Transcription performed by Leah Hervoly www.leahtranscribes.com
[START OF RECORDING]
JACK: [MUSIC] I went to Europe once, all by myself. I had to save up for like, a year to afford to go but once I got there, I had no money to do anything so I sometimes snuck into places. I won’t say specifics but I’ll give you some ideas. I snuck into a castle once. Yeah, my trick was to find the gift shop and see if the tours dumped out in the gift shop or something and sure enough, they did. So, I went in through the exit. The castle was pretty cool. I was able to scramble up long, twisting stairwells and get into higher floors and look at rooms and stuff. Eventually another tour came through and I just jumped in that and went back out. I had such little money on that trip; I remember once going to a hamburger stand and literally asking for half of a hamburger because I didn’t have enough for a whole one. The guy was flabbergasted but he was nice and gave me a hamburger with nothing extra on it, just plain, and told me I couldn’t even use any ketchup. Another time I remember going on a train with no ticket and just hiding in the bathroom the whole trip. When the train stopped at my station, I just ran off real quick. But ah, I miss traveling. You ready to take some trips again? I think we’re all itching to go on vacation when life returns to normal. But don’t take off just yet. In this episode, I have two stories for you. The first one is about an airplane boarding pass and the second is some travel hacks that you’re just not gonna believe.
(INTRO): [INTRO MUSIC] These are true stories from the dark side of the internet. I’m Jack Rhysider. This is Darknet Diaries. [INTRO MUSIC ENDS]
JACK: For this story, I’m talking with a person whose hacker name is “Alex”.
ALEX: Do you want to hear the story of why they call me “Alex” with the quotes?
JACK: Yeah. You always use it in double quotes there.
ALEX: Yeah, it’s in double quotes. In fact, why is it in double quotes? Who does that? The answer is because when I wrote this blog post a few years ago, Vice Magazine, they read an article about my blog post where they referred to it and they said oh, according to a blog post written by a hacker who goes by the name “Alex” in double quotes, and that’s my real name. That’s not my hacker name. I just had my real name on the blog. They just said oh, that’s this hacker called “Alex”, and so that’s my hacker handle now, I guess.
JACK: Okay, so their name is just Alex, and Alex lives in Australia. By trade, Alex works on the red team.
ALEX: My job is to hack the places that I work exactly like a real attacker would, as realistically as possible but then instead of selling all the data on the dark web, we show them how we did it instead. Metaphorically, my job is to commit crimes and then write very, very detailed confession letters.
JACK: Yes, but you’re not bringing me a red team story today. You’re bringing me a different story.
ALEX: Nope. We’re just talking about a fun thing I love to do on the weekends, I guess.
JACK: Alex has a blog. It’s called mango.pdf.zone where they document different things they’ve hacked. Like once, Alex got permission from a friend to hack into her stuff and so Alex went about doing that just to see if they could. It’s an amazing story which I learned a lot from. Then normally Alex gets permission from the person before trying to hack them. But one day Alex got a tip, a tip that asked if they could hack someone way outside of Alex’s friend group. [MUSIC] So, how did this all start?
ALEX: It all started one Sunday afternoon when I was sitting at home at my desk, drinking from my water bottle in a way that did not possess any intent to subvert the commonwealth of Australia, where I live. Suddenly, my – I got this message in the group chat. The message just said @Alex, can you hack this man? It was a link to an Instagram post by former prime minister of Australia, Tony Abbott.
JACK: Well, that’s quite the audacious challenge, isn’t it? To hack the former head of state of the country where Alex lives in? But this was not for some political agenda or even to get even with former PM Tony Abbott. No, it was much smaller than that. Tony Abbott is on Instagram and he just posted something that was very interesting to Alex.
ALEX: Months before this, I was talking to people about boarding passes and saying yeah, people post their boarding pass online all the time. They just post it on Instagram saying ‘going on holiday; check it out.’ But they don’t realize that their boarding pass can be used for bad identity fraud somehow, so some hacker is just browsing #boardingpass on Instagram, being like yum, yum.
JACK: That’s exactly what Tony Abbott [00:05:00] just posted on Instagram; a picture of his boarding pass. I don’t know why. I guess he was just showing off for the gram that he’s traveling around or something. But it doesn’t matter. What does matter is Alex was telling people that this is a bad thing to do. But can Alex prove why this is bad?
ALEX: The post was a picture of his boarding pass for a flight and he’s like, taking a picture of the boarding pass. It’s kind of in his lap. He’s sitting in the plane and it’s just a photo of the boarding pass. It’s just showing that hey, I’m on a plane. The caption is something like ‘I’m coming back to Australia. Hello,’ or something.
JACK: Okay, so the first thing that comes to mind for me is that if you post your boarding pass, people immediately know you’re not home and might take that opportunity to break into your home and rob you. So, that’s one thing and that’s a big thing, but is anything really bad about showing the world what flight and seat you’re gonna be on? I mean, it’s not like he’s posting his credit card or even passport which has details that he doesn’t want people seeing. So, Alex was curious exactly what information is contained on a boarding pass.
ALEX: When you get a boarding pass from an airline or when I have at least, they don’t really tell you that it’s secret, right? When you type the booking reference into a website, it doesn’t come up as dots like a password. You can just type it in and you can see it as you’re typing. That’s sort of what people have learned means oh, okay, that means it’s not secret. But actually, it is secret. So, I think the messaging from the airlines is a bit confusing as to whether your boarding pass/booking reference is meant to be secret or not.
JACK: So, that was the situation when Alex received this text asking if Alex can hack the former PM. Alex knew that this boarding pass contains sensitive information but did they really know how to get that or what someone could do with that? So, Alex took on the challenge of hacking the former PM Tony Abbott’s boarding pass to try to figure it out for themself.
ALEX: [MUSIC] I was curious. I kind of just wondered oh, this famous person has done this thing that could be bad or dangerous. Is it? Is it dangerous? How bad is it? What has happened? I didn’t know. I didn’t even know anything about what you’re meant to do with a boarding pass but I wanted to find out.
JACK: So, Alex who has training and experience as a red teamer and security incident responder began to figure out what they could do with this photo. What’s the tool you used to get started hacking this boarding pass?
ALEX: Oh, I tried to use the most elite hacker tool I know, so I opened up Google Chrome and just started typing in the bar at the top that Googles things.
JACK: Yeah, it’s true; Google has probably helped more hackers than any other tool in history.
ALEX: I knew there was something bad about posting your boarding pass and I knew that something bad could happen if someone else had it but I had never done it before and I didn’t know where am I supposed to look, which information is the secret, important information. I don’t know.
JACK: After some Googling, Alex found out that their first target should be the bar code on the boarding pass. This bar code contains all the important information for a person’s flight, including the booking reference number that Alex needed to gain access to Abbott’s account.
ALEX: I tried to scan the bar code just using a bar code scanner app on my phone but it didn’t work. I thought oh, okay, maybe it’s too blurry. So, I tried making the picture bigger but then it still didn’t scan. Okay, so I went into Photoshop and tried to turn up the contrast and make the little bars more obvious so that the app could pick it up but it still wasn’t scanning the bar code. I spent a long time, like maybe fifteen minutes looking at this image, trying to fix the bar code. Then after that time, I noticed that the booking reference is also just printed on the baggage receipt in text. You could just read it with your eyes; you don’t need the bar code scanner app at all. I was like wow, I graduated university but it did not prepare me for this moment.
