big mistake on Ross’s part is he had the backups for everything at a data center in Philadelphia. Don’t put your infrastructure in the United States. I mean, again, let’s not make a playbook, but.
Lex Fridman (58:30):
I think these are low-hanging fruit that people of competence would know already. But it’s interesting that he wasn’t competent enough to make, so he was incompetent in certain ways.
Chris Tarbell (58:42):
Yeah, I don’t think he was a mastermind of setting up an infrastructure that would protect his online business because keeping chat logs, keeping a diary, putting infrastructure where it’s safe, putting infrastructure where it shouldn’t be. Bad decisions.
Lex Fridman (59:02):
How did you figure out that he’s in San Francisco?
Chris Tarbell (59:06):
So we had that part with Jared that he was on the West Coast. And then- Who again is Jared? Jared Day-Egan, he was a partner in, he was a DHS agent, worked for HSI, Homeland Security Investigations, in Chicago. He started his Silk Road investigation because he was working at O’Hare and a weird package came in. Come to find out, he traced it back to Silk Road. So he started working at a Silk Road investigation long before I started my case. And he made his way up undercover all the way to be an admin on Silk Road.
So he was talking to Ross on a Jabra server, the private Jabra server, private chat communication server. And we noticed that Ross’s time zone on that Jabra server was set to the West Coast. So we had Pacific time on there. So we had a region, 1 24th of the world was covered of where we thought he might be.
Lex Fridman (01:00:01):
And from there, how do you get to San Francisco?
Chris Tarbell (01:00:04):
There was another guy, an IRS agent that was part of the team. And he used a powerful tool to find his clue. He used the world of Google. He simply just went back and Googled around for Silk Road at the time it was coming up and found some posts on like some help forums that this guy was starting an Onion website and wanted some cryptocurrency help. And if you could help him, please reach out to ross.albrek at gmail.com. In my world, that’s a clue. So.
Lex Fridman (01:00:40):
Okay, so that’s as simple as that.
Chris Tarbell (01:00:42):
Yeah, and the name he used on that post was Frosty. Yeah.
Lex Fridman (01:00:46):
So you had to connect Frosty and other uses in Frosty and here’s a Gmail and the Gmail has the name.
Chris Tarbell (01:00:54):
The Gmail posted that I need help under the name Frosty on this forum.
Lex Fridman (01:00:59):
So what’s the connection of Frosty elsewhere?
Chris Tarbell (01:01:00):
The person logging into the Philadelphia backup server, the name of the computer was Frosty.
Lex Fridman (01:01:10):
Another clue in my world. And that’s it. The name is there, the connection to the Philadelphia server and then to Iceland is there. And so the rest is small details in terms of, or is there interesting details?
Chris Tarbell (01:01:23):
No, I mean, there’s some electronic surveillance that find Ross Albrek living in a house and is there, you know, is a computer at his house attaching to, you know, does it have Tor traffic at the same time that DPR is on? Another big clue. Matching up timeframes.
Lex Fridman (01:01:40):
Again, just putting your email out there, putting your name out there like that. Like what I see from that, just at the scale of that market, what I, it just makes me wonder how many criminals are out there that are not making these low-hanging fruit mistakes and are still successfully operating. To me, it seems like you could be a criminal, much, it’s much easier to be a criminal on the internet.
What else to you is interesting to understand about that case of Ross and Silk Road and just the history of it from your own relationship with it, from a cybersecurity perspective, from an ethical perspective, all that kind of stuff. Like when you look back, what’s interesting to you about that case?
Chris Tarbell (01:02:29):
I think my views on the case have changed over time. I mean, it was my job back then. So I just looked at it as of, you know, I’m going after this. I sort of made a name for myself in the bureau for the anonymous case. And then this one was just, I mean, this was a bigger deal. I mean, they flew me down to DC to meet with the director about this case. The president of the United States was gonna announce this case, the arrest. Unfortunately, the government shut down two days before. So it was just us. And that’s really the only reason I had any publicity out of it is because the government shut down and the only thing that went public was that affidavit with my signature at the end.
Otherwise, it would have just been the attorney general and the president announcing the rest of this big thing,
Lex Fridman (01:03:13):
and you wouldn’t have seen me. Did you understand that this was a big case? Yeah, I knew at the time. Was it because of the scale of it or what it stood for?
Chris Tarbell (01:03:23):
I just knew that the public was gonna react in a big way. Like the media was, now, did I think that it was gonna be on the front page of every newspaper the day after the arrest? No, but I could sense it. Like I went like three or four days without sleep. When I was out in San Francisco to arrest Ross, I had sent three guys to Iceland to… So it was a three-prong approach for the takedown. It was get Ross, get the Bitcoins, and seize the site. Like we didn’t want someone else taking control of the site. And we wanted that big splash of that banner. Like, look, the government found this site. Like, you might not want to think about doing this again.
So- And you were able to pull off all three? Maybe that’s my superpower. I’m really good about putting smarter people than I am together and on the right things. It’s the only way to do it. In the business I formed, that’s what I did. I hired only smarter people than me, and I’m not that smart, but smart enough to know who the smart people are. The team was able to do all three? Yeah, we were able to get all three done. Yeah, and the one guy, one of the guys, the main guys I sent to Iceland, man, he was so smart. Like, I sent another guy from the FBI to France to get that part, and he couldn’t do it. So the guy in Iceland did it from Iceland. They had to pull some stuff out of memory on a computer. You know, it’s live process stuff. I’m sure you’ve done that before, but.
Lex Fridman (01:04:42):
I’m sure you did. Look what you’re doing. This is like a multi-layer interrogation going on. Was there a concern that somebody else would step in and control the site?
Chris Tarbell (01:04:56):
Absolutely, we didn’t have insight on who exactly I’d control.
Lex Fridman (01:04:59):
So it turns out that Russ had dictatorial control. So it wasn’t easy to delegate to somebody else.
Chris Tarbell (01:05:06):
He hadn’t. I think he had some sort of ideas. I mean, his diary talked about walking away and giving it to somebody else, but he didn’t, he couldn’t give up that control on anybody, apparently.
Lex Fridman (01:05:17):
Which makes you think that power corrupts, and his ideals were not as strong as he espoused about. Because if it was about the freedom of being able to buy drugs, if you want to, then he surely should have found ways to delegate that power.
Chris Tarbell (01:05:34):
Well, he changed over time. You could see it in his writings, that he changed. People argue back and forth that there was never murders on Silk Road. When we were doing the investigation, to us, there were six murders.
The way we saw him at the time was Ross ordered people to be murdered. People stole from him and all that. It was sort of an evolution from, oh man, I can’t deal with this, I can’t do it, it’s too much, to the last one was like, the guy said, well, he’s got three roommates. It’s like, oh, we’ll kill them too. Was that ever proven in court? No, the murders never went forward because there was some stuff, problems in that case. So there was a separate case in Baltimore that they had been working on for a lot longer. And so, during the investigation, that caused a bunch of problems because now we have multiple federal agencies that case against the same thing.
Lex Fridman (01:06:33):
How do you decide not to push forward the murder investigation?
Chris Tarbell (01:06:38):
So there was a de-confliction meeting that happened in D.C. I didn’t happen to go to that meeting, but Jared went, this is before I ever knew Jared, and we have like, televisions where we can just sit in a room and sit in on the meeting, but it’s all secured network and all that, so we can talk openly about secure things. And we sat in on the meeting and people just kept saying the term sweat equity. I’ve got sweat equity, meaning that they had worked on the case for so long that they deserve to take them down.
And by this time, no one knew about us, but we told them at the meeting that we had found the server and we have a copy of it and we have the infrastructure. And these guys had just had communications under covers. They didn’t really know what was going on. And this wasn’t my first de-confliction meeting. We had a huge de-confliction meeting during the anonymous case. What’s a de-confliction meeting? Agents within your agency or other federal agencies have an open investigation that if you expose your case or took down your case, would hurt their case or the other way. Oh, so you kind of have a,
Lex Fridman (01:07:49):
it’s like the rival gangs meet at the table in a smoke-filled room, and then.
Chris Tarbell (01:07:55):
Less bullets at the end, but yes. Yes.
Lex Fridman (01:07:57):
Oh boy, with the sweat equity. Yeah. I mean, there’s careers at stake, right? Yeah.
Chris Tarbell (01:08:03):
You hate that idea. Yeah, I mean, why is that a stake? Just because you’ve worked on it long enough, longer than I have, that means you get, you did better? That’s insane to me, that’s rewarding, bad behavior.
Lex Fridman (01:08:17):
And so that one of the part of the sweat equity discussion was about murder, and this was, here’s a chance to actually bust them, given the data you have from Iceland and all that kind of stuff. So why?
Chris Tarbell (01:08:27):
Well, they wanted us just to turn the data over to them. To them. Yeah, thanks for getting us this far, here it is. I mean, it came to the point where, they sent us, like, they had a picture of what they thought Ross was, and it was an internet meme. It really was a meme, it was a photo that we could look up. Like, it was insane.
Lex Fridman (01:08:47):
All right, so there’s different degrees of competence all across the world, between different people, yes. Okay, does part of you regret because you pushed forward but because you pushed forward the heroin and the drug trade we never got to the murder discussion?
Chris Tarbell (01:09:05):
I mean, the only regret is that the internet doesn’t seem to understand, like, they just kind of blow that part off, that he literally paid people to have people murdered. It didn’t result in a murder, and I thank God no one resulted in a murder.
Lex Fridman (01:09:18):
But that’s where his mind was.
Chris Tarbell (01:09:19):
His mind and where he wrote in his diary was that I had people killed, and here’s the money. He paid it. He paid a large amount of bitcoins for that murder.
Lex Fridman (01:09:28):
Those murders. He didn’t just even think about it, he actually took action, but the murders never happened. He took action by paying the money.
Chris Tarbell (01:09:34):
Correct, and the people came back with results. He thought they were murdered.
Lex Fridman (01:09:39):
That said, can you understand the steel mill and the case for the drug trade on Silk Road? Like, can you make the case that it’s a net positive for society?
Chris Tarbell (01:09:51):
So there was a time period of when we found out the infrastructure and when we built the case against Ross. I don’t remember exactly. Six weeks, a month, two months, I don’t know, somewhere in there. But then at Ross’s sentencing, there was a father that stood up and talked about his son dying. And I went back and kind of did the math, and it was between those time periods of when we knew we could shut it down, we could have pulled the plug on the server and gone. And when Ross was arrested, his son died from buying drugs on Silk Road. And I still think about that father a lot.
Lex Fridman (01:10:26):
But if we look at the scale at the war on drugs, let’s just even, outside of Silk Road, do you think the war on drugs by the United States has caused, has alleviated more suffering or caused more suffering in the world?
Chris Tarbell (01:10:45):
That might be above my pay scale. I mean, I understand the other side of the argument. I mean, people said that I don’t have to go down to the corner to buy drugs. I’m not gonna get shot on the corner buying drugs or something, I can just have them sent to my house. People are gonna do drugs anyways. I understand that argument. From my personal standpoint, if I made it more difficult for my children to get drugs, then I’m satisfied.
Lex Fridman (01:11:07):
So your personal philosophy is that if we legalize all drugs, including heroin and cocaine, that that would not make for a better world?
Chris Tarbell (01:11:17):
I don’t, no, personally, I don’t believe legalizing all drugs would make for a better world.
Lex Fridman (01:11:21):
Can you imagine that it would? Do you understand that argument?
Chris Tarbell (01:11:28):
Sure, I mean, as I’ve gotten older, I’ve started to, I like to see both sides of an argument, and when I can’t see the other side, that’s when I really like to dive into it. And I can see the other side. I can see why people would say that. But I don’t wanna be my race children in a world where drugs are just free for use.
Lex Fridman (01:11:45):
Well, and then the other side of it is with Silk Road, did, you know, taking down Silk Road, did that increase or decrease the number of drug-trading criminals in the world? It’s unclear.
Chris Tarbell (01:12:01):
Online, I think it increased. I think, you know, that is one of the things I think about a lot with Silk Road, was that no one really knew. I mean, there was, you know, thousands of users. But then after that, it was on the front page of the paper, and there was millions of people that knew about TOR and Onion Sites, it was an advertisement. You know, I would have thought, I thought crypto was gonna crash right after that, like, oh, look, people now see that bad people are doing bad things with crypto, that’ll crash. Well, I’m obviously wrong on that one. And I thought, you know, Ross was sentenced to two life sentences plus 40 years. No one’s gonna start up these.
Dark markets exploded after that. Yeah. You know, some of them started as, you know, opportunistic, I’m gonna, you know, take those escrow accounts, and I’m gonna steal all the money that came in, you know, they were for that. But, you know, but there were a lot of dark markets that popped up after that. Now, we put the playbook out there.
Lex Fridman (01:12:54):
Yeah, yeah, and also there’s a case for, do you ever think about not taking down, if you’ve not taken down Silk Road, you could use it, because it’s a market. It itself is not necessarily the primary criminal organization. It’s a market for criminals. So it could be used to track down criminals in the physical world. So if you don’t take it down, given that it was, you know, the central, how centralized it was, it could be used as a place to find criminals, right?
Chris Tarbell (01:13:30):
So the dealers, the drug dealers? Yeah.
Lex Fridman (01:13:32):
So if you have the cartel, get the cartels started to get involved, you go after the dealers. It would’ve been very difficult.
Chris Tarbell (01:13:40):
Because of TOR and all that. Because of all the protections, anonymity. De-cloaking all that would’ve been drastically more difficult. And a lot of people in upper management of the FBI didn’t have the appetite of running something like that. That would’ve been the FBI running a drug market.
