And now for something a little different to the usual articles I have been doing…
In general, I am a very inquisitive person and there are some people who I was really looking to speak to and I thought why not put it on the site so you guys can all read too.
This first interview piece is with the host of my FAVOURITE podcast of all time ‘Darknet Diaries’. Seriously if you haven’t listened already then go and download all the episodes you are in for an absolute blast.
And just so you know I am not joking look at some of these awards and reviews.
I personally stumbled onto the podcast a few months ago and listened to all 45 episodes in around three weeks (there are 49 episodes now) and I can’t get enough.
Hosted by the creator Jack Rhyside every story is fascinating, his voice and music choices are perfect and sets the tone amazingly and the mixture of narration, real interviews and news on each story is just a mix I have yet to hear anywhere else so again if you haven’t listened do yourself a favour and go download them and I will link them after the questions.
Jack Rhysider is a veteran of the security world. He gained his professional knowledge of security by working in a Security Operations Centre for a Fortune 500 company, a place to where threats are detected and stopped. During that time he was exposed to hundreds of client’s networks ranging from schools to government, to banks, and commercial organizations.
How do you find these stories and individuals for the podcast, it’s all so varied which is great for us the listeners but as the host having to find them it must be difficult no?
Finding the stories is easy. There’s 100 news stories a day about hackers doing things. Getting the people to talk is the hard part. So I’ll find the good story first, then find who was involved and see if I can find them and reach out to see if they can talk. I don’t like to be creepy and really try to find them, I’ll just look for them on Social Media or if they have an email posted somewhere like their blog. But typically I’ll only get 1 yes out of 10 or 20 people I ask. Not surprising, hackers or those who’ve been hacked don’t always like talking about what happened. So it sometimes takes me reaching out for a year before getting someone to say yes. But it’s usually very worth it because the story they share is amazing.
It’s easy to hear when listening that you used to work in Security, what role was it you had when you stopped to go full-time podcaster and do you still keep your skills up?
I was a NOC technician. Watching client networks for problems. I got a few Cisco Certs and worked my way up to Network Security Engineer and pretty much had that role for about 10 years. I was feeling burnt out at work after new management came in and I had some huge projects that wasn’t getting enough resources to complete. So I started the podcast and quit to take a break from working for a few months. During my few month break I worked hard at trying to get my podcast to become monetized so I could focus on it full time, and in that time it started to make money. Now that I’ve quit my technical job though, my skills are getting rusty.
This website came about due to my wanting to learn all things Ethical Hacking/Cyber Security and it came about from discussions on the Darknet Diaries Discord server when I mentioned it and then discussed with a couple of other members, did you think the podcast would take off as much as it has and have such a great following?
You know one of the biggest reasons I make the podcast is to educate and teach people about security. So I’m always very happy that the show inspired someone to get more into security. I used to have a manager and some clients that I couldn’t get them to take security seriously. So a little goal of mine is to influence people like that to pay more attention to it and recognize the severe dangers involved with a poorly secured network. I think hacking is the buzz right now. My barber and dentist talk to me about hacking. So I knew that there could be a big market for a show like this if done right. So I’m happy the show has taken off like it has.
You have been around Cyber Security for a good while now in both work and the podcast, do you think anyone can be too old to get into it, have you met any people who have started late in the game with this subject?
I believe anyone can get into it. Look at me I switched careers to audio journalism pretty much with no experience and did well. It all comes down to motivation and determination. My dad didn’t grow up with computers like I did. But at the same time he’s been using computers for as long as I have. Which in theory should mean he could be as good or better than me at computers. But his attitude towards it is almost like he doesn’t want to learn them. I also think that people who have done general IT work for a while have the potential for being great security people since a lot of what security people do is get to know the technology first then learn how to exploit it. So if someone already is very familiar with coding, or Active Directory, or networking they’ll have an easier time in security vs someone coming into security without that knowledge.
When listening to the production of the show it is clear you have a massive talent for it, is this an avenue you would like to move more into in the future if you could?
I don’t know where I got a talent for journalism from. I just read books and listened to journalists I respect tell how they did it and then I practiced it. I believe that practicing is what makes us all better at whatever we want to do. Now after 40 episodes I feel like I’m familiar with the work I’m doing but I had to learn a lot of it from scratch. Storytelling, audio recording, journalism, are all things I had no idea how to do. I do enjoy this work and see myself keeping it going for a while.
Are there any really good stories that you are working on or have spent time working on that you haven’t put out yet due to some trepidation on the subject?
Yes a few stories. I have one story where the person told me quite an exciting story but I have no way to fact check it. So I’ve been sitting on it for over a year now not sure what to do with it. Another story I’ve looked into involves a journalist that wound up dead after investigating the story. They don’t suspect foul play but it has me worried anyway. I’ve got a reputation to keep up and want to stay safe so not all stories that come to me get worked on.
Best resources someone new to Ethical Hacking can use?
I think it’s great to work on CTFs. These are security puzzles and challenges you can do without any extra equipment and gets you good practice and getting into stuff. If you can, make a home lab and just start practicing hacking on stuff. For instance build an Active Directory server at home then try to find ways to exploit it. Or set up an unpatched Windows computer and see how you can get in. Recruiters often look for people with passion so if you can show you are working on things like this on your resume it will demonstrate your passion.
What are the Security podcasts you listen too when not making your own one?
I like the Risky Business podcast for security news regularly. But in the past I’ve found myself listening to tons of: “Down the Security Rabbit Hole”, “Security Weekly”, “The Privacy, Security, & OSINT show”. I also recommend “Getting into Infosec” to hear stories about how people got started in cyber security fields.
What’s the plans for 2020 and beyond regarding the podcast?
I’m hoping to either have a 2nd podcast ready to go or book ready to go in 2020. I’m not sure which one I’ll work on next but these are what I have in mind. Getting help with some extra producers to work on Darknet Diaries now and if they can free up some of my time I’ll start the next thing.
Do you still like dabbling in Ethical Hacking, CTF’s etc or are you too busy?
Yes I love it. And sometimes I’ll get into a CTF and try it. But I don’t get into enough as I’d like. I should really make time every week to do some Hack in the Box or other online CTF to just keep my skills sharp.
I want to give a MASSIVE shout out to Jack for his time and go check him and the podcast out.
Links to the places online:-