Mike King: Risk analysis and an advisor shaping the future of secure tech for startups and enterprises. So he’s gonna be talking about negative SEO. And the reason why is because you need to know what you’re up against. So without further ado, everybody give it up for RSnake y’all.

Robert “RSnake” Hansen: All right. Can you hear me? Yeah. Awesome. Hello, New York. All right. What the hell is a VC showing up talking to a bunch of marketing people about technology? It doesn’t make any sense whatsoever. If anything, it should be the other way around. But I have been in computer security for 30 years, so I’ve got a ton of background in this space. Actually, I used to work in marketing in a weird way. Was an employee like eleven at ValueClick and all kinds of stuff. So anyway, I have a really weird, long career. Before I start talking about that though, a little bit of a primer.

People are going to have a lot of questions about whether they should or shouldn’t use this. Don’t. But if you do choose to do things that I don’t recommend, don’t tell me about that, okay? I do not want to know it. And if you say it to me, I do end up having to put you in jail. And I have done it before. I have put quite a few people in jail. So if you test me on this, I promise you, you will regret it. So please do not. But if you want to talk in hypotheticals, like, Hey, I know a guy who knows a guy or whatever, whatever, we can have a conversation. Make sense? Everyone understand those rules?

Awesome. Okay. All right. So I’m RSnake. I have been a hacker for 30 years-ish, just shy, like 29.5 or something. It feels a little bit like Hackers Anonymous or something. Hi, I’m a hacker. And it’s a little weird when I say that because no one has any idea what that means when I talk to them unless they’re already in the space or done it themselves or whatever. So this is part of my curriculum vitae. It is definitely not the whole thing, but just some kind of ideas on some of the things. I’m not going to go over all of these because this slide alone would probably take half an hour. It’s cool stories. If you have any questions about them, I can talk about it afterwards. But I’m just going to mention a couple of them. One of them is on the user apps, something I came up with called Python NaN Injection, so you can inject like three characters, NaN, means not a number. Or you can inject the equivalent of that, which is mathematical equations that get you to NaN, like division by infinities and stuff, you can get to NaN. Or you can inject JSON that has a link basically a variable that reference is NaN or whatever. And what happens is it just explodes all kinds of applications written in Python. Sometimes they just go into loops. Sometimes they overwrite data. Sometimes they make something appear on the other end of an array, so something that’s very small ends up very big. All kinds of weird things. So that’s one of the things. They didn’t even get a CVE. So basically, the people who wrote this said, that’s cool. We expect bad things to happen. I’m like, all right, cool. Whatever.

So another one is flight control systems under consumer services. I’ll talk a little bit about this later, just a tiny bit. But imagine your airplanes work, mostly the pilots are in control, if you’ve ever done I know there’s at least one pilot in the audience. Mostly the pilots are in control of every aspect of it, but they also have computers to do a lot the work for them. So I can trick the computer into thinking the weight and balance is front or back or side to side. So when you’re taking off, their flaps are too heavy in one direction or whatever anyway, so it runs off the runway or stalls and crashes. Either way, that would be horrible. So I gave them the code and I’m like, here, I just don’t have a tail fin number of an airplane on the ground to test this on. And they’re like, please don’t do that. Yes, that would absolutely work. 

So, down here, I’m going to talk mostly about the government stuff because I think that’s what most people think of when they think of hacking. So, I was asked to break into the Pentagon under their Hack the Pentagon program. And I did such a good job that they almost put me in jail. And so the general who’s in charge of that, he tried to get me arrested, but the head of digital services at the Pentagon, the seats of the Pentagon, a couple other people got in the way and basically said, don’t arrest our snake for hacking the Pentagon during Hack the Pentagon. And so, as a result, they now have a new policy at the Pentagon that says, if you see something, say something. And so we actually made the whole world a little bit safer, which is kind of Hillary Clinton’s mail server, I did not hack it, but I am the guy who found it. It was already in a big dataset that I already had. I had a massive metadata, data lake, basically of all the metadata on the planet related to DNS data, Who is data, IP data, port data, and a bunch of other stuff. Basically, just shy of a billion passwords, all kinds of stuff. And it was just sitting there, so there it is. 