How many kids, how many fathers would’ve had to come in and said, my kid bought while the FBI was running a site, a drug site. My kid died. So I didn’t know anybody in the FBI in management that would have the appetite to let us run what was happening on Silk Road. You know, because remember at that time, we’re still believing six people are dead. We’re still investigating, you know, where are all these bodies? You know, that’s pretty much why we took down Ross when we did. I mean, we had to jump on it fast.
Lex Fridman (01:14:27):
What else can you say about this complicated world that has grown of the dark web?
Chris Tarbell (01:14:33):
I don’t understand it. I, like, it would’ve been something for me, I thought it was gonna collapse. But, I mean, it’s just gotten bigger in what’s going on out there. Now, I’m really surprised that it hasn’t grown into other networks, or people haven’t developed other networks, but TOR. You mean like instead of TOR? Yeah, TOR’s still the main one out there. I mean, there’s a few others, and I’m not gonna put an advertisement out for them. But, you know, I thought that market would’ve grown.
Lex Fridman (01:14:60):
Yeah, my sense was, when I interacted with TOR, it was that there’s huge usability issues. But that’s for, like, legal activity. Yeah. Because, like, if you care about privacy, it’s just not as good of a browser, like, to look at stuff.
Chris Tarbell (01:15:15):
No, it’s way too slow. It’s way too slow. It’s way too slow, but I mean, you can’t even, like, I know some people would use it to, like, view movies, like Netflix, you can only view certain movies in certain countries. You can use it for that, but it’s too slow even for that, so.
Lex Fridman (01:15:27):
Were you ever able to hold in your mind the landscape of the dark web? Like, what’s going on out there? It’s just, to me, as a human being, it’s just difficult to understand the digital world. Like, these anonymous usernames. Like, doing anonymous activity, it’s just, it’s hard to, what am I trying to say? It’s hard to visualize it in the way I can visualize, like, I’ve been reading a lot about Hitler. I can visualize meetings between people, military strategy, deciding on certain evil atrocities, all that kind of stuff. I can visualize the people, there’s agreements, hands, handshakes, stuff signed, groups built. Like, in the digital space, like, with bots, with anonymity, any one human can be multiple people. It’s just- Yeah, it’s all lies. It’s all lies. Like, yeah, it feels like I can’t trust anything.
Chris Tarbell (01:16:21):
No, you can’t. You honestly can’t. And, like, you can talk to two different people, and it’s the same person. Like, there’s so many different, you know, Hector had so many different identities online, you know, of things that, you know, the lies to each other. I mean, he lied to people in the same way that the lies to each other, I mean, he lied to people inside his group just to use another name to spy on, make sure what they, you know, weren’t talking shit behind his back or weren’t doing anything. It’s all lies, and people that can keep all those lies straight, it’s unbelievable to me.
Lex Fridman (01:16:49):
Ross Albrecht represents the very early days of that. That’s why the competence wasn’t there. Just imagine how good the people are now, the kids that grow up.
Chris Tarbell (01:16:59):
Oh, they’ve learned from his mistakes.
Lex Fridman (01:17:04):
Just the extreme competence. Did you see how good people are at video games? Like, the level of play in terms of video games. Like, I used to think I sucked. Now, I’m not even, like, I’m not even in the, like, consideration of calling myself shitty at video games. I’m not even, I’m, like, non-existent. I’m, like, the mold. Yeah, I stopped playing because it’s so embarrassing.
Chris Tarbell (01:17:27):
It’s embarrassing. It’s like wrestling with your kid and he finally beats you. He’s, like, well, fuck that. I’m not wrestling with my kid anymore, ever again. And in some sense, hacking, at its best and its worst,
Lex Fridman (01:17:34):
is a kind of game, and you can get exceptionally good at that kind of game. And you get the accolades of it.
Chris Tarbell (01:17:43):
I mean, there’s, you know, there’s power that comes along. If you have success, look at the kid that’s playing. There’s power that comes along if you have success. Look at the kid that was hacking into Uber and Rockstar Games. He put it out there that he was doing it. I mean, he used the name, whatever, hacked into Uber was his screen name. He was very proud of it. I mean, won building evidence against himself. But, you know, he wanted that slap on the back, like, look at what a great hacker you are.
Lex Fridman (01:18:09):
Yeah. What do you think is in the mind of that guy? What do you think is in the mind of Russ? Do you think they see themselves as good people? Do you think they acknowledge the bad they’re doing onto the world?
Chris Tarbell (01:18:23):
So that Uber hacker, I think that’s just youth, not realizing what consequences are, I mean, based on his actions. Ross was a little bit older. I think Ross truly is a libertarian. He truly had his beliefs that he could provide the gateway for other people to live that libertarian lifestyle and put in their body what they want. I don’t think that was a front or a lie.
Lex Fridman (01:18:48):
What’s the difference between DPR and Ross? You said, like, I have never met Ross until, I have only had those two days worth of interaction. Yeah. It’s just interesting, given how long you’ve chased him and then having met him, what was the difference to you as a human being?
Chris Tarbell (01:19:03):
He was a human being. He was, you know, he was an actual person. He was nervous when we arrested him. So one of the things that I learned through my law enforcement career is, if I’m gonna be the case agent, I’m gonna be the one in charge of dealing with this person, I’m not putting handcuffs on him. Somebody else is gonna do that. Like, I’m gonna be there to help him. You know, I’m your conduit to help. And so, you know, right after someone’s arrested, you obviously have had them down for weapons to make sure for everybody’s safety, but then I just put my hand on their chest. Just feel their heart, feel their breathing. You’re gonna, it’s, I’m sure it’s the scariest day, but then to have that human contact kind of settles people down. And you can kind of like, let’s start thinking about this. I’m gonna tell you, you know, I’m gonna be open and honest with you. You know, there’s a lot of cops out there and federal agents, cops that just go to the hard-ass tactic. You don’t get very far with that. You don’t get very far being a mean asshole to somebody, you know, be compassionate, be human. And it’s gonna go a lot further.
Lex Fridman (01:20:03):
So given everything he’s done, you’re still able to have compassion for him?
Chris Tarbell (01:20:06):
Yeah, we took him to the jail and we, so it was after hours, so he didn’t get to see a judge that day. So you stick, we stuck him in the San Francisco jail. I hadn’t slept for about four days because I was dealing with people in Iceland, bosses in DC, bosses in New York. So, and I was in San Francisco. So timeframe, like the Iceland people were calling me when I was supposed to be sleeping. It was insane.
I still went out that night while Ross sat in jail and bought him breakfast. I said, what do you want for breakfast? I’ll have a nice breakfast for you. Cause we picked him up in the morning and took him over to the FBI to do the FBI booking, the fingerprints and all that. And I got him breakfast. I mean, and you don’t get paid back for that sort of thing. I’m not looking, but out of my own- Did he make special requests for breakfast?
Lex Fridman (01:20:52):
Yeah, he asked for certain things. Well, can you mention, is that top secret?
Chris Tarbell (01:20:56):
No, that’s not top secret. I think he wanted some granola bars, like, and, you know, but I mean, he already had lawyered up. So we, you know, which is his right, he can do that. So I knew we weren’t gonna work together, you know, like I did with Hector.
Lex Fridman (01:21:11):
But I mean, this is the guy’s last day. Most of the conversations have to be then with lawyers.
Chris Tarbell (01:21:16):
From that point on, I can’t question him when he asked for a lawyer, or if I did, it couldn’t be used against him. So we just had conversation where I talked to him. You know, he could, you know, could say things to me, but then I have to remind him that he asked for a lawyer and he’d have to waive that and all that. But we didn’t talk about his case so much. We just talked about like human beings.
Lex Fridman (01:21:34):
Did he, with his eyes, with his words, reveal any kind of regret, or did you see a human being changing, understanding something about themselves in the process of being caught?
Chris Tarbell (01:21:49):
No, I don’t think that. I mean, he did offer me $20 million to let him go when we were driving to the jail. Oh no. And I asked him what I was gonna, we were gonna do with the agent that sat in the front seat. The money really broke him, huh? I think so. I think he kind of got caught up in how much money it was and how, you know, when crypto started, it was pennies. And by the time he got arrested, it was 120 bucks. And you know, 177,000 Bitcoins. Even today, you know, that’s a lot of Bitcoins.
Lex Fridman (01:22:18):
So you really could have been, if you continued to be one of the richest people in the world.
Chris Tarbell (01:22:23):
I possibly could have been, if I took that $20 million then, I could have been living, we could have this conversation in Venezuela. In a castle, in a palace. Yeah, until it runs out and then the government storms the castle.
Lex Fridman (01:22:38):
Yeah. Have you talked to Russ since?
Chris Tarbell (01:22:42):
No, I’d be open to it. I don’t think he probably wants to hear from me.
Lex Fridman (01:22:46):
And do you know where and which prison he is?
Chris Tarbell (01:22:50):
I think he’s somewhere out in Arizona. I know he was in the one next to Supermax for a little while, like the high security one that shares the fence with Supermax, but I don’t think he’s there anymore. I think he’s out in Arizona. I haven’t seen him in a while.
Lex Fridman (01:23:03):
I wonder if he can do interviews in prison. That’d be nice.
Chris Tarbell (01:23:06):
Some people are allowed to. So I’ve not seen an interview with him. I know people have wanted to interview him about books and that sort of thing.
Lex Fridman (01:23:14):
Right, because the story really blew up. Did it surprise you how much the story and many elements of it blew up? Movies.
Chris Tarbell (01:23:21):
It did surprise me. My wife’s uncle, who I didn’t, I’ve been married to my wife for 22 years now. I don’t think he knew my name. And he was excited about that. He reached out when Silk Road came out. So that was surprising to see.
Lex Fridman (01:23:36):
Did you think the movie on the topic was good?
Chris Tarbell (01:23:38):
I didn’t have anything to do with that movie. I’ve watched it once. It was kind of cool that Jimmy Simpson was my name in the movie. But outside of that, I thought it sort of missed the mark on some things.
Lex Fridman (01:23:48):
When Hollywood, I don’t think they understand what’s interesting about these kinds of stories. And there’s a lot of things that are interesting and they missed all of them. So for example, I recently talked to John Carmack, who’s a world-class developer and so on. So Hollywood would think that the interesting thing about John Carmack is some kind of shitty, a parody of a hacker or something like that. They would show really crappy emulation of some kind of Linux terminal thing. The reality is the technical details for five hours with him, for 10 hours with him is what people actually want to see, even people that don’t program. They want to see a brilliant mind.
The details, that they’re not, even if they don’t understand all the details, they want to have an inkling of the genius there. There’s just one way, I’m saying like, that you want to reveal the genius, the complexity of that world in interesting ways. And to make a Hollywood almost parody caricature of it, it just destroys the spirit of the thing. So one, the Operation FBI is fascinating.
Just tracking down these people on the cyber security front is fascinating. The other is just how you run TOR, how you run this kind of organization, the trust issues of the different criminal entities involved, the anonymity, the low-hanging fruit, the being shitty at certain parts on the technical front, all of those are fascinating things, and that’s what a movie should reveal. Should probably be a series, honestly, a Netflix series than a movie.
Chris Tarbell (01:25:28):
Yeah, an FX show or something like that.
Lex Fridman (01:25:30):
Kind of gritty, you know? Yeah, yeah, gritty. Exactly, gritty. I mean, shows like Chernobyl from HBO made me realize, okay, you can do a good job of a difficult story and reveal the human side, but also reveal the technical side and have some deep, profound understanding on that case, on the bureaucracy of a Soviet regime. In this case, you could reveal the bureaucracy, the chaos of a criminal organization, of a law enforcement organization. I mean, there’s so much to explore. It’s fascinating.
Chris Tarbell (01:26:02):
Yeah, I like Chernobyl. When I rewatch it, I can’t watch episode three, though. The animal scene, the episode, they go around shooting all the dogs and all that. I gotta skip that part. You’re a big softie, aren’t you? I really am. I’m sure I’ll probably cry at some point. I love it, I love it. Don’t get me talking about that episode you made about your grandmother. Oh my God, that was rough.
Lex Fridman (01:26:23):
Just to linger on this ethical versus legal question, what do you think about people like Aaron Schwartz? I don’t know if you’re familiar with him, but he was somebody who broke the law in the name of an ethical ideal. He downloaded and released academic publications that were behind a paywall. And he was arrested for that and then committed suicide. And a lot of people see him, certainly in the MIT community, but throughout the world, as a hero. Because you look at the way knowledge, scientific knowledge is being put behind paywalls, it does seem somehow unethical.
And he basically broke the law to do the ethical thing. Now, you could challenge it, maybe it is unethical, but there’s a gray area, and to me at least, it is ethical. To me at least, he is a hero. Because I’m familiar with the paywall created by the institutions that hold these publications, they’re adding very little value. So it is basically holding hostage the work of millions of brilliant scientists for some kind of, honestly, a crappy capitalist institution. Like they’re not actually making that much money, it doesn’t make any sense to me. It should, to me, it should all be open public access.
There’s no reason it shouldn’t be, all publications should be. So he stood for that ideal, and was punished harshly for it. That’s the other criticism, it was too harshly. And of course, deeply unfortunately, that also led to his suicide. Because he was also tormented on many levels. I mean, are you familiar with him? What do you think about that line between what is legal and what is ethical?
Chris Tarbell (01:28:31):
So it’s a tough case. I mean, the outcome was tragic, obviously. Unfortunately, when you’re in law enforcement, you have to, your job is to enforce the laws. I mean, it is not, if you’re told that you have to do a certain case, and there is a violation of, at the time, 18 U.S.C. 1030, computer hacking, you have to press forward with that. I mean, you have to charge, you bring the case to the U.S. Attorney’s Office, and whether they’re gonna press charges or not, you can’t really pick and choose what you press, and don’t press forward. I never felt that, at least that flexibility, not in the FBI. I mean, maybe when you’re a street cop, and you pull somebody over, you can let them go with a warning.