JACK: Okay, so the bar code wasn’t even needed here. The airline just printed the booking reference number right on the ticket in plain text. Once they realized that, Alex went to the airline’s website to see what access this gets you.
ALEX: [MUSIC] So, I went to the Qantas website – that’s the airline – and I went to the Manage Booking page where you log in with your booking. There’s two things you need to manage a flight booking. The first one is the booking reference which I just got and the second one is your last name. I knew the last name; it was Abbott. It was also printed on the boarding pass.
JACK: So, taking these two pieces of information that Tony Abbott just posted to his Instagram account, Alex tries to log in to the airline’s website with these details.
ALEX: I was kind of hoping that the second thing you need would be a password or something more secret, but then I realized that the booking reference is the password. I was like, okay.
JACK: Yeah, it turns out that’s all you need to log into the site with.
ALEX: So, I typed in the booking reference and last name and just clicked Log In. I haven’t done any hacking here. I’ve just read a six-digit code and typed it in. Then when I hit Log In, it was like hello, Mr. Abbott. Welcome to your flight and stuff. Here’s all your flight details. I was like, oh.
JACK: Alex was now logged into Qantas Airline’s [00:10:00] website as the former Australian Prime Minister Tony Abbott without his permission. This felt illegal but at the same time, they just entered in some basic information that Abbott himself posted publicly on Instagram. I’m not even sure if this is classified as logging into a website. Like Alex was saying, they don’t obscure the booking reference when you’re typing it in, so it doesn’t feel like a password. Then it’s printed right there on your boarding pass. So yeah, airlines just don’t seem to be treating this as sensitive information. Like, airlines aren’t telling you to keep this secret and to not share it with others. This isn’t an area of their website where you can do much, especially after the flight has taken off. You can’t buy tickets or make reservations here. No, it’s just there to check your flight status.
Yeah, it’s a gray area on whether this is a super-private area of the website or if it’s just security through obscurity kind of thing. But Alex was in there now and was looking around to see what was there. At first it didn’t look like there was anything important. The flight had already happened so it wasn’t like they could change the booking or anything and Alex could see that the flight was booked through a travel agency. Then Alex found Tony Abbott’s frequent flyer number. But what are you gonna do with that? This is not really a piece of identifying information and doesn’t do much, so even though Alex logged in, there really wasn’t anything on this website that would be a privacy problem or security concern. At this point, Alex was relieved to not have found anything. But what else could there be?
ALEX: I wasn’t gonna give up just because there was nothing that I could see on the web page. I’m not gonna stop just ‘cause a web page says we’re done.
JACK: Oh yeah, that’s right, ‘cause you’re a red teamer and you have access to the elite hacking tools such as Kali Linux, and you probably got an old back track hanging out somewhere.
ALEX: Jack, you can’t say that to me.
JACK: Alex wanted to analyze the website further and look for any hidden data that might be obscured somewhere. Maybe there’s secret information buried somewhere on the website and you need a super-special hacker tool to see it.
ALEX: Then I used the only hacker tool I know which is to right click on a page and then click Inspect or Inspect Element. That opens up the page source of the page. It shows you the HTML of the page. Listen, somebody might one day try and tell you that this is hacking or this is an advanced computer skill. It’s definitely not. Anyone can do this. This is a tool that programmers use to try and understand websites. It’s not made for hacking. This is not an advanced, elite hacking tool. Anyone can do it. I hope that’s clear.
JACK: So you’re saying right click, View Source is not illegal.
ALEX: I’m not a lawyer but I’m confident on that one.
JACK: Yeah, so the way a website works is your browser asks the web server for the information on the site. The web server sends the data over formatted in HTML. Now it’s just a matter for the browser to format and display the website. But yeah, in order for the browser to know what to display, it must have that HTML. Since the dawn of browsers, you were always able to right click on any website and then click View Source and see the raw HTML. It’s not illegal to view source because every website you ever visited ever, the browser is viewing the source for you. But the reason why Alex did this is because sometimes there’s extra bits of information that might not be displayed in the browser but it is there in the HTML.
ALEX: When I started looking at the page source, I was like okay, yep, this is a web page, and so I kind of scrolled around ‘cause I didn’t know what I was looking for. I was just kind of wondering if there was more stuff in there. Then eventually after scrolling around I noticed there was this big section of JSON, this big section of data just in the page which is – I mean, sometimes that happens in web pages but it’s kind of strange for the page to have a whole bunch of extra data in there that it’s not showing.
JACK: JSON data is just another way to format data. It works particularly good for web browsers to parse it and read it, and Alex said this chunk of data was just a little too big for them to look at and understand; long lines of text and data and numbers. It’s not encrypted; it’s just hard to read.
ALEX: I realized that I wasn’t gonna find the passport number or anything like that by just rummaging around in the HTML ball pit, so eventually I just searched for ‘passport’ in the page. [MUSIC] One of them was this thing called Passport and it had a thing called Date of Birth and it had a thing called Document Number. The Document Number sure looked like a passport number. Then I sort of looked at the birthday and it was the same birthday that Tony Abbott had when I looked him up on Wikipedia. I was like, oh no. It’s just there. It’s just in the page. At that point, I was fairly sure I was looking at the extremely secret government-issued ID of the former prime minister of Australia and former servant to Queen Elizabeth and I was kind of worried that maybe I was doing something wrong somehow, but not enough to stop [00:15:00] looking.
JACK: This, I would say, is a privacy problem. By posting your boarding pass, someone can use that information to log into the airline’s website and click View Source and see your birth date, passport number, frequent flyer number, and flight details. With this information, a bad actor could do some nasty stuff. You don’t want to be just telling the world what your passport number is. Somewhere in here, Alex dubbed this the Do Not Get Arrested Challenge of 2020 because this felt wrong but where was the line? Alex wasn’t sure. So, at this point, I mean what’s the nerves feel like for you?
ALEX: At this point I was like hah, I think I have the former prime minister’s passport number. I was thinking oh boy, oh jeez, because for all I know, other people are looking at this page at the same time as me. There’s no guarantee that I’m the only one here. So, this is basically public, this passport number, and so I was thinking okay, I better get someone somehow to reset his passport number like you reset a password. Can you even reset a passport number? Then I was thinking, this all seems okay but is it possible that I’ve done a crime? After I found the passport number, I was wondering well, is there anything else in this page or is it just the passport number? So, I wondered if there was a phone number, so I searched for phone and number and things like that but nothing came up. But then I, in an extremely big-brain move, searched for 614 which is the first three digits of an Australian format phone number. [MUSIC] That led me to this really weird section of text in the page. There was a phone number that was enough digits beginning with 614, but it didn’t just say like, phone number equals this. It had all this strange uppercase, all caps spaghetti airline code. Like, the phone number said all caps CTCM SPACE QF SPACE HK1 SPACE and then the phone number. There was all this other weird uppercase stuff all over the place.
