Upset, the reporter again asked Gloria, “How did you know I was from Russia?” The driver continued trying to derail Ioffe with compliments.
Ms. Ioffe repeated the question a third time. So what is going on with Putin now?” Gloria asked. “What is happening?”
On the last night Ms. Ioffe and a colleague booked an Uber and, surprise surprise, they got Gloria. The driver asked them what people at the conference were saying about North Korea. The other journalist replied, “Well, it seems like people don’t really know that much of what’s going on there. But you’ve been to North Korea, right?” When Gloria didn’t respond, he repeated the question twice, each time receiving silence.
GQ described what happened next:
“Gloria,” Shane pressed on. “When were you in North Korea?”
“A couple years ago,” she mumbled after a long silence.
“What were you doing there?”
Silence. “I’d like to go back,” she finally said.
Shane, who had also come to see our suspicions of Gloria as silly and paranoid, was now suspicious all over again, as was I. “What were you doing in North Korea, Gloria?” he asked again. “Tell me, Gloria.”
“You know,” Gloria began, finally catching her footing. “You’re so cute. I like you. I like you so much. I really do. I like you so, so much. And we can become friends. You can come visit me in Colombia, and we can be good friends. I like you so much.”
Needless to say, Gloria’s artless social engineering skills could use some work. If she was indeed a spy, she wasn’t a very good one — certainly not one that would get much traction at Defcon, anyway. Hackers may love to run their mouths, but the phrase “don’t bullshit a bullshitter” might as well be the conference’s tagline.
Putting Defcon in the equation is where the Uber driver who secretly livestreamed hundreds of passengers becomes even more worryingly relevant.
Let’s not forget, what that Uber driver did wasn’t technically illegal.
That’s because he was in Missouri, which is a one-party consent state. Meaning, when the conversation is a private, in-person conversation, recording is legal as long as one of the parties is aware of the recording. If you have any friends going to Defcon this month, you may want to tell them that another exciting one-party consent state is Nevada. Fun times ahead!
But there’s being paranoid, and then there’s when drivers are actually out to get you. Never mind Gloria’s graceless and obvious attempts at socially engineering bewildered and surprised journalists. I’m remembering the taxi ride I took on the last day of Defcon in 2013.
I always chat up Vegas taxi drivers because they do indeed hear and blab about conference chatter; for this reporter they’re great sources of information. My taxi driver for Defcon 21 was that and more, showing me that drivers ferrying security researchers to and fro know exactly who their fares are — and some hate them. While taking me to the conference, he told me he’d joked with a previous fare (an FBI employee) about blinding hackers, but actually thought a better way to punish and stop hackers would be to chop their fingers off.
Compared to him, Gloria would’ve been a welcome amusement — for me, and definitely for many Defcon attendees. She wouldn’t win any of Defcon’s social engineering “Capture The Flag” (CTF) contests. But as some of my Defcon buddies would say, “spies gonna spy,” and seasoned infosec pros who aren’t at the conference to inadvertently brag themselves into handcuffs (it happens) would probably enjoy some cat-and-mouse repartee in a sort-of professional courtesy kind of way.
I mean, if we have to choose our captive poisons, in our world of broken privacy, Gloria is preferable to the freaky anger and resentment coursing through some people’s veins these days. Like that cab driver.
All of it — the Uber spy, people hating hackers for security disasters, and privacy violations opened up by arrogant ridesharing companies — combines into a spinning sign of the times. Round and round it goes. Where it’ll stop, nobody knows.