Lex Fridman (01:29:15):
So in the FBI, you’re sitting in a room, but you’re also a human being. You have compassion. You arrested Ross, the hand on the chest. I mean, that’s a human thing. So there’s a…
Chris Tarbell (01:29:28):
But I can’t be the jury for whether it was a good hack or a bad hack. It’s all someone, a victim has come forward and said, we’re the victim of this. And I agree with you, because again, the basis of the internet was to share academic thought. I mean, that’s where the internet was born.
Lex Fridman (01:29:45):
But it’s not up to you. So the role of the FBI is to enforce the law. Correct.
Chris Tarbell (01:29:55):
And there’s a limited number of tools on our Batman belt that we can use. Not to get into all the aspects of the Trump case and Mar-a-Lago and the documents there. I mean, the FBI has so many tools they can use and a search warrant is the only way they could get in there. I mean, that’s it. There’s no other legal document or legal way to enter and get those documents.
Lex Fridman (01:30:18):
What do you think about the FBI and Mar-a-Lago and the FBI taking the documents for Donald Trump?
Chris Tarbell (01:30:25):
You know, it’s a tough spot. It’s a really tough spot. The FBI has gotten a lot of black eyes recently. And I don’t know if it’s the same FBI that I remember when I was there.
Lex Fridman (01:30:37):
Do you think they deserve it in part? Was it done clumsily? Their raiding of the former president’s residence?
Chris Tarbell (01:30:46):
It’s tough. It’s tough, you know, because again, they’re only limited to what they’re legally allowed to do and a search warrant is the only legal way of doing it. I have my personal and political views on certain things. I think it might be surprising to some where those political stand, but.
Lex Fridman (01:31:08):
You told me offline that you’re a hardcore communist.
Chris Tarbell (01:31:13):
That was very strange, very surprising to me. Well, that’s only you tried to bring me into the Communist Party.
Lex Fridman (01:31:17):
Exactly, I was trying to recruit you. Giving you all kinds of flyers. Yeah. Okay, but you said like, you know, people in the FBI are just following the law, but there’s a chain of command and so on. What do you think about the conspiracy theories that people, some small number of people inside the FBI conspired to undermine the presidency of Donald Trump?
Chris Tarbell (01:31:42):
If you were to ask me when I was inside and before all this happened, I would say it never happened. I don’t believe in conspiracies. You know, there’s too many people involved. Somebody’s gonna come out with some sort of information. But I mean, the more the stuff that comes out, it’s surprising that agents are being fired because of certain actions they’re taking inside and being dismissed because of politically motivated actions.
Lex Fridman (01:32:05):
So do you think it’s explicit or just pressure? Do you think there could exist just pressure at the higher ups that has a political leaning and you kinda maybe don’t explicitly order any kind of thing, but just kinda pressure people to lean one way or the other and then create a culture that leans one way or the other based on political leanings?
Chris Tarbell (01:32:25):
You would really, really hope not. But I mean, that seems to be the narrative that’s being written.
Lex Fridman (01:32:30):
But when you were operating, you didn’t feel that pressure?
Chris Tarbell (01:32:34):
Man, I was such a low level. You know, I’d had no aspirations of being a boss. I wanted to be a case agent my entire life. So you love the puzzle of it, the chase. I love solving things, yeah. To be in management and manage people and all that, like no desire whatsoever.
Lex Fridman (01:32:51):
What do you think about Mark Zuckerberg on Joe Rogan’s podcast saying that the FBI warned Facebook about potential foreign interference? And then Facebook inferred from that that they’re talking about Hunter Biden laptop story and thereby censored it. What do you think about that whole story?
Chris Tarbell (01:33:14):
Again, you asked me when I was in the FBI, I wouldn’t believed it. From being on the inside, I wouldn’t believe these things, but there’s a certain narrative being written that is surprising to me that the FBI is involved in these stories.
Lex Fridman (01:33:25):
So, but the interesting thing there is the FBI is saying that they didn’t really make that implication. They’re saying that there’s interference activity happening. Just watch out. And it’s a weird relationship between the FBI and Facebook. You could see from the best possible interpretation that the FBI just wants Facebook to be aware because it is a powerful platform, a platform for viral spread of misinformation. So in the best possible interpretation of it, it makes sense for FBI to send some information saying like we’re seeing some shady activity. Absolutely. But it seems like all of that somehow escalated to a political interpretation.
Chris Tarbell (01:34:05):
I mean, yeah, it sounded like there was a wink-wink with it. That I don’t know if Mark meant for that to be that way. Again, are we being social engineered or was that a true expression that Mark had?
Lex Fridman (01:34:20):
And I wonder if the wink-wink is direct or just culture. You know, maybe certain people responsible on the Facebook side have a certain political lean and then certain people on the FBI side have a political lean when they’re interacting together. And it’s like literally has nothing to do with a giant conspiracy theory, but just with a culture that has a particular political lean during a particular time in history. And so like maybe it could be Hunter Biden laptop one time and then it could be whoever, Donald Trump Jr.’s laptop another time.
Chris Tarbell (01:34:58):
It’s a tough job. I mean, if you’re the liaison, if you’re the FBI’s liaison to Facebook, there are certain people that I’m sure they were offered a position at some point. There’s FBI agents that go, I know of a couple that’s gone to Facebook. There’s a really good agent that now leads up their child exploitation stuff.
Another squad mate runs their internal investigations, both great investigators. So, you know, there’s good money, especially when you’re an FBI agent that’s capped out at a, you know, a 1310 or whatever pay scale you’re capped out at. It’s alluring to be, you know, maybe want to please them and be asked to join them. Yeah, and over time that corrupts.
Lex Fridman (01:35:42):
I think there has to be an introspection in tech companies about the culture that they develop, about the political ideology, the bubble. It’s interesting to see that bubble. Like I’ve asked myself a lot of questions.
I’ve interviewed the Pfizer CEO, Pfizer CEO, what seems now a long time ago. And I’ve gotten a lot of criticism, positive comments, but also criticism from that conversation. And I did a lot of soul searching about the kind of bubbles we have in this world. And it makes me wonder, pharmaceutical companies, they all believe they’re doing good. And I wonder, because the ideal they have is to create drugs that help people and do so at scale.
And it’s hard to know at which point that can be corrupted. It’s hard to know when it was corrupted and if it was corrupted and where, which drugs and which companies and so on. And I don’t know, I don’t know that complicated. It seems like inside a bubble, you can convince yourself if anything is good. People inside the Third Reich regime were able to convince themselves, I’m sure many.
Just Bloodlands is another book I’ve been recently reading about it. And the ability of humans to convince they’re doing good when they’re clearly murdering and torturing people in front of their eyes is fascinating. They’re able to convince themselves they’re doing good. It’s crazy. Like there’s not even an inkling of doubt. Yeah, I don’t know what to make of that. So it has taught me to be a little bit more careful when I enter into different bubbles to be skeptical about what’s taken as an assumption of truth. Like you always have to be skeptical about like what’s assumed is true, is it possible it’s not true?
And if you’re talking about America, it’s assumed that in certain places that surveillance is good. Well, let’s question that assumption. Yeah. And also it inspired me to question my own assumptions that I hold as true constantly, constantly.
Chris Tarbell (01:38:13):
It’s tough, it’s tough. But you don’t grow, I mean, do you want to be just static and not grow? You have to question yourself on some of these things if you want to grow as a person.
Lex Fridman (01:38:22):
Yeah, for sure. Now, one of the tough things actually of being a public personality when you speak publicly is you get attacked all along the way as you’re growing. And I’m in part a big softy as well, if I may say, and it hurts, it hurts, it hurts. Do you pay attention to it? Yeah, yeah, yeah, yeah. It’s very hard. Like I have two choices. One, you can shut yourself off from the world and ignore it. I never found that compelling, this kind of idea of like hater’s gonna hate. Yeah.
Like this idea that anyone with a big platform or anyone’s ever done anything has always gotten hate. Okay, maybe. But like, I still want to be vulnerable, wear my heart on my sleeve, really show myself, like open myself to the world, really listen to people. And that means every once in a while, somebody will say something that touches me in a way that’s like, what if they’re right?
Chris Tarbell (01:39:24):
Do you let that hate influence you? I mean, can you be bullied into a different opinion than you think you really are just because of that hate?
Lex Fridman (01:39:32):
No, no, I believe not. But it hurts in a way that’s hard to explain. Like, yeah, it just, it gets to like, it shakes your faith in humanity, actually, is probably why it hurts. Like people that call me a Putin apologist or a Zelensky apologist, which I’m currently getting almost an equal amount of, but it hurts. It hurts because I, it hurts because it like, it damages slightly my faith in humanity to be able to see the love that connects us and then to see that I’m trying to find that. And that I’m doing my best in the limited capabilities I have to find that. And so to call me something like a bad actor, essentially, from whatever perspective, it just makes me realize, well, people don’t have empathy and compassion for each other. And it makes me question that for a brief moment. And that’s like a crack and it hurts.
Chris Tarbell (01:40:44):
How many people do this to your face? Very few. Yeah, it’s online e-muscles, man.
Lex Fridman (01:40:49):
They’re just flexing their e-muscles. I have to be honest that it happens because I’ve hung around with Rogan enough. When your platform grows, there’s people that will come up to Joe and say stuff to his face that they forget. They still, they forget he’s actually a real human being. They’ll make accusations about him.
Chris Tarbell (01:41:13):
So does that cause him to wall himself off more?
Lex Fridman (01:41:16):
No, he’s pretty gangster on that. But yeah, it still hurts. If you’re human, if you really feel others, I think that’s also the difference with Joe and me. He has a family that he deeply loves, and that’s an escape from the world for him. There’s a loneliness in me that I’m always longing to connect with people and with regular people. And just to learn their stories and so on. And so if you open yourself up that way, the things they tell you can really hurt in every way. Like just me going to Ukraine, just seeing so much loss and death.
Some of it is, I mean, unforgettably haunting. Not in some kind of political way, activist way, or who’s right, who’s wrong way, but just like, man, like so much pain. You see it and it just stays with you.
Chris Tarbell (01:42:17):
When you see a human being bad to another human, you can’t get rid of that in your head. You can’t imagine that we can treat each other like that. That’s the hard part, I think. I mean, for me it is. When I saw parents, when I did the child exploitation stuff, when they rented their children out, they literally rented infant children out to others for sexual gratification. Like, I don’t know how a human being could do that to another human being. And that sounds like the kind of thing you’re going through. I mean, I went through a huge funk when I did those cases afterwards. I should have talked to somebody. But in the FBI, you have to keep that machismo up or they’re gonna take your gun away from you.
Lex Fridman (01:42:57):
Well, I think that’s examples of evil and that that’s like the worst of human nature. But just because-
Chris Tarbell (01:43:08):
War is just as bad, I mean.
Lex Fridman (01:43:11):
Somehow war, it’s somehow understandable given all the very intense propaganda that’s happening. So you can understand that there is love in the heart of the soldiers on each side given the information they’re given. There’s a lot of people on the Russian side believe they’re saving these Ukrainian cities from Nazi occupation.
Now, there is stories, there is a lot of evidence of people for fun murdering civilians. Now, that is closer to the things you’ve experienced of like evil, of evil embodied. And I haven’t interacted with that directly with people who for fun murdered civilians.
Chris Tarbell (01:44:03):
But you know it’s there in the world. I mean, you’re not naive to it.
Lex Fridman (01:44:05):
Yes, but if you experience that directly, if somebody shot somebody for fun in front of me, that would probably break me, yeah. Like seeing it yourself, knowing that it exists is different than seeing it yourself. Now, I’ve interacted with the victims of that and they tell me stories and you see their homes destroyed, destroyed for no good military reason. It’s civilians with civilian homes being destroyed. That really lingers with you. But yeah, the people that are capable of that.
Chris Tarbell (01:44:37):
That goes with the propaganda. I mean, if you were to build a story, you have to have on the other side, the homes are gonna be destroyed, the non-military targets are gonna be destroyed.
Lex Fridman (01:44:48):
To put it in perspective, I’m not sure a lot of people understand the deep human side or even the military strategy side of this war. There’s a lot of experts outside of the situation that are commenting on it with certainty. And that kind of hurts me because I feel like there’s a lot of uncertainty. There’s so much propaganda, it’s very difficult to know what is true. Yeah, so my whole hope was to travel to Ukraine, to travel to Russia, to talk to soldiers, to talk to leaders, to talk to real people that have lost homes, that have lost family members, that who this war has divided, who this war changed completely how they see the world, whether they have love or hate in their heart to understand their stories. I’ve learned a lot on the human side of things by having talked to a lot of people there, but it has been on the Ukrainian side for me currently. Traveling to the Russian side is more difficult.
Let me ask you about your now friend. Can we go as far as to say his friend in Asabu, Hector Monsegur. What’s the story? What’s your long story with him? Can you tell me about what is LALSEC, who is Asabu, and who’s Anonymous? What is Anonymous? Where’s the right place to start that story?
Chris Tarbell (01:46:14):
Probably Anonymous. Anonymous was a, it still is, I guess, a decentralized organization. They call themselves Headless, but once you look into them a little ways, they’re not really Headless. The power struggle comes with whoever has a hacking ability. That might be you’re a good hacker or you have a giant botnet used for DDoS. So you’re gonna wield more power if you can control where it goes.
Anonymous started doing their hacktivism stuff in 2010 or so. The word hack was in the media all the time then. And then right around then, there was a federal contractor named HB Gary Federal. Their CEO is Aaron Barr. And Aaron Barr said he was gonna come out and de-anonymize Anonymous.
He’s gonna come out and talk at Black Hat or DEF CON or one of those and say who they are. He figured it out by based on when people were online, when people were in IRC, when tweets came out. There was no scientific proof behind it or anything. So he was just gonna falsely name people that were in Anonymous. So Anonymous went on the attack. They went and hacked in HB Gary Federal and they turned his life upside down. They took over his Twitter account and all that stuff pretty quickly.