JACK: It turned out that Alex had found a section of the code called SSR for Special Service Request. This is a special airline language that’s code for things like whether or not this passenger wants a vegetarian meal or the passenger is an unaccompanied minor. In Tony Abbott’s SSR, Alex could see notes left by the airline and one of the notes started with the code CTCM. When Alex looked up what CTCM meant, it was a note that contained the passenger’s phone number. This is so if the airlines need to text you about delays or whatever. At this point, Alex thought they’re now looking at Tony Abbott’s phone number. This was about the point where Alex knew they needed some help. After all, this was the Do Not Get Arrested Challenge of 2020, so Alex reached out to the Australian Free Government Legal Aid Hotline. But whoever answered the phone, they just didn’t know enough about computers to be able to help Alex with this.
ALEX: I didn’t think that anything I had done sounded like a crime but I understood that sometimes when the other person is famous or something, that things can suddenly become a crime. So, I was like well, what if it’s the former prime minister? Is it illegal to do this? I don’t know. I don’t know the laws, so I should probably try and find an adult who can tell me how it all works.
JACK: When the free telephone lawyer told Alex they didn’t know, Alex went looking for themself to understand if they had committed any crimes.
ALEX: I was kind of just Googling it, being like hey, what are the laws? Can I read them? It turns out there is. There’s this thing called the Legislation and it’s just the laws written down. I had no problem scrolling through and reading all the HTML of that page, but whoever wrote the legislation was just making up words. There was just so many complicated words and it’s so not obvious what they mean. But I was eventually able to divine from the Times New Roman tea leaves that having the passport number shouldn’t be a crime. That seems fine. I was worried about defamation which is where you publish it and it makes someone look bad, but I realized that in the laws it says that it’s not defamation if it’s true. So, just publishing that it’s a true story, that’s okay. But then the laws that I read that were about computers were like, it’s illegal to do anything with a computer. If you ever log in to a computer, that’s a crime. So, I was like oh, okay, I should ask a lawyer about this.
JACK: Okay, let’s take a moment to gather ourselves here. Alex’s whole goal in doing this was to show their friends that they should not be posting photos of their boarding pass on Instagram and now Alex has this really cool story about how the former PM posted his boarding pass and how Alex was able to easily get all kinds of private information just from that. Alex wants to blog about this or at least be able to show this to their friends.
ALEX: My end goal was to publish a blog post about all this and also fix the problem. So, step one was to figure out whether I’ve done a crime. [MUSIC] Step two was to notify somebody that this happened so they can fix it and notify someone that the passport [00:20:00] number got made public. Maybe Tony Abbott, maybe the government. Step three was to get permission to publish that blog post about it and step four was to tell the airline, tell Qantas that – about the fact that all this information was just in the page so they can fix it.
JACK: At this point in the story, Alex’s interpretation of the law puts them on the safe side. But is Alex’s interpretation actually good enough to stay out of jail? Interpreting the law is very tricky, so they continued calling lawyers and seeking help to get some answers which was not so easy because they didn’t want to admit anything. Alex just wanted to know hypothetically if somebody did do this, would it be illegal? Eventually Alex heard enough people say it’s probably safe and Alex was feeling confident enough. But I want to emphasize something here; Alex’s motives mattered on whether or not this was illegal.
This was done for research and to do responsible disclosure so even though this was legal for Alex to do, it probably wouldn’t be legal for a criminal to do the same thing but with the intention of doing some kind of malicious activity. Step two was to notify Tony Abbott that his personal information might have been seen by other people. That should be easy enough; I mean, his personal number was just one of the things that Alex found in the HTML. Plus, he obviously was on Instagram since he posts photos there. So, Alex could just call Tony Abbott’s cell phone directly to report this or send him a DM on Insta. But what are you gonna say? Uh, hi, Mr. Abbott? I hacked your boarding pass.
ALEX: That’s the other thing, is that I wanted to be really careful about the way I reported it or communicated it because it’s – there sometimes is this yikes thing that happens. I’m sure you’ve seen where someone’s trying to be responsible and report a security problem and help the person fix it but the people misunderstand and they think that you’re trying to hack them or ransom them or something and they get really mad. I didn’t want to play that game.
JACK: Okay, so, no, Alex didn’t want to just DM Tony Abbott about his passport but Abbott left office in 2015 so now Alex had a new challenge. Who in the government do you call to leave a message for the former prime minister? Alex reached out to some friends to see if they had any advice. At first there was nothing but then one friend had an idea.
ALEX: One of my hacker friends told me to call 1300 CYBER1.
JACK: [MUSIC] 1300 CYBER1.
ALEX: I was like, excuse me? That’s not real. You can’t be serious. You can’t say that. But apparently that’s the Australian phone number to call Cyber or something. I’m not really sure but you know I called that number.
JACK: You called Cyber?
ALEX: I instantly dialed 1300 CYBER1 and the person on the other end was like, hello? I was like, incredible. It’s real. I vaguely explained what was going on and they said oh yeah, no worries. Here’s this e-mail address where you can report this to ASD. ASD is the Australian Signals Directorate. It’s like the Australian equivalent of NSA.
JACK: Admitting all this to the Australian version of the NSA? That seemed a bit intense but apparently in Australia, that’s who you go to for stuff like this.
ALEX: I wrote them an e-mail just like the person said and I said you know, hello, I found the former prime minister’s passport number. Here’s the last digit and stuff to prove that I found it. Let me know if I can help. Let me know if this is useful for you. They replied instantly which is great ‘cause no one else had been replying instantly.
JACK: They replied right away and it was interesting because the e-mail’s subject said Security Level Sensitive which is some kind of security rating the ASD assigned to the e-mail which was pretty interesting to Alex.
ALEX: I knew that I had made it to the big time.
JACK: In their reply that ASD asked for more information from Alex. Once Alex gave it to them, Alex says they basically told them alright, thanks for the help, kid. We’ll take it from here. So, that seemed like it was the right thing to do and at least security would be addressing something with the former prime minister. Like, maybe someone was calling him right now saying take those images down from Instagram. But next, Alex wanted to let Qantas know about this vulnerability on their website.
ALEX: I wanted to tell them hey, inside the page source of the Manage Booking page is – you send the passenger their own passport number and their own phone number and their own – whatever else is in that weird uppercase spaghetti.
JACK: Alex found an e-mail for the security team at Qantas and told them about this vulnerability. Just like with ASD, Qantas sent them an e-mail that basically said thanks, we’re on it, and then radio silence. So, that’s two official bodies alerted and both times they said they would take it from there. So technically, Alex had done all they needed to do. But now, Alex wanted to get some kind of permission to be able to post this story on Alex’s blog. So, you wanted permission to post this and specifically you wanted permission to post hey, this is Tony Abbott’s, not just like, here’s what you can do with a boarding pass.
ALEX: Yeah, I wanted to tell the whole story exactly as it happened to me without leaving out anything important.
JACK: Why is this? ‘Cause I like this. I like it when people blog and stuff, so why is it important to you to publish this story?
ALEX: Lots of reasons but firstly I love writing dumb blog posts where I [00:25:00] do stupid jokes and also try and say something meaningful. Love to do that. But I wanted to show all the details and how simple it was because I wanted everyone to feel like oh, I could do that. The idea is yeah, you absolutely could do this. I didn’t do anything special. Anyone could have done this. I wanted to show that oh, well, if it’s that easy for it to happen to somebody famous, then it could happen to anyone.
JACK: Alex seems like a good person. They wanted to get that stamp of approval or at least let Tony Abbott know that his name was going to be attached to the story. But the only problem was…
ALEX: I didn’t really know who I needed to get it from. I was like, from the government? From Tony Abbott’s – does he have a security team? I don’t know. Do I tell Tony Abbott himself? I didn’t know.
