In last couple months I really started diving deep into Podcasts to supplement my Infosec knowledge and news. Without a doubt one of the more entertaining and informative podcasts is “Darknet Diaries”. The Production quality of this Podcast along with the rich storytelling has made this one of my favourite podcasts. Luckily enough I was able to ask the Shows creator Jack Rhysider 10 questions about Infosec and the show. Without further ado here it goes:
1. How did you get into Infosec?
By accident and desperation! I wanted a technical job and felt rusty so I got a CCNA. This landed me a job in a NOC and I kept pursuing routing and switching. But then a security engineer position opened up in the company. I wanted to be an engineering so bad I applied, not knowing that much about it. I got the job and liked working on firewalls and IPS units. But then I got the Certified Ethical Hacker certificate and that's when I knew I was made for security. I am a jack of all trades when it comes to technology. And with Infosec, you need to be good at everything. So I fell in love with it then and kept getting better at it ever since.
2. What would be your advice on people interested in working in Infosec?
There are 3 things employers look for to hire entry level people: experience, certificates, or passion. You can get experience by doing other IT related work as some of it overlaps with security. You can get certificates or training by taking courses and completing exams. And you can show your passion by building home labs, helping out on open source projects, doing hacker challenges like CTFs, following security blogs, and more. Employers only need you to have 1 of these 3 things to consider you. Simply saying you're interested in security isn't good enough, you need to demonstrate it and these are 3 ways to demonstrate it.
3. What would be your favourite episode so far you have made? Can you go into details why its your favourite?
I really like the episode about Vladimir Levin, one of the first online bank robbers. It's told through the perspective of the FBI agent trying to catch him. While there are thousands of articles written on Levin, very few have any details about the case. Since I was able to track down the original case agent who worked on it and get him to tell the story it gives us new look into a 20 year old case that we've never seen before. For some reason, that makes me proud of that episode.
4. If you weren’t doing a podcast in what other form would you try to do Darknet Diaries in?
Podcasting is the perfect format for Darknet Diaries. It's there for people who don't want to read long form hacking stories in magazines and on news websites. And I've tried making video content before, but it's so much harder since you have to work about clothes, and lighting, and props, and sets, and graphics, that it's just too much for me to do. Storytelling in podcast has a lot of great potential and possibilities and was what was in reach to me to do accomplish.
5. Are you still working your 9-5 job? If so can you tell us a bit about it? i.e. are you a pen tester, engineer …
Last year was working as a SOC architect, but a whole new management team came in, and I was feeling burnt out. So I decided to take a few months break and focus on my podcast during the break. During that time I was able to build the podcast up enough to have it make money. Now podcasting is making enough that I can turn this into a full time job and keep working on it.
6. Have there been any interesting ways that your Infosec skills or past jobs have helped you in creating the podcast?
Yes! I was experienced in writing about Infosec from blogging for years. I know the space quite well so I know what people to interview, what news stories to look into and stuff. Because I'm so familiar with Infosec I can include both non-technical people and technical people in my audience.
7. What are some infosec skills or interest areas you would be interested in learning in the future?
I would like to get better at exploitation. I'm toying with the idea of doing a live stream of me going through various hacker challenges like VulnHub or OverTheWire. This way I keep learning new things, others can watch how it's done, and experienced people can teach me how to solve things too.
8. Any good resources such a books, courses etc in the infosec space you would highly recommend?
I get this question a lot, so I compiled my list of books I like here: https://darknetdiaries.com/books/.
9. How can people help out with supporting the creation of Darknet Diaries?
Listen to the show. If you like it, tell a friend to check it out. If you find it to be valuable you can donate to the Darknet Diaries Patreon (https://www.patreon.com/darknetdiaries).
10. Where can people reach out to you if they want to share their thanks or contribute to Darknet diaries?
I'm most active on Twitter, you can find me as @JackRhysider there.
As always I hope you enjoyed this one, let me know if you would like to see more interviews like this. Until next Time!
The Security Sleuth