Lex Fridman (01:47:31):
I have very mixed feelings about all of this. Okay. Part of me admires the positive side of the hacktivism. Okay. Is there no room for admiration there of the fuck you to the man?
Chris Tarbell (01:47:50):
Not at the time. Again, it was a violation. The 18 USC 1030. So it was my job. It’s what I, you know. So at the time, no. In retrospect, sure.
Lex Fridman (01:47:59):
But what was the philosophy of the hacktivism? Was it, philosophically, were they at least expressing it for the good of humanity or no?
Chris Tarbell (01:48:09):
They outwardly said that they were gonna go after people that they thought were corrupt. So they were judge and jury on corruption. They were gonna go after it. Once you get inside and realize what they were doing, they were going after people that they had an opportunity to go after. So maybe someone had a zero day and then they searched for servers running that zero day. And then from there, let’s find a target. I mean, one time they went after a toilet paper company. I still don’t understand what that toilet paper company did but it was an opportunity to make a splash.
Lex Fridman (01:48:41):
Is there some way for the joke, for the lulz?
Chris Tarbell (01:48:43):
It developed into that. So I think the hacktivism and the anonymous stuff wasn’t so much for the lulz. But from that HBGary Federal hack, then there were six guys that worked well together and they formed a crew, a hacking crew. And they kind of split off into their own private channels. And that was lulzsec or laughing at your security was their motto.
Lex Fridman (01:49:04):
So that’s l-u-l-z-s-e-c, lulzsec. Of course it is. Lulzsec. And who founded that organization?
Chris Tarbell (01:49:15):
So Kayla and Sabu were the hackers of the group. And so they really did all the work on HBGary. So they’re- And these are code names. Yeah, it’s their online names. They’re Nicks. And so that’s all they knew each other as. They talked as those names. And they worked well together. And so they formed a hacking crew and that’s when they started the, at first they didn’t name it this, but it was the 50 days of lulz where they would just release major, major breaches.
And it stirred up the media. I mean, it put hacking in the media every day. They had 400 or 500,000 Twitter followers.
You know, and it was kind of interesting, but then they started swinging at the beehive and they took out some FBI affiliated sites and then they started Fuck FBI Fridays, where every Friday they would release something. And we waited it with bated breath. I mean, they had us hook, line, and sinker pissed. We were waiting to see what was gonna be dropped every Friday. It was, it’s a little embarrassing. Looking back on it now. And this is in the early 2010s. Yeah. This was 2010, 2011, around there.
Lex Fridman (01:50:28):
To actually linger on Anonymous, what, do we still understand what the heck is Anonymous?
Chris Tarbell (01:50:36):
It’s just a place where you hang out. I mean, it’s just, it started on 4chan, went to 8chan. It’s really just, anyone, you could be in Anonymous right now if you wanted to. Just you’re in there hanging out in the channel. Now, you’re probably not gonna get much cred until you work your way up and prove who you are, or someone vouches for you. But anybody can be in Anonymous. Anybody can leave Anonymous. What’s the leadership of Anonymous? Do you have a sense that there is a leadership? There’s a power play. Now, there’s not someone that says, this is what we’re doing. No, we’re doing. I love
Lex Fridman (01:51:02):
of the the philosophical and the technical aspect of all of this. But I think there is a slippery slope to where for the lulls, you can actually really hurt people. That’s the terrifying thing. When you attach, I’m actually really terrified of the power of the lull. The fun thing somehow becomes a slippery slope. I haven’t quite understood the dynamics of that, but even in myself, if you just have fun with a thing, you lose track of the ethical grounding of the thing. And so it feels like hacking for fun can just literally lead to nuclear war, like literally destabilize.
Chris Tarbell (01:51:45):
Yeah, yada, yada, yada, nuclear war. I could see it.
Lex Fridman (01:51:49):
Yeah. So I’ve been more careful with the lull. Yeah, I’ve been more careful about that. And I wonder about it because in internet speak, somehow ethics can be put aside through the slippery slope of language. I don’t know. Everything becomes a joke. If everything’s a joke, then everything’s allowed, and everything’s allowed, then you don’t have a sense of what is right and wrong. You lose sense of what is right and wrong.
Chris Tarbell (01:52:15):
You still have victims. I mean, you’re laughing at someone. Someone’s the butt of this joke. You know, whether it’s major corporations or the individuals. I mean, some of the stuff they did was just, you know, releasing people’s PII and their personal identifying information and stuff like that. I mean, is it a big deal? I don’t know. Maybe, maybe not. But, you know, if you could choose to not have your information put out there, probably wouldn’t.
Lex Fridman (01:52:38):
We do have a sense of what anonymous is today. Has it ever been one stable organization? Or is it a collection of hackers that kind of emerge for particular tasks, for particular, like, hacktivism tasks?
Chris Tarbell (01:52:53):
And that kind of stuff. It’s a collection of people that has some hackers in it. There’s not a lot of big hackers in it. I mean, there’s some that’ll come bounce in and bounce out. Even back then, there was probably just as many reporters in it, people in the media in it, with the hackers at the time, just trying to get the inside scoop on things. You know, some giving the inside scoop. You know, we arrested a reporter that gave over the username and password to his newspaper. And, you know, just so he could break the story. He trusted him.
Lex Fridman (01:53:29):
Speaking of trust, reporters, boy, there’s good ones. There’s good ones. There are. There are. But boy, do I have a complicated relationship with them. How many stories about you are completely true? You can just make stuff up on the internet. And one of the things that, I mean, there’s so many fascinating psychological, sociological elements of the internet to me. One of them is that you can say that Lex is a lizard, right?
And if it’s not funny, so lizard is kind of funny, what should we say? Lex has admitted to being an agent of the FBI, okay? You can just say that, right? And then the response that the internet would be like, oh, is that true? I didn’t realize that. They won’t go like, provide evidence, please, right? They’ll just say like, oh, that’s weird. I didn’t, I kind of thought he might be kind of weird. And then it piles on, it’s like, hey, hey, hey, guys. Like, here’s a random dude on the internet just said a random thing. You can’t just like pile up as, and then.
Chris Tarbell (01:54:37):
Yeah, Johnny6969 is now a source that says.
Lex Fridman (01:54:40):
And then like, the thing is, I’m a tiny guy, but when it grows, if you’re like have a big platform, I feel like newspapers will pick that up.
And then they’ll like start to build on a story. And you never know where that story really started. It’s so cool. I mean, to me, actually, honestly, it’s kind of cool that there’s a viral nature of the internet that can just fabricate truth completely. I think we have to accept that new reality and try to deal with it somehow. You can’t just like complain that Johnny6969 can start a random thing. But I think in the best possible world, it is the role of the journalist to be the adult in the room and put a stop to it versus look for the sexiest story so that there could be clickbait that can generate money. Journalism should be about sort of slowing things down, thinking deeply through what is true or not and showing that to the world. I think there’s a lot of hunger for that. And I think that would actually get the most clicks
Chris Tarbell (01:55:41):
in the end. I mean, it’s that same pressure I think we’re talking about with the FBI and with the tech companies about Controllers. I mean, the editors have to please and get those clicks. I mean, they’re measured by those clicks. So, you know, I’m sure the journalists, the true journalists, the good ones out there want that, but they want to stay employed too.
Lex Fridman (01:55:60):
I should ask you really as another tangent, the Jared and others, they’re doing undercover. In terms of the tools you have for catching cybersecurity criminals, how much of it is undercover?
Chris Tarbell (01:56:13):
Undercover is a high bar to jump over. You have to do a lot to start an undercover in the FBI. There’s a lot of thresholds. So it’s not your first investigative tool step. You have to identify a problem and then show that the lower steps can’t get you there. But I mean, I think we had an undercover going on a squad about all times when one was being shut down or taken down, we were spinning up another one. So it’s a good tool to have, you know, and utilize. They’re a lot of work. I don’t think if you run one, you’ll never run another one in your life.
Lex Fridman (01:56:52):
Oh, so it’s like psychologically, there’s a lot of work just technically, but also psychologically, like you have to really-
Chris Tarbell (01:56:58):
It’s 24 seven, you’re inside that world. Like you have to know what’s going on and what’s happening. You know, you’re taking on, you have to remember who you are when you’re, because you’re a criminal online. You have to go to a special school for it too. Was that ever something compelling to you? I went through the school, but I’m a pretty open and honest guy. And so it’s tough for me to build that wall of lies. Maybe I’m just not smart enough to keep all the lies straight.
Lex Fridman (01:57:25):
Yeah, but a guy who’s good at building up a wall of lies would say that exact same thing. Exactly. It’s so annoying the way truth works in this world. It’s like, people have told me like, because I’m trying to be honest and transparent, that’s exactly what an agent would do, right? But I feel like an agent would not wear a suit and tie.
Chris Tarbell (01:57:44):
I wore a suit and tie every day. I was a suit and tie guy. You were? Yeah, every day. I remember one time I wore shorts in and the SAC came in and this was when I was, I was a rockstar at the time in the Bureau and I had shorts in and I said, sorry, ma’am, I apologize for my attire. And she goes, you can wear bike shorts in here, I wouldn’t care. I was like, oh shit, that sounds nice. I never wore the bike shorts, but yeah.
Lex Fridman (01:58:07):
But see, I don’t see a suit and tie as constraining. I think it’s liberating in sorts. It’s like, shows that you’re taking the moment seriously.
Chris Tarbell (01:58:16):
Well, not just that people wanted it. I mean, people expected when you’re not, you are dressed like a perfect FBI agent. When someone knocks on their door, that’s what they want to see. They want to see what Hollywood built up is what an FBI agent is. You show up like my friend, Il-Won. He was dressed always in t-shirts and shorts. People aren’t going to take him serious. They’re not going to give him what they want.
Lex Fridman (01:58:34):
I wonder how many police that can just show up and like, say I’m from the FBI and start interrogating them. Like at a bar. Probably.
Chris Tarbell (01:58:41):
Like how- Oh, definitely, if they’ve had a few drinks, you could definitely. Well, but people are going to recognize you. That’s the only problem. That’s another thing. You start taking out a big, big cases. You can’t work cases anymore in the FBI. Your face gets out there. Your name too.
Lex Fridman (01:58:52):
Yeah, yeah. Well, actually, let me ask you about that before we return to our friend Sabu. Okay. You’ve tracked and worked on some of the most dangerous people in this world. Have you ever feared for your life?
Chris Tarbell (01:59:11):
So I had to make a really, really shitty phone call one time. I was sitting in the bureau and this was right after Silk Road. And Jared called me. He was back in Chicago. And he called me and said, hey, your name and your kid’s name are on a website for an assassination. They’re paying to have you guys killed.
Now, these things happen on the black market. They come up and people debate whether they’re real or not. But we have to take it serious. Someone’s paying to have me killed. So I had to call my wife and we had a word in that if I said this word, and we only said it one time to each other, if I said this is serious, drop what you’re doing and get to the kids. And so I had to drop the word to her. And I could feel the breath come out of her because she thought her kids were in danger at the time they were.
I wasn’t in a state of mind to drive myself. So an agent on the squad, a girl named Evelina, she drove me, lights and sirens all the way to my kid’s school. And I called the school. We were in a lockdown. Nobody should get in or out, especially someone with a gun. The first thing they did was let me in the building with a gun. So I was a little disappointed with that.
My kids were, I think, kindergarten and fifth grade or somewhere around there. Maybe they’re closer, second, I’m not sure where. But all hell broke loose. And we had to, from there, go move into a safe house. I live in New York City. NYPD surrounded my house. The FBI put cameras outside my house. You couldn’t drive in my neighborhood without your license plate being read. Hey, why is this person here? Why is that person there?
I got to watch my house on an iPad while I sat at my desk. But again, I put my family through that and it scared the shit out of them. And that’s, to be honest, I think that’s sort of my mother-in-law’s words were, I thought you did cybercrime. And because during Silk Road, I didn’t tell my family what I was working on. I don’t talk about that. I want to escape that. I don’t want to be there. I remember that, so when I was in the FBI, driving in, I used to go in at 4.30 every morning because I like to go to the gym before I go to the desk. So I’d be at the desk at seven, so in the gym at five, a couple hours, and then go.
The best time I had was that drive-in in the morning where I could just be myself. I listened to a sports podcast out of DC. And we talked about sports and the Nationals and whatever it was, the Capitals. You know, it was great to not think about Silk Road for 10 minutes. So, but that was my best time, but yeah, again. So yeah, I’ve had that move into the safe house. I left my MP5 at home. That’s the Bureau’s machine gun. Showed my wife to just pull and spray.
Lex Fridman (02:02:09):
So. But how often did you live or work and live with fear in your heart?
Chris Tarbell (02:02:16):
It was only that time. I mean, in my, for actual physical security, then, I mean, after the anonymous stuff, I really tightened down to my cybersecurity. You know, I don’t have social media. I don’t have pictures of me and my kids online. I don’t really, if I go to a wedding or something, I say, I don’t take my picture with my kids, you know, if you’re gonna post it someplace or something like that. So that sort of security I have, but you know, just like everybody, you start to relax a little bit and security breaks down because it’s not convenient.
Lex Fridman (02:02:49):
But it’s also part of your job, so you’re much better at, I mean, your job now and your job before, so you’re probably much better taking care of the low-hanging fruit, at least.
Chris Tarbell (02:03:01):
I understand the threat, and I think that’s what a lot of people don’t understand, is understanding what the threat against them is. So I’m aware of that and what possibly, and I think about it, you know, I think about things. I do remember, so you tripped a memory in my mind. I remember a lot of times, and I had a gun on my hip, I still carry a gun to this day, opening my front door and being concerned what was on the other side, leave, walking out of the house, because I couldn’t see it. I remember those four o’clocks heading to the car. I was literally scared.