JACK: Right. So, how did you go about trying to figure it out?
ALEX: I spent a long time not finding anyone to talk to. I spent a long time not knowing how to contact his staff or who to contact, and a lot of time waiting for the government to reply to e-mails that they never would reply to and never did. But then one day, in a burst of motivation or something, I told a journalist friend about this and asked them if they knew how to – what I should do next. They had really, really good ideas ‘cause they’re a professional journalist. So, they said I should try and find his former staff from when he was the prime minister, so his former ministers and stuff, and contact their offices and see if they have his contact details.
JACK: The logic here is that Alex didn’t want to call Tony Abbott directly. They wanted the office of Tony Abbott to let his people know about this because surely a former PM has people, right? Alex thought that the current administration might have connections to the former administration’s people. Alex went to Wikipedia and searched through Tony Abbott’s staff when he was in office. Minister of the Arts? No, he’s retired. Minister of Agriculture? No, he’s retired too. Eventually Alex noticed one name that did sound familiar.
ALEX: One of his former ministers was Scott Morrison who is the current prime minister of Australia today. I was like oh, well, he definitely has an office.
JACK: Calling the current prime minister’s office looking for the old prime minister; yeah, that sounds like a good plan to me.
ALEX: I was like, hello? I was trying to explain that hi, I know that this is not Tony Abbott’s office but I was wondering if you had his contact details ‘cause I have this media inquiry which is what my journalist friend said to say. The person I was talking to interrupts and explained so, Tony Abbott isn’t the prime minister anymore. This is actually Scott Morrison’s office. I was like yeah, I know. Please, can you check if you have the contact details? She said that she wouldn’t have them and went to check for like a long time, like maybe fifteen, thirty seconds. Then after that time she was like oh, actually, I can give you Tony Abbott’s personal assistant’s mobile number. Is that good? I was like yes, that is extremely good. That’s what I’ve been looking for this whole time. Yes, thanks.
JACK: Alex jots down the number, hangs up, and dials that number.
ALEX: Then I called it right away and I – the person who answered, I was like hello, is this Tony Abbott’s personal assistant? The person was like no, actually, that’s not me but I am one of Tony Abbott’s staff. I was like, amazing, incredible. This is what I’ve been trying to find for months. I started explaining the thing that I’d rehearsed on the phone so many times, explaining the security issue and I want to report it. Halfway through, the person says sorry, who are you and what organization are you calling from? I was like oh, no, no, I’m just Alex. I’m just a person. I’m not calling from anywhere. I just found this thing. But they were understanding and they were like, I’ll have to call you back.
JACK: It sounds straightforward but getting this far actually took a long time, like at least a month of trying to figure out someone close to Tony Abbott to explain the impact of posting his boarding pass on Instagram like that. This felt like major progress.
ALEX: An hour later I get a call from another number that I don’t recognize and it’s a beautiful moment for me because he says [MUSIC] that he knows what I’m talking about. He’s like yes, I’ve seen the e-mails from ASD. I’m currently in the process of getting Tony Abbott a new passport number. It’s like, amazing. It’s so good for me to talk to someone who knows what I’m talking about.
JACK: Wow, success. After all this time, Alex finally got confirmation that all those e-mails weren’t just going into the void. I didn’t even know you could get a new passport number but apparently that is a thing. Thanks to Alex, Tony Abbott was getting a new one. Alex said this phone conversation went on for a while, discussing things like how they found all this information on Tony Abbott and what kind of stuff Alex wants to put in the blog post. The assistant asked to see a draft of the blog before Alex posted it so they can review it.
ALEX: Then he says these things do interest him. He’s quite keen to talk to you. I was like, excuse me? Tony Abbott wants to call me on the phone? I suppose I owe this service to my country at this point. What does he want to talk about? He said oh, he’s – just to pick your brain on these things. He’s quite keen to learn about it or something. I was like, alright, let’s absolutely go.
JACK: So you set up a date for the call and then, what, does Tony Abbott call you or you call him?
ALEX: [00:30:00] No, yeah, then my phone rings at 3:30 as we planned and it’s from a private number; nice. On the other end is Tony Abbott. He started telling me about how – mostly the thing that he wanted was to check that his understanding of how that I found his passport number worked; like, check his understanding was correct, and it was. He also wanted to ask how to learn about the IT, which is what he called it.
JACK: How long did you guys talk?
ALEX: How long did we talk? About half an hour, an hour? At least half an hour.
ALEX: I mean, we had a lot to – and he had lots of questions like how did it all happen and what can I do to learn about it? He was telling me about how he tried to log into a Microsoft Teams meeting earlier and he got fairly bamboozled by that whole process of trying to do it. He said he can now log into a Teams meeting in a way that he couldn’t before. Then suddenly he said you could drop me in the bush and I’d feel perfectly confident navigating my way out, looking at the sun and the direction of rivers and figuring out where to go but this? Hah. That was some incredibly powerful Australian energy. That’s like, the most Australian thing anyone’s ever said about – that anyone could ever say, saying oh, being dropped into the bush? No worries. That’s easy; I can just navigate my way out. That’s normal. But learning how to use a computer? Hm, that’s hard. Hm. Like, who does that?
JACK: Alex talked Tony Abbott through the entire process of how they ended up with his passport number. Then Alex started answering some tech questions that Tony had.
ALEX: Then at one point he asked is – if there was a book that he could read to learn about the basics of IT, since he wanted to learn how it works. I was like oh, I mean, there probably is a book out there called The Basics of IT or IT for Dummies or something but it probably won’t help because I didn’t learn from a book. Everyone just figures it out. So, I told him the story about my mom which was that when I was growing up, my mom always said there were too many buttons and that she was afraid to press the buttons ‘cause she didn’t know what they did. I would always say no, no, no, mom, you just gotta press all the buttons and then you know what they do. I don’t know if that helped him.
JACK: Did you actually tell him about your mom?
ALEX: Yeah. Is that okay?
JACK: No, I think it’s brilliant. That chat that Alex had with Tony Abbott about his mom, yeah, that resonates with me. My parents, heck, even my grandparents have been using computers way longer than I have yet for some strange reason, I’m better at computers than they are, way better. What is with that? Well, for one, when I got a computer, I felt compelled to push buttons. They were afraid to push buttons which always reminds me of this quote from The Hitchhiker’s Guide to the Galaxy.
TRILLIAN: Buttons aren’t toys.
ZAPHOD: Buttons aren’t toys.
JACK: Yes, they are. To me, buttons are toys. I want to push them all to see what they do. Something inside me just can’t help it and it’s this innate curiosity of mine that has absolutely led me into a lot of trouble with computers. I’ve ruined them, deleted important stuff, and whoopsed the whole thing many times. But then, you know what? I had to rebuild and restore it and fix it. So, for me, the way I learned how to be good at IT was simply being fearless at pushing buttons. Yes, sometimes I had really bad moments like that time in ‘05 when I somehow wiped twenty gigs of music from my iPod. Man, I’ll never forget that. That was the worst data loss experience ever for me but it’s moments like that that really teach you how to respect the tech. That’s my suggestion at getting good at IT, too; push the buttons and push them a lot. Well, so after Alex’s call with Tony Abbott, Alex got approval to publish the blog post. So, it was published. The post was a hit too, echoing across many tech publications as a lesson to be learned on why you don’t post pictures of your boarding pass to social media. But it also meant that the Do Not Get Arrested Challenge of 2020 was a success. We’ve got one more story for you after the break. Stay with us. Alright, so I have another flight-hacking story for you. This one is from TProphet.