Ukraine and Russia conflict, I was brought in basically using that exact same system, only a way more advanced version of it. And when Russia had invaded, they needed to know which part of the geography was no longer in their control. And I had all the metadata, I could basically say, well, if you basically dice this up based on geo, I could tell you exactly which parts of the country are no longer physically under your control despite the fact you might be able to route traffic to them. So I was able to basically protect a lot of Ukraine from getting hacked into. 

And then credit cards, I’m not going to get in too depth into that one, but I have broken into your credit card. Yes, yours. And I had access to all of the transactions that occurred, basically all the bank to bank transfers happen in a day. So even though it doesn’t seem like they’re actually trading money, they actually do have to trade the money, even if it ends up being net zero. Anyway, so it was about $1.5 trillion that I had access to that day. And a side note, I accidentally took down one of the two systems. There’s a redundant system. I took one of them down. So, I almost took down all credit card systems on that same day. 

So, anyway, this is just a brief idea on some of the stuff I’ve done. There’s a couple of other really important ones. I almost took down the Internet once. I’m not going talk about it. I did take down Silk Road too. Those are some of the people who were put in jail. I’m not kidding. This was a real thing. And I’ve dismantled a pedophile ring, put most of those guys in jail as well. I am not going to talk about that stuff. Way too complicated stories, but if you want to know about it, ask me about it later. And some people are wondering, are you a bad guy or are you a good guy? Well, guy right there is RoRo. He’s a very good friend of mine, and the guy behind him who’s looking sideways, his name is Jack. In this photo, Jack is 17. Both those guys work at the Pentagon. RoRo is the Chief Information Security Officer of the Pentagon. So I’ll let you decide whether I’m a good guy or not. 

Okay. What is SEO? SEO is I’m trying to make myself rank high, right? There’s a whole bunch of competitors, they’re trying to make themselves rank high, but I’m trying to get higher than them. So I basically appear higher in the SERPs. Pretty obvious. Negative SEO is the other way around. Instead of worrying about me going up, I just make everybody go down, and therefore, I am the highest. Make sense? Pretty straightforward? Okay. Google says this doesn’t exist. Google’s idiotic. So, here’s kind of how to think about the different layers of it. So, the top arrow is there. The competitors’ actions, positive actions lead to some consequences on Google. They go up in the rankings. There’s also things like your own incompetence. Like I put a robot[.]txt file in place and something got messed up with my SEO. That’s not necessarily negative SEO or positive SEO, it’s just a mistake. And then, on the far side is the negative SEO where I’m actually pushing stuff down. So there’s a spectrum. There’s stuff that’s like, I’m intentional, I’m unintentional, and then something’s intentionally bad.

So, on the bottom arrows are sort of the hierarchy of negative. So, first thing is helping me hurts you. So, if I DMCA your site because I’m trying to improve my privacy, let’s say, That’s like a minor hit to your SEO potentially, or maybe big or whatever, but it’s not necessarily intention it’s not like I’m trying to really hurt you. I’m just trying to get myself a little bit better. Next is helping in a negative way. So you’ve talked about spammy links. This is like super basic negative SEO, but it’s absolutely a real thing that does work. I just put you in a bad neighborhood. I give you bad reviews or whatever and Google goes, oh, they don’t look reliable. I’m not going to put them high in the rankings. And then there’s full on direct assault, right? We’ll talk about all of it. 

All right. So before I go too much further, when I say Google’s idiotic, this is one of the reasons I think that. So, this is a screenshot taken by a buddy of mine from an email that he got from Google, from Gary Isles. Is that how you pronounce his name, Isles? One knows it. Ish. Thank God I didn’t know. Okay, anyway, so this is a longer thread, but basically he’s saying, Hey, think there’s negative SEO going on. Can you please go check this out for me? So here’s the email they sent back. They said, They don’t have any penalty, algorithmic or otherwise. I didn’t dig into what it may be, but they should probably look elsewhere. With an up arrow, it says, Oh, this is the response that I give to other 200 negative SEO reports I received in the past. Basically, I still haven’t seen a single report that was, in fact, negative SEO, which means he’s not even looking. He’s not looking. The tools say there’s no negative SEO, and so there isn’t. That’s it. So, not only do they not think it exists, they’re not even checking for it. And even when it’s reported, they won’t even bother to look into it. He just said, I just stopped looking because it’s never a negative SEO. Okay, so it’s sometimes negative SEO. They’re idiotic.