Lex Fridman (02:03:38):
I mean, having seen some of the things you’ve seen, it makes you perhaps question how much evil there is out there in the world, how many dangerous people there are out there, crazy people even.
Chris Tarbell (02:03:52):
There’s a lot of crazy, there’s a lot of evil. Most people, I think, get into cybercrime or just opportunistic, not necessarily evil. They don’t really know, maybe think about the victim, they just do it as a crime of opportunity. I don’t label that as evil.
Lex Fridman (02:04:09):
And one of the things about America that I’m also very happy about is that rule of law, despite everything we talk about, there is, it’s tough to be a criminal in the United States. So, like, if you walk outside of your house, you’re much safer than you are in most other places in the world.
Chris Tarbell (02:04:29):
You’re safer, and the system’s tougher. I mean, LulzSec, six guys, one guy in the United States, five guys other places. Hector was facing 125 years. Those guys got slaps on the wrist and went back to college. You know, different laws, different places.
Lex Fridman (02:04:48):
So, who’s Hector? Tell me the story of Hector. So, this LulzSec organization was started, so Hector was before that in, he was in part anonymous, he was doing all kinds of hacking stuff, but then he launched LulzSec.
Chris Tarbell (02:05:02):
He’s an old school hacker. I mean, he learned how to hack, and I don’t wanna tell his story, but he learned to hack because he grew up in the Lower East Side of New York and picked up some NYPD stuff. Picked up some NYPD computers that were left on the sidewalk for trash. Taught himself how to.
Lex Fridman (02:05:18):
He doesn’t exactly look like a hacker. For people who don’t know, he looks, I don’t know exactly what he looks like, but not like a technical, not what you would imagine. But perhaps that’s a Hollywood portrayal.
Chris Tarbell (02:05:31):
Yeah, I think you get in trouble these days saying what a hacker looks like. I don’t know if they have a traditional look. Just like I said, Hollywood has an idea of what an FBI looks like. I don’t think you can do that anymore. I don’t think you can say that anymore.
Lex Fridman (02:05:45):
Well, he certainly has a big personality and charisma and all that kind of stuff.
Chris Tarbell (02:05:49):
Lex Fridman (02:05:50):
I can see him selling me anything. That’s Sabu.
Chris Tarbell (02:05:54):
That’s Sabu. Convincing me of anything. You know, they’re two different people. There’s Sabu and there’s Hector. Hector is a sweet guy. He likes to have intellectual conversations, and that’s just a thing. He’d rather just sit there and have a one-on-one conversation with you. But Sabu, that’s a ruthless motherfucker. And you first met Sabu? I was tracking Sabu, so that’s all I knew was Sabu. I didn’t know Hector.
Lex Fridman (02:06:18):
So when did your paths cross in terms of tracking? When did you first take on the case? The spring of 11.
Chris Tarbell (02:06:27):
So it was through Anonymous. Through Anonymous, and really kind of LulzSec. We were, LulzSec was a big thing, and it was pushed out to all the cyber, you know, 56 field offices in the FBI. Most of them have cyber squads or cyber units. And so, you know, it was being pushed out there, and it was in the news every day, but it really wasn’t ours. So we didn’t have a lot of victims in our AOR area of responsibility. And so we just kind of pay attention to it. Then I got a tip that a local hacker in New York had broken into AOL.
And so Olivia Olsen and I, she’s another agent who she’s still in, she’s a supervisor on LA, she’s a great agent. We went all around New York looking for this kid just to see what we can find, and ended up out in Staten Island at his grandmother’s house. She didn’t know where he was, obviously, why would she? But I left my card. He gave me a call that night and started talking to me. And I said, let’s just meet up tomorrow at the McDonald’s across from 26th Ave. And he came in, and three of us sat there and talked, and, you know, gave me his stuff.
He started telling me about all the felonies he was committing those days, including that break-in to AOL. And then he finally says, you know, you know, I can give you SABU. And SABU to us was the Kaiser-Soviet-American. He was our guy. You know, he was the guy that was in the news that was pissing us off.
Lex Fridman (02:07:50):
So- So he was part of the FBI Fridays?
Chris Tarbell (02:07:54):
SABU was, yeah. Oh, he led it. Yeah, he was the leader of fuck FBI Fridays. So, yeah.
Lex Fridman (02:07:59):
What was one of the more memorable F, the triple Fs? I said, what, how do you get, why, how and why do you go after the beehive? That’s kind of intense.
Chris Tarbell (02:08:14):
You get on the news. It gets you, it’s the lulls. It’s funnier to go after the big ones. You know, and they weren’t getting like real FBI. They weren’t breaking into FBI mainframes or anything, but they, you know, they were, you know, affiliate sites or anything that had to, a lot of law enforcement stuff was coming out. So, but, you know, we looked back. And so if this kid knew that SABU, maybe there was a chance we’d use him to lure SABU out. But we also said, well, maybe this kid knows SABU in real life. And so we went and looked through the IPs and 10 million IPs, we find one and it belonged to him.
And so that day SABU, someone had doxxed SABU and we were a little afraid he was gonna be on the run. We had a surveillance team and FBI surveillance teams are awesome. Like you cannot even tell their FBI agents. It’s, they are really that good. I mean, there’s baby strollers and all, whatever you wouldn’t expect an FBI agent to have. So that’s a little like the movies. A little bit, yeah. I mean, it is true, but they fit into the area. So now they’re on the Lower East Side, which is, you know, a baby stroller might not fit in there as well as, you know, somebody just laying on the ground or something like that. They really get, play the character and get into it.
Lex Fridman (02:09:26):
So now, I can never trust a baby stroller again. Well, yeah, probably shouldn’t.
Chris Tarbell (02:09:30):
Every baby, I’m just like, look at, stare at them suspiciously. Especially if the mom’s wearing cargo pants
Lex Fridman (02:09:34):
while she pushes it, so. Yeah, so if it’s like a very stereotypical mom, a stereotypical baby, I’m gonna be very suspicious. I’m gonna question the baby. That baby’s wired.
Chris Tarbell (02:09:44):
Be careful. You know, we raced out there and like our squad’s not even full. There’s only a few guys there. And like I said, I was a suit guy, but that day I had shorts and a t-shirt on. I had a white t-shirt on and I only bring it up because Sabu makes fun of me to this day. So I had a bulletproof vest and a white t-shirt on and that was it. I had shorts too and all that, but raced over to there. We didn’t have any equipment. We brought our boss’s boss’s boss. He stopped off at NYPD, got us like a ballistic shield and a battery ram if we needed it.
And then we get to Hector’s house. Sabu’s house and he’s on the sixth floor. And so normally, you know, we’re the cyber dork squad. We’ll hop in the elevator. Six floors is a long ways to go up and bulletproof vest and a ballistic shield. But we had been caught in an elevator before on a search. So we didn’t, took the stairs.
We get to the top, a tad winded, but knocking the door and this big towering guy opens the door just slightly. And he sees the green vest with big yellow letters, FBI, and he steps outside. Can I help you? You know, tries to social engineer us. But eventually we get our way inside the house. You know, I noticed a few things that are kind of out of place. There’s a laptop charger and a flashing modem. And I said, well, do you have a computer here? And he says, no, there’s no computer here.
So we knew the truce and then the half lies and all that sort of thing. So it took us about another two hours and finally he gave up that he was Sabu. He was the guy we were looking for. So we sat there and we kind of showed him sort of the evidence we had against him. And, you know, from his words, we sat there and talked like two grown adults. And, you know, I gave him the options and he said, well, let’s talk about working together.
Lex Fridman (02:11:37):
So he chose to become an informant.
Chris Tarbell (02:11:42):
I don’t think he chose that night, but that’s where it kind of went to. So then we brought him down to the FBI that night, which was, it was a funny trip because I’m sitting in the back seat of the car with him. And I was getting calls from all over the U.S. from different FBI agents saying that we arrested the wrong guy. And I was like, I don’t think so. And they’re like, why do you think so? I was like, because he says it’s him. And they still said, no, it’s the wrong guy. So I said, well, we’ll see how it plays out.
Lex Fridman (02:12:10):
That’s so interesting because it’s such a strange world. Such a strange world because it’s tough to, because you still have to prove it’s the same guy, right? Because the anonymity.
Chris Tarbell (02:12:21):
Yeah, I mean, we had his laptop, you know, at that point. Yeah, I know, but. Him saying, that helped. I gave him a clue in my world. Yeah, yeah. But yeah, if he would have fought it, I mean, that definitely would have come in as evidence that other FBI agents are saying it’s not him. You have to disclose that stuff. So you had a lot of stuff on him.
Lex Fridman (02:12:39):
What was he facing if? He was facing 125 years. 125 years in prison.
Chris Tarbell (02:12:47):
That’s, now that’s if you took every charge we had against him and put him, you know, consecutively. No, no one ever gets charged that, but yeah, essentially it would have been 125 years. You know, fast forward to the end, he got thanked by the judge for his service after nine months. And he walked out of the court a free man.
Lex Fridman (02:13:06):
But that’s being, while being an informant.
Chris Tarbell (02:13:12):
Well, so the word informant here really isn’t that good. It’s not fitting that technically, I guess that’s what he was, but he didn’t know the other people. It was all anonymous. He knew Nix and all that. He really gave us the insight of what was happening in the hacker world. Like I said, he was an old school hacker. Back when hackers didn’t work together with anonymous, he was down, you know, Cult of Dead Cow and those type guys, like way back. He was around for that. He’s like an encyclopedia of hacking. But, you know, we just-
Lex Fridman (02:13:45):
So I guess his prime was in the 90s.
Chris Tarbell (02:13:48):
For terror hack, but yeah, he kind of came back when anonymous started going after MasterCard and PayPal and all that, do the WikiLeaks stuff.
Lex Fridman (02:13:55):
But even that little interaction, being an informant, he probably made a lot of enemies. How do you protect a guy like that?
Chris Tarbell (02:14:02):
He made enemies after it was revealed? Yeah. How does the FBI protect him? Good luck.
Lex Fridman (02:14:11):
I mean, perhaps I’ll talk to him one day, but is that guy afraid for his life?
Chris Tarbell (02:14:18):
I, again, I think-
Lex Fridman (02:14:19):
It doesn’t seem like it.
Chris Tarbell (02:14:20):
He has very good security for himself, cyber security. But, you know, yeah, he doesn’t like the negative things said about him online. I don’t think anybody does. But, you know, I think it’s so many years of the internet kind of bitching at you and all that, you get calloused, it’s just internet bitching.
Lex Fridman (02:14:42):
And also the hacking world moves on very quickly. He has kind of, they have their own wars to fight now, and he’s not part of those wars anymore.
Chris Tarbell (02:14:53):
There’s still people out there that bitch and moan about him, but yeah, I think it’s less. I think, you know, he has a good message out there of, you know, trying to keep kids from making the same mistakes he made. He tries to really preach that.
Lex Fridman (02:15:12):
How do people get into this line of work? Is there all kinds of ways, being not your line of work, his line of work, just all the stories you’ve seen of people that are in Anonymous and LulzSec and Silk Road and all the cyber criminals you’ve interacted with. What’s the profile of a cyber criminal?
Chris Tarbell (02:15:33):
I don’t think there’s a profile anymore. You know, I used to be able to say, you know, the kid in your mom’s basement or something like that, but it’s not true anymore. You know, like, it’s wide. It’s like, I’ve arrested people that you wouldn’t expect would be cyber criminals.
Lex Fridman (02:15:50):
And it’s in the United States, it’s international, it’s everything.
Chris Tarbell (02:15:52):
Oh, it’s international. I mean, we’re seeing a lot of the big hackers now. The big arrests for hackers in England, surprisingly. You know, you’re not gonna see there’s a lot of good hackers like down in Brazil, but I don’t think Brazil law enforcement is as good at hunting them down, so you’re not gonna see the big arrests. How much
Lex Fridman (02:16:11):
state-sponsored cyber attacks are there, do you think?
Chris Tarbell (02:16:17):
More than you can imagine. And what do you want to say, an attack? A successful attack or just a probing?
Lex Fridman (02:16:24):
Probing for information, just like feeling, you know, testing that there’s where the attack factors are, trying to collect all
Chris Tarbell (02:16:34):
the possible attack factors. Put a Windows 7 machine on the internet forward-facing and put a packet sniffer on there and look at where the driver comes from. I mean, in 24 hours, you were gonna fill up a hard drive with packets just coming at it. Yeah. I mean, it’s not hard to know. I mean, it’s just constantly probing for entry points into things, you know? You could go mad putting up Honeypot, draws in intrusions. Should I see what methodologies? Just to see what’s out there. Yeah, and it doesn’t go anywhere. It maybe has fake information and stuff like that. You know, it’s kind of to see what’s going on and judge what’s happening on the internet. Get a, you know, lick your finger and test the wind of what’s happening these days. The funny thing about,
Lex Fridman (02:17:12):
like, because I’m at MIT, that attracted even more attention for the, not for the lulls, but for the technical challenge. It seems like people enjoy hacking MIT. It’s just the amount of traffic MIT was getting for that, in terms of just the sheer number of attacks from different places, it’s crazy. Yeah, like, just like that. Putting up a machine, seeing what comes.
Chris Tarbell (02:17:33):
NASA used to be the golden ring. Now everybody got NASA. That was, like, the early 90s. If you could hack NASA, that was the, now, yeah, MIT is a big one. Yeah.
Lex Fridman (02:17:40):
It’s fun. It’s fun to see. Yeah. Respect, because I think in that case, it comes from a somewhat good place, because, you know, they’re not getting any money from MIT. It’s more for the challenge. Let me ask you about that, about this world of cybersecurity. How big of a threat are cyber attacks for companies and for individuals? Like, let’s lay out, where are we in this world? What’s out there?