JACK: Now, TProphet is no stranger to the hacking scene. I asked him how many Defcons has he been to? He told me…
TPROPHET: Yeah, all of them.
JACK: So, the first Defcon was in 1993 and has been a yearly event since. So, going to all of them is quite an accomplishment. Now there’s over 30,000 people who attend Defcon but that first one, like only 100 people showed up and TProphet was one of them.
TPROPHET: It was at the Sands and we had maybe fifty people in one small room. Yeah, that’s kinda how it started and it just grew from there.
JACK: You can imagine someone who’s been in the hacker scene for over thirty years must have a lot of stories, right? Yeah, well, TProphet isn’t sharing any of those stories with us today. I wish, but maybe another time. But TProphet likes to write. No, I’m not talking about the 120,000 tweets he’s written at this point. He’s a regular contributor to the 2600 Magazine, The Hacker Quarterly. But he also likes writing a travel blog called [00:35:00] seat31B.com. This travel blog is unlike any travel blog I’ve ever seen.
TPROPHET: In my free time, I like to travel. My goal is to join the Travelers’ Century Club which means that you visited at least 100 countries or territories around the world. I’ve been to all seven continents so far.
JACK: Even Antarctica?
TPROPHET: Yeah, including Antarctica. I went with a bunch of hackers, actually. The tour camp people and Tour Con did a cruise to Antarctica a few years ago called World Tour and so we went down. Hackers took over a ship; we had a 3D printer. It was awesome. It was like a former Norwegian icebreaker with mostly Russian crew which was pretty fun.
JACK: So, his blog is basically a bunch of travel hacks. Now, you might think oh, travel hacks. Yeah, I’ve seen stuff like that on BuzzFeed. Like, when traveling, wrap your shoes up in a shower cap so that you don’t get your clean clothes dirty. Or here’s a real advanced one; enable private browsing when booking your flight because sometimes websites will jack up the price next time you visit their site, knowing that you made up your mind and you’re ready to buy. But TProphet’s blog goes way beyond these amateur-level tips.
TPROPHET: I look at things from the hacker perspective and that includes getting there ‘cause one thing about travel is it can be pretty expensive, right? But I don’t like to pay money for things if I don’t have to pay money for things. I’m kind of an extreme couponer and that guy that’s like, going through the self-checkout with every single stacked coupon you can possibly do to get a pizza for $0.03, that’s me. I buy stuff I don’t even want to eat because I can get it cheap or free and I kinda do almost the same with plane tickets.
JACK: Now, my tricks to get cheap flights is to first do a comparison of all the flights to find the cheapest one. My second trick is to always book at least thirty days in advance which can save hundreds of dollars.
TPROPHET: Those are decent rules to try to follow but they’re not – you’re actually paying cash for a flight if you do that. Money is leaving your bank account. I don’t like paying money for flights.
JACK: Ooh, Bitcoin.
TPROPHET: No, no, Bitcoin’s money. You can turn it into money. No, I like paying points for flights because if you can get points for free and you pay for your flights with points, then you didn’t actually spend any or maybe not much money on your flight.
JACK: [MUSIC] Uh-huh. See? TProphet has figured out a way to get free flights to almost anywhere in the world by using points to buy tickets. This is so much different than a travel hack which might save you twenty dollars or something. Yeah, people who travel a lot get frequent flyer miles which are the same as airline points and this is a way for airlines to give thanks to their loyal customers. You can exchange frequent flyer miles or points for free trips to places. Now, historically, airlines gave these to loyal customers, people who flew a lot. But in the last few decades, airlines have been looking for new ways to find customers and can sometimes offer these points as a sort of marketing strategy.
TPROPHET: Generally speaking, what I do is I use my good credit to take the banks to the cleaners. They are falling all over themselves to give me credit cards and that’s totally fine. I’ll sign up for all of them. I get the points that go with the cards but if you can bank a bunch of points that the bank essentially gave you for very little or free, a points bank can turn into tickets that are worth way more than you would ever pay for the points, especially if you can get them free through credit cards.
JACK: Using this basic strategy, TProphet has gone to some pretty exotic places.
TPROPHET: I can actually talk about a trip that I took to St. Helena.
JACK: Where’s this?
TPROPHET: St. Helena is a British territory in the South Atlantic. It’s the final resting place of Napoleon.
JACK: South Atlantic; I can’t – I still don’t even picture this. So, this is off of Africa?
TPROPHET: Yeah. Well, you know where Walvis Bay is, right?
JACK: No. Okay, I’m sorry.
TPROPHET: Not Nambia, as the president says. Namibia.
JACK: Namibia. That’s Africa.
TPROPHET: Yeah, yeah, exactly. Africa.
TPROPHET: So, go to Walvis Bay and head due west for around four and a half hours on a plane equipped with special extra tanks to make it that far. Then land at the windiest airport in the world.
JACK: Okay, so if I were to fly from the US to – what’s this place called again?
TPROPHET: St. Helena.
JACK: St. Helena.
TPROPHET: Wonderful place to visit, by the way. I totally recommend it.
JACK: How much would that cost in airfare for a typical person?
TPROPHET: That depends. Do you want to sit all the way in the back in the middle seat with somebody reclining into you and a baby throwing up in your lap, or do you want a personal lie-flat suite with champagne and caviar brought to you, where you’re waited on hand and foot the whole way?
JACK: What did you choose?
TPROPHET: [00:40:00] Of course the latter.
JACK: [MUSC] That’s the other thing about TProphet; he’s not just trying to squeeze his way onto the cheapest seat of the plane just to get somewhere for free. No, he upgrades the experience to sit in the special seats at the front of the plane, like the ones that recline all the way down into a flat bed. Okay, so to get from say Seattle to St. Helena on a lie-flat business class ticket would be how much?
TPROPHET: Business class? You would be paying somewhere in the neighborhood of $10,000 for that if it’s business class. But I didn’t go business because that’s so gauche. I went first class for part of it where they bring you the cru champagne.
JACK: Okay. I didn’t know there was a difference between business and first.
TPROPHET: Oh yeah, yeah. First class is – I mean, just to give you an idea of first class; on this particular trip, the first class lounge in Hong Kong, I’m pretty sure Elon Musk was in there. The reason why there’s first class is because who you’re flying with are people like Hong Kong movie stars and celebrities, billionaire hedge fund managers. They’re paying more money so they don’t have to be around you. That’s really what this is. It’s not all that much better than business class. You get a lie-flat seat in both cabins. You get pretty nice food in both cabins. You get some really ridiculous expensive luxury stuff in first class. They bring you a box of chocolates before you leave that’s pretty nice, and you get access to lounges that are not for you. In fact, there’s so much not for you that when I started walking to the first class lounge in Hong Kong, I got swarmed by easily eight Cathay Pacific staff who came out of nowhere. It was just like, bam. There’s all these people there and they’re like sir, can we see your ticket? When they looked at it they’re like oh, right this way. I don’t exactly look like a fancy billionaire hedge fund manager, right?