Okay, so I’m going to go from low technical to high technical. So hopefully, everyone can kind of get along with what’s going on here. I am not saying that this is a complete list, by the way, not even by a long stretch of the imagination. But hopefully, no matter what level of technical ability you have, you’re going to understand some of this stuff and you’re going go, Oh, that’s what negative SEO is. It’s basically just fucking up your adversary. All right, so let’s start with the top one, DMCA all their pages. So you do need help from a third party, from a friend or something who lives overseas, and just say, Hey, that’s my content on their website. That’s me on their website. Take it off. So that can happen sometimes. Autocomplete for brand spam, brand is bad or is illegal or whatever. And so autocompletes are showing up like, oh, this is a spammy brand or whatever. You can sign all those sites up to RBL lists. There’s 400 and something of them now, so it’s pretty easy to get them on one of them to get their emails blocked.

A buddy of mine used to own Pussy[.]org, and so what happened is he had a site that was kind of messed up or something because it was on a RBL list, and he wanted to get off the RBL list, so he contacted every single person in the network of the guys who ran the RBL list, every one of them, and said, Hey, I’m so and so from pussy[.]org. Could you please contact that guy for me and get them to respond back to me? And so, thousands and thousands and thousands of this guy’s friends started emailing him and calling him and texting him and instant messaging him and whatever, trying to get him to, like, please reach out to this person. Do you think that guy had a good day? Do you think he did any SEO that day? No.

All right. You can write FUD articles, which think is pretty obvious, but like, know, so and so is bad, so now they have to spend a lot of time trying to take that down. Spoof emails from their SEOs. This can be done in a bunch of ways, but sometimes you can do it internally, like spoof it to their own team, so their own team’s scrambling, like, you please put robots. Txt? Need to shut this off or whatever, and all kinds of things can blow up. 

You can also get the SEOs to do things they shouldn’t be doing, like get them focused on things they shouldn’t be focusing on, like catfishing them, wasting their time, whatever. If they’re doing that, they’re probably not doing SEO. You can send a flood of text messages to them just so especially if they have anything important happening over text, it becomes almost unusable. They have to shut off their phone or start blocking things or whatever. So any of the kind of alerts they rely on, they wouldn’t be particularly useful. 

This one is basically like, imagine you have a company and I file the forms to basically terminate your company for you on your behalf. And so, it is very difficult to run a company when you have no company. So, are you going to be doing SEO on a company that does not exist from the state’s perspective? That’s a little tricky. And they’re going to get a little annoyed if you’re still clearing credit cards and all kinds of other stuff. 

So you can get negative reviews written, we talked about that a little bit, etc., etc. Okay, one of my favorites is physical breaking and entering. Okay, and you’re like, Robert, you literally mean that. You can’t literally mean break into somebody’s office and steal stuff. Oh, but I do. Okay, so this is a two car team. This is a real one. So they smash through this little chintzy little fence thing. Then they had a sledgehammer. They broke in the outside door. Just walked right around the door. Who cares how good that door is when the glass right next to it is totally fragile? This is one of the inside offices, so they broke in. There is an interior door that basically led them right through. Same sledgehammer, just reached around, turned and opened the door. Then this is the data center room door, so they went right through the wall, same sledgehammer, reached around, and that’s what’s left of the rack. So try to do SEO on that. I’m serious. I’m like, how would you do it?

And so there’s other examples like So this one CEO was leaving overseas, and so these guys basically rented a bunch of pods, if you guys are familiar with that, like the little rental trucks. And they gave him a whole bunch of boxes and tape, they spoofed an email from the CEO saying, Hey, I’m going to be out of town. I’m flying to wherever, which is an international flight, so it was like a twelve hour flight or something. I don’t have time to explain, but we have something happened on our lease, we have to move. Don’t bother trying to get in contact with me. This is not something I’m not gonna be I’m not gonna have Internet while I’m traveling or whatever. But I do need everybody to pack up all your shit. So if somebody’s not there, they need it. Everything needs to be in boxes and get it in those pods by the end of the day. And so they did. The whole company packed their shit up, put it in the pods, they closed the pods, and they drove away, and there’s your company. So you’re going to be able to do SEO with that? I think not.