Chris Tarbell (02:18:09):
It’s the wild, wild, wild west. And it’s, I mean, people want the idea of security, but it’s inconvenient, so they don’t, they push back on it. And there are a lot of opportunistic, nation state, financially motivated hackers, hackers for the lols. You got three different tiers there. And they’re on the prowl. They have tools. They have really good tools that are being used against us.
Lex Fridman (02:18:36):
And at what scale? So when you’re thinking of, I don’t know what’s, let’s talk about companies first. So say you’re talking to a mid tier. I wonder what the most interesting business is. So Google, we can look at large tech companies, or we can look at medium size tech companies. And like you were sitting in a room with a CTO, with a CEO. And the question is, how fucked are we? And what should we do? What’s the low hanging fruit? What are the different strategies and those companies should consider?
Chris Tarbell (02:19:14):
I mean, the problem is they want a push button. They want a out of the box solution that I’m secure. They want to tell people they’re secure. And that’s very challenging to have. It’s impossible. If I could, if someone had it, they’d be a billionaire. They’d be beyond a billionaire, because that’s what everybody wants. So it’s, you can buy all the tools you want. It’s configuring them the proper way. And there’s, if anyone’s trying to tell you that there’s one solution that fits all, they’re snake hole salesmen. And there’s a lot of people in cybersecurity that are snake hole salesmen.
Lex Fridman (02:19:46):
Yeah, and I feel like there’s tools, if they’re not configured correctly, they just introduce, they don’t increase security significantly, and they introduce a lot of pain for the people. They decrease efficiency of the actual work you have to do. So like we had, I was at Google for a time, and I think mostly I want to give props to their security efforts, but user data, so like data that belongs to users, is like the holy, like the amount of security they have around that is incredible. So most, any time I had to work with anything even resembling user data, so I never got a chance to work with actual user data, anything resembling that, first of all, you have no access to the internet. It’s impossible to even come close to the access to the internet. And there’s so much pain to actually, like, interact with that data.
Where, I mean, it was extremely inefficient. In places where I thought it didn’t have to be that inefficient, the security was too much. But I have to give respect to that, because in that case, you want to err on the side of security, but that’s Google. They were doing a good job of this.
Chris Tarbell (02:21:03):
It’s a reputational harm if it got out. I mean, Google, you know, why is Google drive-free, you know, because they want your data. They want you to park your data there. So, you know, if they got hacked or leaked information, the reputational harm would be tremendous.
Lex Fridman (02:21:18):
But, you know, for a company that’s not, it’s really hard to do that, right? And the company’s not as big as Google or not as tech-savvy as Google, might have a lot of trouble with doing that kind of stuff. Instead, instead of increasing security, they’ll just decrease the efficiency.
Chris Tarbell (02:21:35):
Well, yeah, so there’s a big difference between IT and security. And unfortunately, these mid-side companies, they try to stack security into their IT department. Your IT department is about business continuity. They’re about trying to move business forward. They want users to get the data they need to do their job so the company can grow. Security is not that. They don’t want you to get the data. You know, but there’s fine-tuning you can do to, you know, ensure that. I mean, as simple as like, having good onboarding procedures for employees. Like, you come into my company, you don’t need access to everything. Maybe you need access to something for one day. Turn the access on, don’t leave it on. I mean, I was the victim of the OPM hack, the Office of Personnel Management, because old credentials from a third-party vendor were sitting there inactive. And the Chinese government found those credentials and were able to log in and steal all my information. So a lot could be helped
Lex Fridman (02:22:25):
if you just control the credentials, the access, the access control, how long they last. And people who need access to a certain thing only get access to that thing and not nothing else. And then it just gets refreshed like that.
Chris Tarbell (02:22:39):
Access control, you know, like we said, setting up people, leaving the company, get rid of their, they don’t need control. Two-factor authentication, you know, that’s a big thing. You know, I mean, I sound like a broken record because this isn’t anything new. This isn’t rocket science. The problem is we’re not implementing it. If we are, we’re not doing it correctly because these guys are taking us.
Lex Fridman (02:22:60):
Well, two-factor authentication is a good example of something that I just was annoyed by for the longest time. Because yes, it’s very good, but like it seems that it’s pretty easy to implement horribly to where it’s like, it’s not convenient at all for the legitimate user to use. It should be trivial to do, like to authenticate yourself twice should be super easy.
Chris Tarbell (02:23:25):
If security, if it’s slightly inconvenient for you, it’s thinking about how inconvenient it is for a hacker and how they’re just gonna move on to the next person.
Lex Fridman (02:23:32):
Yes, yes, in theory, when implemented extremely well. Yeah. But I just don’t think so. I think actually if it’s inconvenient, it shows that system has been thought through a lot.
Chris Tarbell (02:23:46):
Do you know why we need two-factor authentication? People using the same password across the same site. So when one site is compromised, people just take that username and password, it’s called credential stuffing and just stuff it across the internet. So if 10 years ago when we told everybody, don’t use the same fucking password across the internet, across vulnerable sites, maybe two-factor wouldn’t be needed.
Lex Fridman (02:24:06):
Yeah, so you would need two-factor if everyone did a good job with passwords. Yeah. Right, but I’m saying like the two-factor authentication, it should be super easy to authenticate myself with some other device really quickly. Like it should be frictionless. Like you just hit okay? Okay, and anything that belongs to me, yeah. And it should, very importantly, be easy to set up what belongs to me. I don’t know the full complexity of the cyber attacks these platforms are under. They’re probably under insane amount of attacks.
Chris Tarbell (02:24:44):
Yeah, you’ve got it right there. People have no idea, these large companies, how often they’re attacked on a per second basis. And they have to fight all that off and pick out the good traffic in there. So yeah, there’s no way I’d want to run a large tech company.
Lex Fridman (02:25:01):
What about protecting individuals? For individuals, what’s good advice for to try to protect yourself from this increasingly dangerous world of cyber attacks?
Chris Tarbell (02:25:13):
Again, educate yourself that you understand that there is a threat. First, you have to realize that. Then you’re gonna step up and you’re gonna do stuff a little bit more. Sometimes, I guess, I think I take that to a little bit extreme. I remember one time my mom called me and she was screaming that I woke up this morning and I just clicked on a link and now my phone is making weird noises.
And I was like, throw your phone in a glass of water. Just put it in a glass of water right now. And I made my mom cry. It was not a pleasant thing. So sometimes I go to a little extremes on those ones. But understanding there’s a risk in making it a little more difficult to become a victim. I mean, just understanding certain things.
Simple things like, as we add more internet of the things to people’s houses, I mean, how many Wi-Fi networks do people have? It’s normally just one. And you’re bumping your phones and giving your password to people who come to visit. Set up a guest network. Set up something you can change every 30 days. Simple little things like that. I hate to remind you, but change your passwords. I mean, I feel like I’m a broken record again. But just make it more difficult for others to victimize you.
Lex Fridman (02:26:20):
And then don’t use the same password everywhere. That, yes. I mean. I still know people that do that.
Chris Tarbell (02:26:28):
I mean, ask.fm got popped last week, two weeks ago. And that’s 350 million username and passwords with connected Twitter accounts, Google accounts, all the different social media accounts. That is a treasure trove for the next two and a half, three years of just using those credentials everywhere. Using, you’ll learn, even if it’s not the right password, you’ll learn people’s password styles. Bad guys are making portfolios out of people. We’re figuring out how people generate their passwords and kind of figuring, and then it’s easier to crack their password. We’re making a dossier on each person. It’s 350 million dossiers just in that one hack. Yahoo, there was half a billion.
Lex Fridman (02:27:09):
So the thing a hacker would do with that is try to find all the low-hanging fruit. Like have some kind of program that, yeah, evaluates the strength of the passwords and then finds the weak ones. That means that this person is probably the kind of person that would use the same password across multiple.
Chris Tarbell (02:27:27):
Or even just write a program into that. Remember the ring hack a couple of years ago? That’s all it was, it was credential stuffing. So ring the security system by default. Had two-factor, but didn’t turn it on. And they also had a don’t try unlimited tries to log into my account. You can lock it out after 10. By default, not turned on, because it’s not convenient for people. The ring, I was like, I want people to stick these little things up and have security in their house. But cybersecurity, don’t make it inconvenient. Then people won’t buy our product. That’s how they got hacked. They wanted to say that it’s insecure and got hacked into. Reputational harm right there for ring, but they didn’t. It was just credential stuffing. People bought username and passwords on the black market and just wrote a bot that just went through ring and used every one of them to maybe 1% hit. But that’s a big hit to the number of ring users.
Lex Fridman (02:28:17):
You know, you can use also password managers to make the changing of the passwords easier.
Chris Tarbell (02:28:22):
Yeah, and to make, you can change the difficulty, the number of special characters, the length of it and all that.
Lex Fridman (02:28:29):
My favorite thing is on websites, yell at you for your password being too long or having too many special characters, or like, or yeah, you’re not allowed to have this special character or something.
Chris Tarbell (02:28:42):
You can only use these three special characters. It’s like, you know, do you understand how password cracking works? If you specifically tell me which special characters I can use?
Lex Fridman (02:28:53):
I honestly just want to have a one-on-one meeting like late at night with the engineer that programmed that because that’s like an intern. I just want to have a sit down meeting.
Chris Tarbell (02:29:03):
Yeah, I made my parents switch banks once because the security was so poor. I was like, you just, you can’t have money here.
Lex Fridman (02:29:09):
But then there’s also like the zero-day attacks. Like I mentioned before the QNAP NAS that got hacked. Luckily, I didn’t have anything private on there, but it really woke me up to like, okay, so like, if you take everything extremely seriously.
Chris Tarbell (02:29:27):
Fortunately for the end users, there’s nothing you can do about zero-day. It’s, you know, you have no control over that. I mean, it’s the engineers that made the software don’t even know about it. Now let’s talk about one days. So there’s a patch now out there for the security. So if you’re not updating your systems for these security patches, if it’s just not on you, my father-in-law has such an old iPhone, you can’t security patch it anymore. So, you know, and I tell him, I said, you know, this is what you’re missing out on. This is what you’re exposing yourself to because, you know, we talked about that powerful tool that how we found Ross Ulbrich at gmail.com. Well, bad guys are using that too. It’s called, you know, it used to be called Google dorking. Now it’s, I think it’s named kind of Google hacking by the community. You can go in, you know, and find a vulnerability, read about the white paper, what’s wrong with that software. And then you can go on the internet and find all of the computers that are running that outdated software.
And there’s your list. There’s your target list. Yeah. I know the vulnerabilities that are running. Again, not making a playbook here, but, you know, that’s how easy it is to find your targets. And that’s what the bad guys are doing.
Lex Fridman (02:30:35):
Then the reverse is tough. It’s much tougher, but it’s still doable, which is like first find the target. If you have specific targets to, you know, hack into a Twitter account, for example. Much harder. That’s probably social engineering, right? That’s probably the best way.
Chris Tarbell (02:30:50):
Probably, if you wanted something specific to that. I mean, if you really want to go far, you know, if you’re targeting a specific person, you know, how hard is it to get into their office and put a, you know, a little device, USB device in line with their mouse, who checks how their mouse is plugged in. And you can, for 40 bucks on the black market, you can buy a key logger that just USB, then the mouse plugs right into it. It looks like an extension on the mouse. If you can even find it, you can buy the stuff with a mouse inside of it and just plug it into somebody’s computer. And if there’s a key logger that lives in there and calls home, it sends everything you want. So, I mean, and it’s cheap.
Lex Fridman (02:31:25):
Yeah. In grad school, a program that built a bunch of key loggers. It was fascinating, tracking mouse, just for what I was doing as part of the research, I was doing to see if by the dynamics of how you type and how you move the mouse, you can tell who the person is. Oh, wow. That’s like, it’s called Active Authentication, or like, it’s basically biometrics that’s not using bio, to see how identifiable that is. So, it’s fascinating to study that, but it’s also fascinating how damn easy it is to install key loggers. So, I think it’s natural. What happens is you realize how many vulnerabilities there are in this world. You do that when you understand bacteria and viruses, you realize they’re everywhere. And the same way with, I’m talking about biological ones, and then you realize that all the vulnerabilities that are out there. One of the things I’ve noticed quite a lot is how many people don’t log out of their computers. Just how easy physical access to systems actually is.
Like in a lot of places in this world, and I’m not talking about private homes, I’m talking about companies, especially large companies. It seems quite trivial in certain places that I’ve been to, to walk in and have physical access to a system. And that’s depressing to me.
Chris Tarbell (02:32:46):
It is. I laugh because one of my partners at Naxo that I work at now, he worked at a big company, like you would know the name as soon as I told you, I’m not gonna say it. But the guy who owned the company, and the company has his name on it, didn’t want to ever log into a computer, it just annoyed the shit out of him. So, they hired a person that stands next to his computer when he’s not there. And that’s his physical security. See, that’s good. That’s pretty good, actually. Yeah, I mean, I guess if you could afford to do that.
Lex Fridman (02:33:14):
At least you’re taking your security seriously. I feel like there’s a lot of people in that case would just not have a login. Yeah.
Chris Tarbell (02:33:22):
No, the security team there had to really work around to make that work. Non-compliant with company policy.
Lex Fridman (02:33:28):
But that’s interesting. The Keylogger, there’s a lot of, there’s just a lot of threats. Yeah, I mean. There’s a lot of ways to get in.
Chris Tarbell (02:33:37):
Yeah, I mean, so you can’t sit around and worry about someone physically gaining access to your computer with Keylogger and stuff like that. You know, if you’re traveling to a foreign country and you work for the FBI, then yeah, you do. You pick little, you know, sometimes some countries you would bring a fake laptop just to see if they stole it or accessed it.
Lex Fridman (02:33:53):
I really want, especially in this modern day, to just create a lot of clones of myself that generate lex sounding things and just get, put so much information out there. I actually dox myself all across the world.