JACK: I mean, Mark Zuckerberg wears a sweater, wears a hoodie sometimes, so…
TPROPHET: Yeah, exactly. That’s the thing. There’s now a mental model that they assume you’re some kind of Silicon Valley entrepreneur or something, so I just try to give off that vibe now.
JACK: Yeah, did you – where did you fly out of to get there?
TPROPHET: I started in Seattle, flew to San Francisco and then did first class – San Francisco on that trip and then I did first class from there to Hong Kong. Then business from Hong Kong to Johannesburg because that’s the only cabin the Cathay operates to there. But that would have been around an $11,000 flight if I paid for it, just for that part.
JACK: Right. So roughly $11,000 plane ticket is what a normal person would have to pay for that.
JACK: What did you pay for it?
TPROPHET: 70,000 Alaska Airline Mileage Plan points and around $22.00 in taxes. I got all those points for free.
JACK: [MUSIC] Free? That means the only out-of-pocket cost he had to pay for his flight there and back was $22.00 in airport fees and he’s traveling on the luxury seats? These kind of seats are not typically offered to people like you and me. You’ve gotta know that this even exists and then it’s crazy expensive. Yet, he got these tickets for free. That’s just incredible. But how do you get 70,000 Alaskan Mileage points for free?
TPROPHET: The typical way most people get points with Alaska Airlines is by flying Alaska Airlines but there’s tons of other ways that you can get points. These frequent flyer programs partner with banks and Alaska Airlines partners with the Bank of America. The thing with their partnerships is they give you a big bonus to sign up for their credit card. Right now you can get 40,000 Alaska Airlines bonus miles in addition to I think $100 statement credit just for a card sign-up and needing their minimum spend which is I think $2,000.
JACK: That’s $2,000 a year?
TPROPHET: No, it’s just one time.
JACK: Oh, okay.
TPROPHET: So, put everything that you’re gonna buy on a card for any given month on that card and you’ll get one mile per dollar that you spend on the card and then in addition to that, they’ll give you the sign-up bonus.
JACK: Okay, so that’s 40,000?
TPROPHET: Well, you get 40,000 for that card but then the Bank of America has a business card too and I own a rental property so I’m clearly a business owner, so I can sign up for the business card. If I was ever gonna buy anything for the rental property, I could do it on that. That’s another 30,000 points that you get for that card.
JACK: Just signing up, or…?
TPROPHET: Signing up and meeting the minimum spend which is generally minimal, so I had some – I had to genuinely own a rental property. I had some expenses that needed to be paid relative to improvements for that property, so I put all of that on the second card, on the business card, and between the personal card and the business card – and it [00:45:00] wasn’t exactly this but very, very close – I ended up with 70,000 points. So, what did I do? I used my good credit and a little extreme couponing to get all the way to Johannesburg essentially for free. It was maybe $22.00 in taxes.
JACK: Ah, very clever. I love the way hackers think. They’re always trying to figure out new ways to exploit the system. One time in college, we had to buy textbooks for our classes, right? It was like, $100 per book. One of the other guys in my class came to school with a book which said Property of the School Library on it. I asked him, can you actually just borrow a book all semester? He’s like, no, but the late fees for borrowing it only add up to $50, so it’s cheaper to just borrow it and then pay the fee at the end versus buying it. If you’re that kind of person who thinks like this, I got news for you; you have the mentality of how a hacker thinks.
TPROPHET: But that’s Johannesburg, South Africa and you don’t want to hang out there. It’s not a very safe city. I wanted to go onward from there to St. Helena. The way that I did that wasn’t in a first class cabin. You can be strategic about how you mix this up. The way to fly to St. Helena; there’s one airline that goes and it’s called Airlink. They’re a partner of but not owned by South African Airlines and there’s literally no way to book that thing with regular points. The only airline that they partner with where you can use their points is South African and getting South African Voyageur points just means that you have to fly South African Airlines a lot. They don’t have a lot of ways to get those points that are easy. But Chase allows you to spend Ultimate Rewards points through their Expedia portal and you can buy cash flights with that. This flight’s around almost $1,000 from Johannesburg to St. Helena and back but I was able to redeem Chase points at 1.5 cents per point for that flight. So, I went Johannesburg to St. Helena and then St. Helena back to Cape Town since I wanted to return from Cape Town.
JACK: With his flight booked, he set off on his trip. [MUSIC] Yeah, these were long flights, so he did take advantage of those lie-flat seats and fell asleep.
TPROPHET: Oh yeah, like a baby. It’s super nice. They have turndown service, so they give you pajamas; they’re free. Then when you go to – you finish your dinner. They bring out a five-course meal. There’s a menu so they come out just like waiters and they’re like well, sir, these are the options that we have today and just pick anything that you’d like. Then they just bring you a multi-course meal on a linen tablecloth with the whole very intricate china service, with all the different sizes of forks and stuff. It’s super fancy but if you’re a billionaire, you expect this, right? They’re giving you the level of service that hedge fund billionaire managers and celebrities get. That’s what they bring for you. It’s just, they’d really rather people like me not know this is a thing because I was definitely polluting their rarefied atmosphere.
JACK: Okay. So, this sounds too easy; to sign up for two different credit cards, spend money on them, and you’re flying first class with this kind of service. It just sounds too easy. I’m surprised that American – Alaskan Airlines hasn’t realized that how simple it is and said well, you can only pay for half your flight like this or something.
TPROPHET: No, no, no, it’s not easy at all, man, ‘cause you have to find availability and then you have to know how to book this. Alaska doesn’t put Cathay Pacific flights on their website. They’ll never show up if you do a search. You have to call somebody who books them in a different system and then they don’t have a really good way to search with Alaska Airlines, so you have to use the websites of other airlines. Like, the one that I use the most for finding Cathay flights is Qantas. You look for a flight that you could book with Qantas points and those flights are usually available to also book with Alaska points. There’s some rules; it’s like, there’s usually one fewer seat than you see available with Qantas. It’s available to Alaska. Then you have to call and when you get somebody who’s like, dusts off their manual and realizes how to book this thing, then you can get it. But I mean, Cathay doesn’t want to give these away. They only do it to maintain credibility in their program and they especially don’t want to give these seats away to partners, so there was – there will be one day you can go in a given [00:50:00] month and you’ve got to book almost a year in advance to be able to get this so yeah, it’s not easy. In fact…
JACK: Why is it only one day you can go?
TPROPHET: Well, they only release a handful of seats and so you have to find those, jump on them, and book it really early, as soon as it’s available. They release seats to their own Asia Miles members before they release to partners.
JACK: Okay, so this is becoming more complicated just because it’s one of those – you’re not – this isn’t for you kind of service or, you know, airfare. It’s not for you.
TPROPHET: No, it’s not for you. It’s for you if you work really, really hard and really want to be there but yeah, no, it’s not like you can just go get some credit cards. The points guy makes it seem really easy to do that ‘cause they make most of their money with commission links for credit card sign ups, so they’re totally right on the earn side that earning points is relatively easy by signing up for cards and you do need to be strategic how you do it and you definitely don’t ever want to play this game if you’re the kind of person that gets into debt, so you will pay way more in interest to the bank than you ever would save in flights. If you haven’t paid off all your credit cards, if you have any debt at all, this game is not for you. I have a mortgage but that’s it.