Okay. So, now we’re getting slightly more technical, ramping up. All right. So, you can build a robot, tunnel it through Tor, which I like. There’s other ways you could do it, but kind of simple to explain. Name a competitor SEO bot and just do all kinds of horrible stuff. And so people are like, oh my God, why is that why are they doing such horrible things to stop? And so they’re constantly emailing and calling the SEO, and it’s especially bad if you put their email address or phone number in, like the user agents or whatever, and all of a sudden, they’re just getting all this external, like, please turn this shit off. Like, why are you doing this? And they’re like, I’m not doing anything and it’s just wasting their time. Tons of spoofed emails to the SEO team’s email accounts, which is good for a wide variety of reasons. You can actually overload it in certain cases. Sign them up for every type of spam email. You guys have maybe heard that people used to do pizzas and stuff, submit tons and tons of pizzas and get them to try to pay, they’re like, I didn’t order this.

Okay. A little bit more. So physical mail is another really gnarly one. And the reason that one’s gnarly as opposed to the others is when you get a certain volume of physical mail, like just like imagine sacks of mail right here, and my bill is in there somewhere, right? Or my taxes are somewhere in there. It turns out it’s impossible to run a company like that, unless you have a team of people sorting through your mail, like, all the time. 

Bob Raines had a pretty cool one. If you guys know Bob, I’m sure. Yeah, no. Anyway, SEO. He basically said somebody had submitted his resume to a bunch of job boards. And so he started getting all this inbound, like, go get hired somewhere else because they wanted Bob to stop working on SEO. So basically, get your competition SEO hired away to another company and then they’re probably not doing SEO anymore. You can mail bomb the SEO team. And bonus points if you have a to and or return address to all at, which often works within semi large companies. Very frequently, they don’t set it up properly, and so now they’re just mailing each other all day and it can totally waste all of their time. It’s wonderful. 

 

Ramping up a little bit more, technical. So, client side attacks are basically stuff that happens in the browser, right? So, there’s a bunch of different versions of this. This is a small sampling of it. I have a lot to do with a lot of this type of research in my heyday. But cross site request forgery is the attack. That’s the thing you’re almost always trying to do. You’re trying to get somebody to click on a thing or do a thing on your behalf, but from their authentication perspective, whatever they’re authenticated as, admin or their user or whatever. There’s a bunch of different mitigation techniques. I’m not going get into a lot of them, and there’s a ton of nuance. I could probably write books just on this topic alone. But things like referrers kind of work sometimes, sort of. They also break a bunch of stuff. Using a nonce is the more preferred way, which is a one time token. So you have the token. You replay the token as you’re moving around. I don’t know the token. I can’t send you to a token I don’t know. So if the URL has this token in it, I can’t guess it, so you’re safe, right? All of this is bypassable if I have JavaScript running in the browser and I can pull that stuff out on my behalf, or I can get you to click on a link where that thing is embedded. There’s a bunch of different versions of that.

One of them is called clickjacking. It’s something that me and Jeremiah Grossman came up with years ago, but we’ll talk about that in a second. So this is an example of cross site scripting. This is a persistent version of it. There’s actually three different types persistent, reflected, and DOM based. The one that’s most important and most important for you guys is persistent, but they’re all kind of important. Basically, this is what it looks like. This is the inserting process. So, if your code looks anything like this, basically it’s just not sanitizing the input and it’s allowing me to inject JavaScript directly in. So, instead of putting my name as Bob or Joe or whatever, I put in some JavaScript, right? And so, this is what the output looks like. It’s like, hello, Joe or Bob or whatever, welcome back. And instead of reflecting that back, it reflects the JavaScript. That JavaScript pulls in whatever I want in my payload, reads the nonces off the page if that’s a thing I have to worry about, or overwrites the page, or steals the cookies, or gets that user to click on the thing that they shouldn’t have clicked on from an admin perspective, or whatever, whatever, whatever. You can imagine. Anything you can do in JavaScript space, you can do with cross site scripting, and that’s how it works.

All right, so this is clickjacking. This is only one variant of it. There’s literally basically an infinite amount of them because it’s whatever I can get you to click on that think is interesting. This was the original one, so just from my perspective, it was interesting, more as a history lesson than anything. So I wanted people to click on that thing. I wanted them to click on that little thing that says Always Allow, because what that thing allows me to do is have full access to their browser to do anything I want, which is bad, including things like turn on the camera and microphone. Could be useful. So, in JavaScript space, I basically created malware in your browser and I could do anything I want. But no one knows that Sites exists. It’s impossible to get people to click on it. It’s kind of a weird widget. And they try to protect it in various different ways. But it doesn’t matter because what I do is I put in an iframe, and I put that in an iframe, and I put that under your browser, and I make it hover underneath your mouse pointer, and when you click wherever you want on the page, you are clicking that button on my behalf. And so now I have full access to your camera, microphone, whatever I want.