Chris Tarbell (02:34:08):
And then you’re not a target, I guess. Just put it out there. I’ve always said that, though. Like, we do these searches in FBI houses and stuff like that. If someone just got like a box load of like 10 terabytes and just encrypted them, oh my God, do you know how long the FBI would spin their wheels trying to get that data off there? It’d be insane. Oh, so just give them. You don’t even know which one you’re looking for. Yeah. That’s true, that’s true.
Lex Fridman (02:34:33):
So it’s like me printing like a treasure map to a random location, just get people to go on goose chases. Yeah. What about operating system? What have you found, what’s the most secure and what’s the least secure operating system? Windows, Linux? Is there no universal? There’s no universal security.
Chris Tarbell (02:34:54):
I mean, it changed. You people used to think Macs were the most secure just because they just weren’t out there, but now kids have had access to them. So, you know, I know you’re a Linux guy. I know you’re a Linux guy. I know you’re a Linux guy. I know you’re a Linux guy, I like Linux too, but, you know, it’s tough to have run a business on Linux. You know, people want to move more towards the Microsofts and the Googles just because it’s easier to communicate with other people that maybe aren’t computer guys. So you have to just take what’s best, what’s easiest and secure the shit out of it as much as you can and just think about it. What are you doing these days at Nexo? So we just started Nexo.
So I left the government and went to a couple of consultancies and I started working, really all the people I worked good in the government with, I brought them out with me. And now- You used to work for the man and now you’re the man. Exactly. So, but now we formed a partnership and it’s a new cybersecurity firm. Our launch party is actually on Thursday. So it’s going to be exciting.
Lex Fridman (02:35:53):
Do you want to give more details about the party so that somebody can hack into it?
Chris Tarbell (02:35:57):
No, I don’t think I can tell you where it is. You can come if you want, but don’t bring the hackers.
Lex Fridman (02:36:03):
Well, that’s- Hector will be there. I can’t believe you invited me because you also say insider threat is the biggest threat. By the way, can you explain what the insider threat is?
Chris Tarbell (02:36:13):
The biggest insider threat in my life is my children. My son’s big into Minecraft and will download executables mindlessly and just run them on the network. So he is-
Lex Fridman (02:36:24):
Do you recommend against marriage and family and kids? Nope, nope. From a security perspective.
Chris Tarbell (02:36:28):
From a security perspective, absolutely. But no, I just, segmentation. I mean, we do it in all businesses for years. Started segmenting networks, different networks. I just do it at home. My kid’s on his own network. So it makes it a little bit easier to see what they’re doing too. You can monitor traffic and then also throttle bandwidth if your Netflix isn’t playing fast enough or buffers or something. So you can obviously change that a little too. You know they’re gonna listen to this, right? They’re gonna get your tricks. Yeah, that’s true. They’ll definitely will listen. But there’s nothing more humbling than your family. You think you’ve done something big and you go on a big podcast and talk to Les Freeman and they don’t give a damn.
Unless you’re on TikTok or… You’ll show up on a YouTube feed or something like that. And they’ll be like, oh yeah. Whatever, this guy’s boring. My son does a podcast for his school and I still can’t get him to tell. So Hector and I just started a podcast talking about cybersecurity. We do a podcast called Hacker in the Fed. It just came out yesterday. So first episode. Nice. So yeah, we got 1,300 downloads the first day. So pretty good. We were at the top of Hacker News, which is a big website in our world. So it’s called Hacker in the Fed? Hacker in the Fed.
Lex Fridman (02:37:41):
Go download and listen to Hacker in the Fed. I can’t wait to see what… Cause I don’t think I’ve seen a video of you two together. So I can’t wait to see what the chemistry is like. I mean, it’s not weird that you guys used to be enemies and now you’re friends.
Chris Tarbell (02:37:57):
So yeah, I mean, we just did a trailer and all that and our producer, we have a great producer, a guy named Phineas, and he kind of pulls things out of me and I said, okay, I got one. My relationship with Hector, we’re very close friends now. And I was like, oh, I arrested one of my closest friends, which is a very strange relationship. Yeah, it’s weird. But he says that I changed his life. I mean, he was going down a very dark path and I gave him an option to go to jail. And I gave him an option that one night and he made the right choice. I mean, he now does penetration testing. He does a lot of good work and he’s turned his life around.
Lex Fridman (02:38:34):
You worry about cyber war in the 21st century? Absolutely.
Chris Tarbell (02:38:38):
If there is a global war, it’ll start with cyber. If it’s not already started.
Lex Fridman (02:38:46):
Do you feel like there’s a… Like a boiling, like the drums of war are beating? What’s happening in Ukraine with Russia? It feels like the United States is becoming more and more involved in the conflict in that part of the world. And China is watching very closely. It’s starting to get involved geopolitically and probably in terms of cyber. Do you worry about this kind of thing happening in the next decade or two, like where it really escalates? You know, people in the 1920s were completely terrible at predicting the World War II. Do you think we’re at the precipice of war potentially?
Chris Tarbell (02:39:30):
I think we could be. I mean, I would hate to just be, you know, just fear mongering out there, you know, COVID’s over. So the next big thing in the media is war and all that. But I mean, there’s some flags going up that are very strange to me. Is there ways to avoid this? I hope so. I hope smarter people than I are figuring it out. I hope people are playing their parts in talking to the right people because war is the last thing I want.
Lex Fridman (02:39:59):
Well, there’s two things to be concerned about on the cyber side. One is the actual defense on the technical side of cyber. And the other one is the panic that might happen when something like some dramatic event happened because of cyber, some major hack that becomes public. I’m honestly more concerned about the panic because I feel like if people don’t think about this stuff, the panic can hit harder. Like if they’re not conscious about the fact that we’re constantly under attack, I feel like it’ll come like a much harder surprise.
Chris Tarbell (02:40:35):
Yeah, I think people will be really shocked on things. I mean, so we talked about LulzSec today and LulzSec was 2011. They had access into the water supply system of a major US city. They didn’t do anything with it. They were sitting on it in case someone got arrested and they were gonna maybe just expose that it’s insecure. Maybe they were gonna do something to fuck with it. I don’t know. But that’s 2011. I don’t think it’s gotten a lot better since then. I don’t think it’s gotten a lot better since then.
Lex Fridman (02:41:06):
And there’s probably nation states or major organizations that are sitting secretly on hacks like this.
Chris Tarbell (02:41:12):
100%, 100% they are sitting secretly waiting to expose things. I mean, again, I don’t wanna scare the shit out of people, but people have to understand the cyber threat. I mean, there are thousands of nation state hackers and state hackers in some countries. I mean, we have them too. We have offensive hackers.
Lex Fridman (02:41:33):
You know, the terrorist attacks of 9-11, there’s planes that actually hit actual buildings and it was visibly clear and you can trace the information. With cyber attacks, say something that would result in a major explosion in New York City, how the hell do you trace that? Like if it’s well done, it’s going to be extremely difficult. The problem is, there’s so many problems. One of which the US government in that case has complete freedom to blame anybody they want. True. And then to go start war with anybody, anybody that actually see, sorry, that’s one cynical take on it, of course.
Chris Tarbell (02:42:20):
No, but you’re going down the right path. I mean, the guys that flew the planes in the buildings wanted attribution. They took credit for it. When we see the cyber attack, I doubt we’re gonna see attribution. Maybe the victim side, the US government on this side might come out and try to blame somebody, but you know, like you’ve brought up, they could blame anybody they want. There’s not really a good way of verifying that.
Lex Fridman (02:42:40):
Can I just ask for your advice? So in my personal case, am I being tracked? How do I know? How do I protect myself? Should I care?
Chris Tarbell (02:42:51):
You are being tracked. I wouldn’t say you’re being tracked by the government. You’re definitely being tracked by big tech.
Lex Fridman (02:42:58):
No, I mean, me personally, Lex, an escalated level. So like, like you mentioned, there’s an FBI file on people. Sure. I’d love to see what’s in that file. Who did I have the argument for? Oh, let me ask you, FBI. Yeah. How’s the cafeteria food in FBI? At the Academy?
Chris Tarbell (02:43:22):
It’s bad. Yeah. What about like? At headquarters? Headquarters. A little bit better, because that’s where the director, I mean, he eats up on the seventh floor.
Lex Fridman (02:43:30):
Have you been like at Google? Have you been at the Silicon Valley, those cafeterias, like those?
Chris Tarbell (02:43:35):
I’ve been to the Google in Silicon Valley. I’ve been to the Google in New York. Yeah, the food is incredible.
Lex Fridman (02:43:40):
It is great. So FBI is worse.
Chris Tarbell (02:43:42):
Well, when you’re going through the Academy, they don’t let you outside of the building, so you have to eat it. And I think that’s the only reason people eat it. Okay. It’s pretty bad. I got it. Okay. But there’s also a bar inside the FBI Academy. People don’t know that. Alcohol bar? Yes, alcohol bar. And as long as you’ve passed your PT and going well, you’re allowed to go to the bar.
Lex Fridman (02:44:08):
Nice. Nice. It feels like if I was a hacker, I would be going after like celebrities, because they’re a little bit easier, like celebrity celebrities, like Hollywood.
Chris Tarbell (02:44:17):
Hollywood nudes were a big thing there for a long time. But not even, yeah, I guess nudes. That’s what they went after. I mean, all those guys, they socialized. They social engineered Apple to get backups, to get the recoveries for backups. And then they just pulled all their nudes. And I mean, whole websites were dedicated to that. Yeah.
Lex Fridman (02:44:33):
See that? See, I wouldn’t do that kind of stuff. It’s very creepy. I would go, if I was a hacker, I would go after major powerful people and tweet something from their account and something positive, loving, but for the lulz. The obvious that it’s a troll. God, you get busted so quick by a bad hacker.
Chris Tarbell (02:44:56):
Really? But why? Because hackers never put things out about love. Oh, you mean like, oh, I’m a bad hacker. They never put things out about love? Oh, you mean like, this is clearly- Yeah, this is clearly Lex. What the fuck? He talks about love in every podcast he does.
Lex Fridman (02:45:11):
I would just be like, no, oh, goddammit. Now somebody’s gonna do it. You’ll blame me. It wasn’t me. Looking back at your life, is there something you-
Chris Tarbell (02:45:21):
I’m only 44 years old. I’m already looking back.
Lex Fridman (02:45:23):
Is there stuff that you regret? EV unit, I got away. It’s always the one that got away.
Chris Tarbell (02:45:34):
Yeah, I mean, it took me a while into my law enforcement career to learn about the compassionate side, and it took Hector Monsiger to make me realize that criminals aren’t really criminals, they’re human beings. That really humanized the whole thing for me, sitting with him for nine months. I think that’s maybe why I had a lot more compassion when I arrested Ross. Probably wouldn’t have been so compassionate if it was before Hector, but yeah, he changed my life and showed me that humanity side of things.
Lex Fridman (02:46:04):
So would it be fair to say that all the criminals, or most criminals are just people that took a wrong turn at some point? They all have the capacity to do that. They all have the capacity for good and for evil in them.
Chris Tarbell (02:46:19):
I’d say 99% of the criminals that I’ve interacted with, yes, the people with the child exploitation, no, I don’t have any place in my heart for them.
Lex Fridman (02:46:29):
What advice would you give to people in college, people in high school, trying to figure out what they wanna do with their life, how to have a life they can be proud of, how to have a career they can be proud of,
Chris Tarbell (02:46:41):
all that kind of stuff. In the US budget that was just put forward, there’s $18 billion for cybersecurity. We’re about a million people short of where we really should be in the industry, if not more. If you want job security and want to work and see exciting stuff, head towards cybersecurity. It’s a good career.
One thing I dislike about cybersecurity right now is they expect you to come out of college and have 10 years experience in protecting and knowing every different Python script out there and everything available. The industry needs to change and let the lower people in in order to broaden and get those billion jobs filled. But as far as their personal security, just remember, it’s all gonna follow you. I mean, there’s laws out there now that you have to turn over your social media accounts in order to have certain things.
They just changed that in New York State. If you want to carry a gun, you have to turn over your social media to figure if you’re a good social character. So hopefully you didn’t say something strange in the last few years, and it’s gonna follow you forever. I bet Ross Ulbrich would tell you the same thing. Don’t put rossulbrich at gmail.com on things because it’s gonna last forever.
Lex Fridman (02:47:56):
Yeah, people sometimes, for some reason, they interact on social media as if they’re talking to a couple of buddies, like, just shooting shit and mocking and like, you know, what is that, busting each other’s chops, like making fun of yourself, like being, especially gaming culture, like people who stream.
Chris Tarbell (02:48:17):
Thank God that’s not recorded. Oh my God, the things people say on those streams.
Lex Fridman (02:48:22):
Yeah, but a lot of them are recorded. Yeah, so there’s a whole Twitch thing where people stream for many hours a day. And I mean, just outside of the very offensive things they say, they just swear a lot. They’re not the kind of person that I would wanna hire, I would wanna work with. Now, I understand that some of us might be that way privately, I guess, when you’re shooting shit with friends, like playing a video game and talking shit to each other, maybe, but like, that’s all out there. You have to be conscious of the fact that that’s all out there. And it’s just not, it’s not a good look. It’s not like you’re, you should, it’s complicated because I’m like against hiding who you are.
Chris Tarbell (02:49:09):
For an asshole, you should hide some of it.
Lex Fridman (02:49:12):
Yeah, but like, I just feel like it’s going to be misinterpreted. When you talk shit to your friends while you’re playing video games, it doesn’t mean you’re an asshole, because you’re an asshole to your friend, but that’s how a lot of friends show love.