But if you’re the kind of person that can pay off your card every month and you can be really strategic about what you sign up for and you can stay on top of these cards and their annual fees and cancel them before the new fees come due, then you can really rack up a lot of points. Just think like a hacker and keep the detailed notes of a freak. That’s basically the plan. Then finding the farers, yeah, it isn’t super easy. You have to know that with Alaska points, you can book a flight on Cathay Pacific over the phone which you found on Qantas’ website. Qantas and Cathay Pacific are not the same airline, so that’s the challenge that you’re up against when you actually want to use these points.
JACK: Do you have to call someone and realize this person’s not gonna help you and try calling another day and try it over and over until you finally find somebody who knows exactly how to get through the Qantas website to find the flight you need?
TPROPHET: We have a word for it; HUACA.
JACK: What is that?
TPROPHET: Hang up and call again.
JACK: Oh, okay.
TPROPHET: There’s a scene of people that are into this kind of stuff, so it’s – yeah, I mean, we have our own words and HUACA’s a word.
JACK: Crazy, huh? Not only is he able to get on free flights but he’s getting on flights that even travel agents don’t know exist. But all these methods and schemes are all legit and legal. The airlines are the ones who set these systems up and while it seems like he’s exploiting the system, he’s really just using it the way it was intended, just kind of in an extreme couponing kind of way. Okay, so let’s say I’m not as exotic as you in trying to go to all these crazy places. Is it just as easy for me to sign up for two credit cards, get those points, and then travel all over the US on just regular class tickets and get tons of free flights that way? Is that as simple as that?
TPROPHET: You can. It’s not the best way to spend the points though because the value that you’re gonna get redeeming points for premium cabin international flights is far and above what you would get by redeeming for, say, a flight to Tulsa, right?
JACK: Ah, yes, there’s this whole theory of how to use your points in the most effective way that comes into play. Just credit card points by themselves are actually worth money. I mean, you can use them to pay off the credit card if you want or get gift cards in stores that you’re already visiting. So you might want to calculate how much you’re getting per point if you book a domestic trip using this.
TPROPHET: Suppose that a 70,000-point flight costs $7,000 normally. Well, that’s around $0.10 per point, right, in value. If the flight was $11,000, it’s even more.
JACK: Alright, so if you bought an $11,000 trip with those 70,000 points, you’re getting $0.15 per point which means the more expensive the trip is, it’s actually a better value as far as where you spend your points. Think about it like this; imagine going to a buffet but you’re charged on how much your food weighs. Well, a potato is pretty heavy versus, say, a salad so you can either have one potato or five giant salads for the same price. So, you could run calculations all day trying to figure out the most cost-effective way to spend your points, but I first laughed at TProphet for wasting money on first class airfare, knowing that it’s just overpriced. But first of all, he got it free. Second of all, flying from San Francisco to Hong Kong is a fourteen-hour flight and Hong Kong to Johannesburg is another thirteen-hour flight. When you’re doing trips that long, it is really nice to have a bed to sleep in on the way. Yeah, I guess I’m just flabbergasted at this point. Gosh, to [00:55:00] understand all this, it’s a little dizzying to know all these options. I think most people don’t even understand all these options exist out there when just – you – when I book a flight, I go to Hipmunk and then I find the cheapest one and I get on it.
TPROPHET: That’s a totally valid approach if travel isn’t a super high priority to you and you don’t want to throw a lot of your personal bandwidth at it. I have a small business helping people book flights and so I just work in these programs every day. I got into owning a business doing this by just doing it with my own personal travel and then it kind of grew into a blog and then it grew into the small business that I have. Clearly, I’ve taken this way farther than most people do and that’s totally okay. The thing to know is that if you want to consume the output of what getting a bunch of points can get you, there are people who for money will help you with this. They’re just professional travel hackers and that is a thing. Totally okay to go that route if you don’t want to learn it all on your own.
JACK: See, I didn’t even know any of this existed until now but as it turns out, TProphet actually started a company which helps people do this and his website is called Award.Cat and there’s another epic trip TProphet went on. In 2019, he went to travel from Seattle to Sri Lanka which is an island off the southern tip of India.
TPROPHET: [MUSIC] I booked Seattle, LA on Alaska first class, Alaska and then this was again using Alaska Mileage Plan miles. That’s my favorite way to get Cathay Pacific. Cathay Pacific first, LA, Hong Kong, and then Cathay Pacific business ‘cause that’s the only cabin they operate from Hong Kong to Sri Lanka.
JACK: Okay, so just regular class to LA?
TPROPHET: No, no, regular first class on Alaska. So like, in the front of the plane.
JACK: Okay, so first class to LA…
TPROPHET: But not a lie-flat seat ‘cause Alaska just has those recliners, right?
JACK: Yeah, it’s just the extra-wide one.
TPROPHET: Yeah, it’s the extra-wide one.
JACK: So, it’s first class there to LA and then…
TPROPHET: Then the fancy Qantas lounge in LA, the Qantas first class lounge. You get lounges too with these tickets. You can be in the very, very fancy lounge.
JACK: What’s in the fancy lounge in LA’s Qantas?
TPROPHET: It’s the best first class lounge in the US. They bring you a proper Australian breakfast which was very much appreciated ‘cause I started way too early in the morning.
JACK: In LA.
TPROPHET: In LA.
TPROPHET: I mean, they’re – yeah, it’s Qantas.
TPROPHET: Yeah, I mean, it’s nice. They have fast WiFi, it’s – they have tableside service. They just kind of bring food to you. You don’t have to go to a buffet or anything. They’re just like – they wait on you hand and foot in there. You get massage chairs. It’s really nice.
JACK: Now, in case you don’t know, in these first class lounges, everything is free. Free WiFi, free buffet with food, free alcoholic drinks. In this one, there was a free massage. That is included with the flight or you have to pay extra for that, or how did you get in there?
TPROPHET: No, it’s included ‘cause you’ve got a first class ticket, so you’ve got all the first class services and amenities including the fancy lounge.
JACK: Yeah, okay, so…
TPROPHET: I could have gone to the Cathay lounge but the Qantas one’s fancier and Cathay and Qantas are partners, so I was able to get into the Qantas lounge.
JACK: Okay, so then you get on your Cathay flight. That’s a first class to Hong Kong.
TPROPHET: Yeah, you know, cru champagne, caviar, the whole nine yards. I don’t eat caviar. Can’t do the fish. But yeah, you get waited on hand and foot, turndown service, everything. It’s super nice. Then in Hong Kong, somebody meets you at the plane and they whisk you through back corridors to your next flight, expedited security, the whole nine yards. You walk off the plane; you’re one of the first people off and there’s somebody holding a sign with your name on it and they’re like, right this way, Mr. TProphet. Yeah, it’s just like boom, they just whisk you to the next gate. Full VIP security treatment, the whole nine yards. You go through a special security. It’s not the normal one. It’s a special one just for you. Yeah, then you’re on – then I was on my next flight to – which was pretty empty – to Sri Lanka.
JACK: But while he was on the trip to Sri Lanka, disaster struck and I don’t mean he lost his baggage or his headphones’ battery went dead. Much worse than that.