Okay, so other things. This is Denial Service Attacks. There’s a whole wide world of Denial Service Attacks. I’m only going to cover a few variants. Mike wanted me to cover SlowLower specifically because it’s the one that I wrote. So, hello, my lovely assistant here. Say hello to Michael. Hello. Okay. So, I’m going to say I’m going to introduce myself as if you don’t know me, all right? I’m going say, my name is Robert, and you’re going to say My name is Michael. Okay. Good. You’re good at this. All right? Hi. My name is Right. So that awkwardness where I never completed that Thank you, thank you. That awkwardness where I never completed the end of that sentence is how slow luris works. So instead of sending a full request and doing that full handshake, now that thing’s done, we can part ways, and she never starts to talk to me again, I’m sitting there awkwardly holding her hand. And she kind of wants to pull away, this is weird, and you’re staring at me, nothing’s happening, but she isn’t programmed to do that because she’s being nice. Similarly, the web server is trying to be nice to you. It’s trying to say, Okay, might be a little slow. Maybe you’re coming from a different country, whatever. Maybe there’s reasons you’re going slow. So, it just basically just hangs and waits for you to be finished.

So, now imagine there’s more than one thread. Let’s say you’re all part of this now, right? 200 or 300, 350, something like that. 350 people, 350 connections, and I just replicate myself 350 times, and I go up and I shake everybody’s hand. Now, nobody is able to do anything they want to do because they’re all just sort of stuck there with their hands being held. And now, you can try to release, but then I’ll just grab it again. I’ll say, oh, no, sorry about that. And that’s how it works. I’ve created a thousand threads, I basically consume all the open connections, nobody else can reach that site other than me, which is actually one of the coolest attacks I’ve ever come up with, and one of the reasons why is because now that I have all 1,000 connections, I can be the only one finishing the connections. So I can decide, actually, now that I have a port open and no one else is on the box, I can go and actually use one of those connections. So, for instance, let’s say I have an auction site, and the auction site has a bidding window and then it’s over. Well, in the last 10 minutes, I can just lock everybody out and I can be the only one deciding what I want to bid on it, right? Okay. 

So Rudy is another version of it. It’s called R U Dead Yet, is what it stands for. It’s basically like a slow post version. Actually, Solaris does have a post-based version. The reason why you might want to use that versus the GET based version is something called an Accept header inside Apache, which basically says post is treated differently than GET. Sometimes people are slower with Post than they are with GET, so handle it differently. Either way, they’re basically the same things. Another thing you can do is, basically, you can set too many cookies in the browser. There’s about a thousand different ways you can do this.

My personal favorite is you have a whole bunch of websites, and they have to be different websites, they’re truly websites, and you just have all of them set, as many cookies as you possibly can. Eventually, you overwrite the cookie jar and you log people out. So, for instance, let’s say you have an affiliate program and you wanted to kill the affiliate cookies for everybody else and you wanted to have only your own. Well, first thing you’d do is you’d set up a bunch of websites and you have this browser come in, iframe them or whatever to all these different websites, set a bunch of cookies, and now your competitor’s cookie is blown away, right? Okay, so next one is application DOS, a little bit higher in the stack.

I’m not going go over all of these, but one of my favorite ones is the zip bomb. So, oftentimes, there’s different types of gzip deflating coding done on websites. Sometimes there’s zip encoding. Many of them, zip in particular, allow you to zip within zip and within zip, and you can have multi gig files in a zip file. And so, when it attempts to unzip something that’s very small, just a few bytes, this thing explodes on the machine and consumes tons of disk space. 

Another one that I really like is the last one there, the chat one. So, we talk a lot about LLMs, but one of my favorite things is, what is one of the most expensive things you can run on a website? An LLM, right? Especially if you’re pointing at OpenAI or whatever and you’re basically consuming all this API tokens and that those tokens cost money. Well, what if I just decided to send a thousand or a billion or whatever chat messages at you? Well, you’re just basically eating all that cost for absolutely no upside.

