Apidays Paris 2025 - Hello, I'm a Hacker By Chris Roberts Keynote.

Presenters

Chris Roberts

Source

apidays Paris 2025

🚀 The Hacker’s Mindset: Why We Still Need Curious “Chaotic Good” Professionals 🛠️

Hey everyone! 👋 Ever wondered what it really means to be a “hacker”? The media often paints a picture of basement-dwelling criminals, but the reality is far more nuanced – and vital to our digital world. In a recent conference presentation, a seasoned hacker (who prefers to remain playfully anonymous) shed light on the hacker mindset, why it’s more important than ever, and how we can all benefit from engaging with security professionals. Let’s dive in!

👾 Who Is a Hacker, Really?

Forget the stereotypes. According to our speaker, hackers are driven by a deep-seated curiosity – a desire to understand how things tick. They’re the ones who take things apart, deconstruct code, and then, just for fun, make them do something unexpected. Think of them as the playful disruptors, the ones who challenge the status quo.

The speaker playfully described this mindset using Dungeons & Dragons terms: “Chaotic Good.” (Lawful good wears their underpants on the outside, apparently! 😉) It’s about using your skills for good, even if it means bending the rules a bit.

But it’s not just about curiosity. Hackers also possess:

Persistence: They don’t give up easily.
Adaptability: They constantly evolve their techniques to stay ahead.
A disregard for consequences: (The speaker admitted to a few past misadventures involving airplanes and, famously, camels!)

🐄 Hacking Cows and Camels: Why?

You might be thinking, “Hacking cows? Seriously?” Yes, seriously! The speaker used these seemingly bizarre examples to illustrate a crucial point: everything is connected, and everything is potentially vulnerable.

Cows: Modern farming relies on interconnected systems – pedometers, ear tags, APIs. Default credentials and shared software across multiple farms create a massive attack surface. A hacker could manipulate cow data, impacting food production and supply chains.
Camels: The speaker once swapped a Saudi Arabian prince’s camel database with one from China, virtually relocating his prize camels to Mongolia. While a humorous anecdote, it highlighted the potential for disruption and the importance of securing even the most unexpected systems. (The camels were worth $7 million, so it wasn’t entirely without consequences!)

🚗 The Growing Threat Landscape: Code Errors & Supply Chains

The need for a hacker mindset isn’t just about quirky exploits. It’s about addressing serious, real-world threats:

Vehicle Security: Modern cars contain 150 million lines of code, with an average of 20 errors per 1,000 lines. That’s a recipe for disaster, especially when you consider the potential for remote hacking.
Supply Chain Vulnerabilities: Remember the toilet paper shortage during the pandemic? That was a stark reminder of how fragile our supply chains are. Hackers could exploit vulnerabilities in shipping, logistics, or manufacturing to cause widespread disruption.
Legacy Systems: Even critical infrastructure like Amtrak still runs on outdated and vulnerable software like Heartbleed.

🌐 The Modern “Cake” of Complexity

The digital landscape has become incredibly complex. The speaker presented a visual analogy:

Old Internet (15-20 years ago): A simple three-layer cake – web, application, database.
Present: A multi-layered, sprawling cake with web, mobile, containers, virtualization, and countless APIs all interconnected.
Future: A “cake of a thousand sheets” – an even more intricate and challenging environment.

The core problem? Nobody knows where all the data is, let alone how secure it is. Hackers exploit this lack of visibility to “poison” data, causing applications to malfunction and systems to behave unpredictably.

🤝 Engaging with Security: A Call to Action

The speaker’s message was clear: we need to embrace the hacker mindset and engage with security professionals. Instead of blaming security teams for being “pain in the ass,” we should work with them.

Here’s the takeaway:

Bring in security early: Integrate security considerations into the development process from the beginning.
Collaborate: Foster open communication and collaboration between development and security teams.
Challenge assumptions: Don’t just think outside the box – throw the box away and start from scratch. Ask “why” and “how” constantly.

✨ The Hacker’s Role: Affecting Change

Ultimately, the hacker’s job is to affect change. While developers make things work, hackers ensure they stay working. By challenging systems, identifying vulnerabilities, and pushing for better security practices, they play a vital role in protecting our digital world.

So, the next time you hear the word “hacker,” remember it’s not just about breaking things. It’s about understanding them, improving them, and ultimately, making our digital lives safer and more secure. 🚀

🚀 The Hacker’s Mindset: Why We Still Need Curious “Chaotic Good” Professionals 🛠️#

👾 Who Is a Hacker, Really?#

🐄 Hacking Cows and Camels: Why?#

🚗 The Growing Threat Landscape: Code Errors & Supply Chains#

🌐 The Modern “Cake” of Complexity#

🤝 Engaging with Security: A Call to Action#

✨ The Hacker’s Role: Affecting Change#

Appendix#