Chris Tarbell (02:49:27):
Yeah, an outside person can’t judge how I’m friends with you. If I wanna be, this is our relationship. If that person can say that I’m an asshole to them, then that’s fine, I’ll take it. But you can’t tell me I’m an asshole to them just because you saw my interaction, I agree with that.
Lex Fridman (02:49:41):
They’ll take those words out of context and now that’s considered who you are, it’s dangerous. And people take that very nonchalantly. People treat their behavior on the internet very, very carelessly. That’s definitely something that you need to learn and take extremely seriously. Also, I think that taking that seriously will help you figure out who you, what you really stand for. If you use your language carelessly, you’d never really ask, what do I stand for? I feel like it’s a good opportunity when you’re young to ask, what are the things that are okay to say? What are the things, what are the ideas I stand behind? Especially if they’re controversial and I’m willing to say them because I believe in them versus just saying random shit for the lulz. Because for the random shit for the lulz, keep that off the internet. That said, man, I was an idiot for most of my life and I’m constantly learning and growing. I’d hate to be responsible for the kind of person I was in my teens, in my 20s. I didn’t do anything offensive, but it just changed as a person. Like I used to, I guess I probably still do, but I used to read so much existential literature. That was a phase. There’s like phases.
Chris Tarbell (02:51:01):
Yeah, you grow and evolve as a person that changes you in the future. Yeah, thank God there wasn’t social media when I was in high school. Thank God. Oh my God, I would never have gotten the FBI.
Lex Fridman (02:51:11):
Would you recommend that people consider a career at a place like the FBI?
Chris Tarbell (02:51:17):
I loved the FBI. I never thought I would go anyplace else, but the FBI, I thought I was gonna retire with the gold watch and everything from the FBI. That was my plan. You get a gold watch? No, but you know what it is, it’s a, oh, it’s an expression of realism. You get a gold badge, you actually get your badge in Lucite and your creds put in Lucite and all that, so.
Lex Fridman (02:51:37):
Does it, by the way, just on a tangent, since we like those, does it hurt you that the FBI by certain people is distrusted or even hated?
Chris Tarbell (02:51:48):
100%. It kills me. I’ve never, until recently, sometimes be embarrassed about the FBI sometimes, which is really, really hard for me to say because I love that place. I love the people in it. I love the brotherhood that you have with all the guys in your squad, guys and girls, I just use guys. You know, we, I developed a real drinking problem there because we were so social of going out after work and continuing on. It really was a family, you know? So I do miss that.
But yeah, I mean, if someone can become an FBI agent, I mean, it’s pretty fucking cool, man. The day you graduate and walk out of the academy with a gun and a badge and, you know, the power to charge someone with a misdemeanor or fly under the United States flag at night, that’s awesome.
Lex Fridman (02:52:41):
So there is a part of, like, representing and loving your country, and especially if you’re doing cyber security. So there’s a lot of technical savvy in different places in the FBI.
Chris Tarbell (02:52:51):
Yeah, I mean, there’s different pieces. Sometimes, you know, you’ll see an older agent that’s done, you know, not cyber crime come over to cyber crime at the end so he can get a job once he goes out. But there’s also some guys that come in, you know, I won’t name his name, but there was a guy, I mean, I think he was a hacker when he was a kid, and now he’s been an agent. Now he’s way up in management. Great guy, I love this guy, and he knows who he is if he’s listening. You know, that, you know, he had some skills.
But we also lost a bunch of guys that had some skills because we had one guy in the squad that he had to leave the FBI because his wife became a doctor and she got a residency down in Houston and she couldn’t move. He wasn’t allowed to transfer, so he decided to keep his family versus the FBI. So there’s some stringent rules in the FBI that need to be relaxed a little bit.
Lex Fridman (02:53:40):
Yeah, I love hackers turned, like, leaders. Like, one of my quickly becoming good friends is Mudge. He was a big hack in the 90s, and then now most recently, Twitter chief security officer, CSO. But he had a bunch of different leadership positions, including being my boss at Google. But originally a hacker. It’s cool to see, like, hackers become, like, leaders.
Chris Tarbell (02:54:08):
I just wonder what would cause him to stop doing it. Why he would then take, like, a managerial route for high-tech companies versus-
Lex Fridman (02:54:17):
I think a lot of those guys, so this is, like, the 90s, they really were about, like, the freedom. There’s, like, a philosophy to it. And when I think the hacking culture evolved over the years, and I think when it leaves you behind, you start to realize, like, oh, actually what I want to do is I want to help the world and I can do that in legitimate routes and so on. But that’s a story that, yeah, I would love to talk to him one day, but I wonder how common that is, too. Like, young hackers turn good. You’re saying it, like, pulls you in. If you’re not careful, it can really pull you in.
Chris Tarbell (02:54:53):
Yeah, you’re good at it. You become powerful. You become, you know, everyone’s slapping you on the back and saying, what a good job and all that, you know, at a very young age. Yeah. Yeah, I would love to get into my buddy’s mind on why he stopped hacking and moved on. Oh, that’s gonna be a good conversation.
Lex Fridman (02:55:09):
In his case, maybe it’s always about a great woman involved, a family and so on, that grounds you. Because, like, there is a danger to hacking that once you’re in a relationship, once you have family, maybe you’re not willing to partake in. Yeah. What’s your story? What, from childhood, what are some fond memories you have?
Chris Tarbell (02:55:34):
Fond memories? Where did you grow up? Well, I don’t give away that information. In the United States for you? Yeah, yeah, yeah. In Virginia.
Lex Fridman (02:55:42):
Virginia. In Virginia, yeah. What are some rough moments? What are some beautiful moments that you remember?
Chris Tarbell (02:55:49):
I had a very good family growing up. The, like, rough moment, and I’ll tell you a story that just happened to me two days ago, and it fucked me up, man. It really did, and you’ll be the first. I’ve never told anyone. I tried to tell my wife this two nights ago, and I couldn’t get it out. So my father, he’s a disabled veteran, or he was a disabled veteran. He was in the army and got hurt, and was in a wheelchair his whole life, for all my growing up.
And he was my biggest fan. He just wanted to know everything about, you know, what was going on in the FBI, my stories. I was a local cop before the FBI, and I got into a high-speed car chase, you know, foot chase, and all that, and kicking doors in. He wanted to hear all those stories, and at some points I was kind of too cool for school, and, ah, dad, I just want a break, and all that, and things going on. We lost my dad during COVID, not because of COVID, but it was around that time, but it was right when COVID was kicking off, and so he died in the hospital by himself, and I didn’t get to see him then. And then my mom had some people visiting her the other night, Tom and Karen Roggeberg, and I’ll say they’re my second biggest fans, right behind my dad. They’re always asking about me, and my career, and read the books, and seen the movie. They’ll even tell you that Silk Road movie was good. They’ll hide you in on that. And so they came over, and I helped them with something, and my mom called me back a couple days later, and she said, I appreciate you helping them. I know fixing someone’s Apple phone over the phone really isn’t what you do for a living. It’s kind of beneath you and all that, but I appreciate it. And she said, oh, they loved hearing the stories about Silk Road, and all those things, and she goes, you know, your dad, he loved those stories. I just wish he could have heard them. He even would tell me, he would say, maybe Chris will come home, and I’ll get him drunk, and he’ll tell me the stories. But, and then she goes, maybe one day in heaven you can tell them those stories. And I fucking lost it.
I literally stood in my shower sobbing, like a child. Just thinking about, all my dad wanted was those stories. And now I’m on a fucking podcast telling the stories to the world, and I didn’t tell him. Yeah, so.
Lex Fridman (02:58:12):
Did you ever have a long heart-to-heart with him about such stories?
Chris Tarbell (02:58:19):
He was in the hospital one time, and I went through, and I want to know about him. The hospital one time, and I went through, and I want to know about his history, like his life, what he did. And I think he maybe sensationalized some of it, but that’s what you want. Your dad’s a hero, so you want to hear those things. He’s a good storyteller? Yeah, again, I don’t know what was true and not true, but you know, some of it was really good. And it was just good to hear his life. But, you know, we lost him, and now those stories are gone. You miss him?
Lex Fridman (02:58:51):
Yeah. What did he teach you about what it means to be a man?
Chris Tarbell (02:58:58):
So my dad, he was an engineer. And so part of his job, we worked for Vermont Power and Electric, or whatever it was. I mean, when he first got married to my mom and all that, like he flew around in a helicopter, checking out like power lines and dams. He used to swim inside Scuba into dams to check to make sure they were functioning properly and all that. Pretty cool shit.
And then he couldn’t walk anymore. I probably would have killed myself if my life switched like that so bad. And my dad probably went through some dark points, but he hid that from me, maybe. And so to get through that struggle, to teach me like, you know, you press on, you have a family, people count on you, you do what you gotta do. So that was big.
Lex Fridman (02:59:51):
I’m sure you make him proud, man.
Chris Tarbell (02:59:52):
I’m sure I do, but I don’t think he knew that, that I knew that.
Lex Fridman (02:59:59):
Well, you get to pass on that love to your kids now.
Chris Tarbell (03:00:02):
I try, I try, but I can’t impress them as much as my dad impressed me.
Lex Fridman (03:00:08):
I can try all they want, but. Well, what do you think is the role of love? Because you gave me some grief, you busted my balls a little bit for talking about love a lot. What do you think is the role of love in the human condition?
Chris Tarbell (03:00:21):
I think it’s the greatest thing. I think everyone should be searching for it. If you don’t have it, find it, get it as soon as you can. I love my wife, I really do. I had no idea what love was until my kids were born. My son came out and, this is a funny story, he came out and I just wanted him to be safe and be healthy and all that. And I said to the doctor, I said, 10 and 10, doc, 10 fingers, 10 toes, everything good? And he goes, eh, nine and nine.
I was like, what the fuck? He’s like, oh, this is gonna suck. Okay, we’ll deal with it and all that. He was talking about the apnea card, or some score about breathing and color and all that. And I was like, oh shit, but no one told me this. But I’m just sobbing, I couldn’t even cut the umbilical cord. It just fell in love with my kids when I saw them. And that to me really is what love is, just for them, man.
Lex Fridman (03:01:11):
And I see that through your career, that love developed, which is awesome. The being able to see the humanity in people. I didn’t when I was young, the foolishness of youth.
Chris Tarbell (03:01:21):
I don’t know. The foolishness of youth, I needed to learn that lesson hard. I mean, when I was young in my career, it was just about career goals and arresting people became stats. You arrest someone, you get a good stat, you get an atta boy. Maybe the boss likes it and you get a better job or you move up the chain. It took a real change in my life to see that humanity.
Lex Fridman (03:01:46):
And I can’t wait to listen to you talk, which is probably hilarious and insightful, given the life of the two you lived and given how much you’ve changed each other’s lives. I can’t wait to listen, brother. Thank you so much. This is a huge honor. You’re an amazing person with an amazing life. This was an awesome conversation.
Chris Tarbell (03:02:08):
Dude, huge fan. I love the podcast. Glad I could be here. Thanks for the invite. So, exercise in the brain too. It was great. Great conversation. And the heart too, right? Oh, yeah, yeah. You got some tears there at the end.
Lex Fridman (03:02:21):
Thanks for listening to this conversation with Chris Tarbell. To support this podcast, please check out our sponsors in the description. And now, let me leave you with some words from Benjamin Franklin. They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. Thank you for listening and hope to see you next time.
Chris Tarbell is a former FBI special agent and cybercrime investigation specialist who brought down Ross Ulbricht and Silk Road, and Hector Monsegur (aka Sabu) of LulzSec and Anonymous. Please support this podcast by checking out our sponsors:
– True Classic Tees: https://trueclassictees.com/lex and use code LEX to get 25% off
– InsideTracker: https://insidetracker.com/lex to get 20% off
– ExpressVPN: https://expressvpn.com/lexpod to get 3 months free
– BetterHelp: https://betterhelp.com/lex to get 10% off
– Blinkist: https://blinkist.com/lex to get 25% off premium
Hacker And The Fed podcast: https://podcasts.apple.com/podcast/hacker-and-the-fed/id1649541362
Podcast website: https://lexfridman.com/podcast
Apple Podcasts: https://apple.co/2lwqZIr
YouTube Full Episodes: https://youtube.com/lexfridman
YouTube Clips: https://youtube.com/lexclips
SUPPORT & CONNECT:
– Check out the sponsors above, it’s the best way to support this podcast
– Support on Patreon: https://www.patreon.com/lexfridman
– Twitter: https://twitter.com/lexfridman
– Instagram: https://www.instagram.com/lexfridman
– LinkedIn: https://www.linkedin.com/in/lexfridman
– Facebook: https://www.facebook.com/lexfridman
– Medium: https://medium.com/@lexfridman
Here’s the timestamps for the episode. On some podcast players you should be able to click the timestamp to jump to that time.
(00:00) – Introduction
(08:05) – Silk Road
(18:28) – Mass surveillance
(22:40) – Operation Onion Peeler
(27:56) – Hacker Avunit
(38:45) – Ross Ulbricht and Silk Road
(51:29) – Edward Snowden
(53:33) – NSA surveillance
(1:05:40) – Silk Road murders
(1:14:26) – Dark web
(1:18:28) – Ross Ulbricht’s arrest
(1:26:27) – Aaron Swartz
(1:29:45) – Donald Trump and the Mar-a-Lago raid
(1:32:50) – Tech companies and censorship
(1:41:49) – War in Ukraine
(1:45:47) – Anonymous and LulzSec
(1:55:59) – FBI
(1:59:00) – Personal threats
(2:04:47) – Hector Monsegur a.k.a Sabu
(2:17:57) – Cyber attack threats against civilians
(2:34:45) – Most secure operating system
(2:38:33) – Cyber war
(2:46:28) – Advice for young people
(2:51:39) – FBI’s credibility
(3:00:10) – Love
Podscript is a personal project to make podcast transcripts available to everyone for free. Please support this project by following us on Twitter.