Next one is the client side DOS. So we’ve experimented with this quite a bit, and it does work quite well. If the competitor has an ad on their site, I can make that ad extremely non performant, like ridiculously, ridiculously non performant, especially when Google hits it. So Google’s like, woof, this site sucks. Or if the users bounce because it’s loading so slowly, well, they’re like, oh, I’m seeing a lot of bounce off of this website, or whatever. 

Another one is taking over old S3 buckets. So a lot of times people will point something at an S3 bucket and then they’ll forget to pay their bill or whatever. It doesn’t have to be just S3, by the way. There’s a bunch of different services that are like this. But you basically take it over for them and you pay the bill. And now you can basically inject whatever client side stuff you want to make it extremely slow and all of a sudden they start de-ranking.

Last one there is bandwidth denial service. LOIC, Low Orbit Ion Cannon, is probably the most common, especially when tied with a botnet, but there’s a whole bunch of versions of this, like literally hundreds. Another one is called page reboot. This is what was used to take down a RAM. Basically, they just got a whole bunch of people to click on a page that just reboots itself, just like this doesn’t matter, refresh every five seconds or something. Another way to do it that we tested and it worked quite well was ad networks. So we can basically take an ad network and put a whole bunch of iframes and just basically refresh them over and over and over. And it turns out with about a million ads running full time, you can really put the hurt on Cloudflare even. So much so, they called Mercy and they told us to turn it off.

Okay. So next one is parasitic hosting. So there’s a whole bunch of different ways to upload content on people’s websites. Most of it is totally pointless and stupid and it shouldn’t exist, but sometimes they do need it for business reasons, and so there it is. FTP is one of the ones that people kind of overlook. It’s not as common as it used to be just because people have gotten better about how HTTP works, now they have all kinds of like Dropbox and all kinds of other stuff that kind of took the place of FTP. But FTP is still out there, and OpenFTP is still out there. And in particular, OpenFTP that has user logins that’s anonymous. So as an anonymous user, I can upload some content and poof, I’m off to the race. And then, open file uploads, there’s a bunch of different versions of why they might want this. Let’s say they need to upload your taxes or some form or whatever. Well, if you upload your content or whatever and can access it some other way, well, that content could be massive images or movies or whatever, and now you’re basically using up their bandwidth for your own benefit and also degrading them in the process, which is hilarious.

Avatars is the last one, pretty obvious. But some avatars do not actually check to see the MIME coding, or double check to make sure it actually is an image so you can upload whatever you want. All right, so SQL injection is a little bit more complicated. I’m not going to get into too much, but basically this tick or one equals one dash it should be two dashes. Well, it is on that side. Anyway, it’s a typo, but this one’s correct. Select star from users where email equals, and then you’re basically ending the sentence, or one equals one dash dash. It’s kind of like saying, like, the dog’s name is, and then underline and then dot, right? Well, it has to be grammatically correct. So it’s like the dog’s name is whatever dot, and then go you know, give me a million dollars, but you leave that dot off the end, that final dot makes it complete and grammatically correct. So you need that dash dash to sort of do that.

Command injection is way easier, but is less preferred by attackers, mostly because when they land on the box, they’re not exactly sure where they’re supposed to be, what they’re supposed to do when they get on the box. They don’t know what to do. It’s the next step. So SQL injection is the preferred way if you’re trying to really mess up your competition because you’re already sitting there in the database. You can change whatever you want in the content. You can add links or delete content or whatever you want to do. Command injection takes a little bit more expertise. You kind of have to know what you’re doing. You have to know how to connect to the database internally, etc. And you have to know how to do it through command line long strings like this. It’s just kind of a pain in the ass. Totally doable, though. I’ve hacked many sites like that. 

All right. Lastly, because I am out of time, is I am thinking the future of AI is going to be very, very interesting with regards to how people scrape. People are going to be scraping using all kinds of dumb methods. They’re not going to be using really sophisticated technology. And in certain cases, they’re just going to take, hey, I see a Ptag. Anything in a Ptag, you’re like, oh, that’s obviously content I want to scrape. And they’re going go, that’s what I’m after. And so you can do really cool things, like old school cloaking techniques, to change the content in all kinds of interesting ways that might make the AIs make the LLMs think things are true that aren’t true, or get them to think different things than what Google is thinking, if that makes sense.

All right. That’s how to get in contact with me. I really appreciate it. And thank you, Mike, the king, for inviting me. Really appreciate it.