Tips for not looking stupid on TV?

[mick at pauldotcom.com (Michael Douglas)]

Follow up with that reporter!  There's lots of stuff to learn/findout:

1) Find out how long the story will be when aired.  Often, they'll
grill you for 10 minutes or more only for you to be on air for 30
seconds.  Let them know upfront this is OK (assuming it is with you)
If that's the case, that's totally cool, but you need to have a really
tight sound-bite.  While you've done loads of prep, you're not going
to be able to get that all out.  Have a laser focus message!

2)  Demand to know what they're going to put in the chyron (the text
that appears below you so folks know who/what you are)... More often
than not, they'll put something like Adrian "IronGeek" Crenshaw --
Hacker.  For the sake of the infosec industry insist that they call
you a security researcher.  If they simply MUST put hacker in there
(yuck) make them put something like good guy hacker.

3) Since you're taller than most folks, you'll probably want/need to
look down into the reporter's eyes or the camera's lens (i hope they
don't have you stare into the lens... it can seem like you're giving a
manifesto. lol)  Try to avoid looking down if you can.  Level head if
possible.

4) they're probably not going to give you makeup... and that's cool.
Just *gently* rub your face with a dry towel 5-10 min before you meet
them.  Even if you don't consider yourself oily, you'd be amazed what
happens when they fire the light.

5) Be nicer to the camera guy than you are to the reporter.  Those
guys get shit on daily, and they -- more than anyone else on the show
-- will make or break how you look/sound.


(I took some tv production classes waaaaay back in the day)

Best of luck!
- Mick



On Sat, Mar 27, 2010 at 10:14 AM, Adrian Crenshaw <irongeek at irongeek.com> wrote:
> ????? I'm guessing the reported just did a Google search for Louisville and
> hacking and came up with me. He basically asked " I?m writing to see if you
> would like to help me with a story we?re doing. It is about a hole in
> Microsoft security in Internet Explorer that allows hackers to spy on people
> through their webcams.? Is it possible? How does it work? And can you show
> us for the purposes of a story?" I was not aware of anything specific to
> webcams and IE, but he sent me a clipping and I think he was basing it on
> this:
>
> http://www.youtube.com/user/MichaelSias#p/u/11/8DtgG58aIBw
>
> I told him:
>
> 1. Looks like they are relating it to Operation Aurora.
>
> 2. It's not really Web cam specific, any vulnerability that say it allows
> for "arbitrary code execution" could do the same thing.
>
> 3. Most of the buzz seems to be talking about IE 6, which it pretty out of
> date. However, some corporations still run int because it it what their
> webapps support.
>
> 4. The specific vulnerability is CVE-2010-0249 and code for the exploit can
> be found here:
> http://www.exploit-db.com/exploits/11167
>
> 5. Microsoft has release a patch for it:
> http://www.microsoft.com/technet/security/bulletin/ms10-002.mspx
>
> 6. If a user is silly enough to run a random exe a website/email/p2p network
> gives them, they will likely get "owned" regardless of the whither on not
> there is an exploit.
>
> 7. There are programs out their that can be used to monitor others. An
> exploit that allows for "arbitrary code execution" can install one in
> theory, but so could a snooping significant other.
>
> 8. Google hacking/Google dorks are always fun. Basically, people put devices
> on an Internet facing LAN that should not. Beside webcams, you can also fine
> printers and other devices. Try these Google searches:
>
> intitle:"Live View / ? AXIS"
> inurl:/cgi/ieng
> inurl:hp/device/this.LCDispatcher
>
> Or a big list from here:
> http://www.hackersforcharity.org/ghdb/?function=summary&cat=18
>
>
> Any tips on how to best deal with the media? Is there a webcam related IE
> exploit out there I'm not aware of, or is is just a case of "one of the
> things people can do with arbitrary code execution"?
>
> Thanks,
> Adrian
>
>
>
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com