HOST: We begin tonight with a horrific scene unfolding overseas. Eight bomb attacks targeting Christians and tourists in Sri Lanka and a ninth bomb targeting police. The series of explosions tearing through churches filled with worshipers attending Easter Mass. More than 200 people killed. Hundreds hurt. Several Americans among the victims.
JACK: He learned about this just before he started the trip so he could have canceled this whole flight but he scheduled this a year in [01:00:00] advance and went through a ton of hoops to make this happen.
TPROPHET: Well, I could have left the airport if I wanted to but there’s – the whole country was on state of emergency curfew lockdown. It’s like, not a – when there’s just been a series of coordinated terrorist attacks in a country, this isn’t a really fun time to be running around being a tourist. You don’t want to do that.
JACK: You booked this whole flight a year in advance?
TPROPHET: Yeah, I booked it almost a year in advance which was why I didn’t want to give it up, why I was like okay, what can I do to go onward from Sri Lanka?
JACK: Yeah, so you – the thing is is that you’re arriving in this place that you don’t want to be in and so you’ve gotta – you’re looking for a flight out but usually you buy a flight a year in advance for the cheapest price.
TPROPHET: Well so, here’s how I did this. SriLankan Airlines is part of oneworld. So is Cathay Pacific, so I looked for how I could get onto SriLankan Airlines onward to somewhere. There were two places I looked at; one was the Maldives and the other was the Seychelles. The thing with the Maldives is it’s really, really expensive once you get there. It’s a place to go for a honeymoon or a babymoon or something. I don’t have any romantic whatever. In fact, I had just been broken up with so I was like, not really in the mood for that. So, I looked at the Seychelles and there’s mid-range places that mostly cater to French people, for some reason. So, that’s fifty, sixty, seventy dollars a night. I thought okay, that’s a little more reasonable. I can do that in a rental car and I’ll be really near these – and the beaches in the Seychelles are all public so even if there’s a really fancy resort there, you can still go to the beach. That’s what I did. I booked a local place which was thoroughly immemorable but it was fine. I booked a local car and I booked SriLankan Airlines to the Seychelles onward from Sri Lanka on an itinerary that all walked.
JACK: [MUSIC] So, to buy that flight to Seychelles was – you used points to get there too or did you have to pay out of pocket?
TPROPHET: Of course. So, I used my favorite friend, British Airways Avios. What I did is I transferred some points from Chase over to British Airways and I used British Airwaves program to book on SriLankan Airlines. I got right up in the front. I got to sit next to the chief engineer which was super fun.
JACK: How long was this flight?
TPROPHET: It’s maybe a four-hour flight.
JACK: Wow, that’s farther than I thought.
TPROPHET: Yeah, it’s not super far. It’s four hours up there. You’re going from Sri Lanka all the way to – off the coast of – it’s actually off the coast of Mogadishu. If you go due west, then you’re in Somalia.
JACK: I think this is an extraordinary skill or knowledge set to have; to first understand what banks and credit card companies offer the most points for using their cards, then to know what airlines these points can be redeemed at, then to know what trips those airlines offer with those points and then to be able to navigate this whole system to make changes so that even if there’s a terrorist attack, you still have a lovely time.
TPROPHET: Yeah, it’s pretty fun. Onward from the Seychelles; so, here’s the thing, coming back, I had a ticket coming back from Sri Lanka and I had to – it wasn’t only getting from Sri Lanka to somewhere else. It was also fixing my return, right, ‘cause I had booked that well in advance as well. It was on Qatar Qsuites.
JACK: Oh, right, so he didn’t go back the way he came. His return trip was to go from Sri Lanka to Doha, Qatar, a country in the Middle East, then take one of those Qsuite flights all the way to Los Angeles back home. These Qsuite seats are amazing.
HOST2: Each spacious seat a private, personal living space, sets a new precedent in comfort. Featuring maximum compatibility for all your devices including HDMI and USB ports. Your seat also comes equipped with ambient adjustable mood lighting and fully lie-flat beds.
JACK: These luxury seats sometimes have multiple TVs in your seat. Qsuites has one TV in your suite, but the thing’s like a 23-inch plasma screen and you get a table next to you to put your laptop on and there’s ports all over the place for laptops or tablets, whatever, which is really nice for a sixteen-hour flight.
TPROPHET: Which are really, really, really hard to book. It’s the best business class in the world. There’s this door that slides shut, you get your own little suite. It’s pretty amazing. I didn’t want to give that up. What I ended up doing was looking and there was availability from the Seychelles up to Doha. What I ended up doing was just throwing myself on the mercy of American Airlines, so I found an itinerary that could work, but normally American charges you a lot of money to change a flight. It’s like, $150 change fee plus the difference in the miles. I called them up and I’m [01:05:00] like um, there were just terrorist attacks in Sri Lanka and I’m not going there anymore. Is there any possible way you’d make an exception and change the return from – to a different city? I know this isn’t in policy but terrorism; a terrorist attack. They’re like yeah, we’ll make a one-time exception because there’s active attacks going on in that country but don’t expect this in the future, blah, blah, blah. They did charge me the difference in miles which was another 5,000 miles, I think.
JACK: He was able to arrange his flight back again using just points, but he couldn’t get the timing just right. His trip was screwed up just a little bit, so he had a fourteen-hour overnight layover in Qatar. One option is just to sleep at the gate in the terminal somewhere. I’ve done this before; in fact, I slept right on the doorway to my gate so that when they open the door and start letting passengers on, they would have to wake me up. But of course, TProphet has a better plan.
TPROPHET: Fun thing; Qatar Airlines, if you have a business class ticket, you can buy up to the first class lounge. The first class lounge has bedrooms. They’re like little hotel rooms. I paid around $70 to get one of those bedrooms and I was able to just sleep overnight in the first class lounge, come out, have a very fancy breakfast in the morning, and then hop my flight back to LA.
JACK: Do you have something booked for the future?
TPROPHET: I do. I’ve got a flight to Uzbekistan, returning from Kazakhstan, and that’s in May.
JACK: So you’re flying to Uzbekistan, then flying to Kazakhstan, then flying back?
TPROPHET: Yeah. It’s a little dicey though ‘cause it’s in May.
JACK: Yeah, that’s a little early.
TPROPHET: It’s from Vancouver, BC ‘cause here in the Pacific Northwest, we have three major airports; Seattle, Portland, and Vancouver, BC. A lot of the time, fairly often I end up flying from Vancouver when I’m going internationally ‘cause it’s just easier to find availability. This is on Turkish from Vancouver to Istanbul and then Istanbul to Tashkent, and then I’m returning from Almaty to Istanbul and Istanbul back to Vancouver.
JACK: These are all first class?
TPROPHET: Business. That’s what Turkish operates. They have the world’s best catering on board. That’s their thing. They’ve got an on-board chef.
TPROPHET: It’s pretty fun.
JACK: Wow. That’s something. So, where do we learn more about how to do this or do you want to talk about how you can help people?
TPROPHET: Sure. You can check Award.Cat and that’s our paid service. If you want to read my blog, it’s kind of out of date but that’s seat31B.com. That’s S-E-A-T 31B like ‘boy’ .com.
JACK: Why is 31B the thing – the seat for you?
TPROPHET: For me – keep in mind, I like this fancy stuff sitting up in front, but for me, remember, my goal is to join the Traveler’s Century Club. I want to visit 100 countries or territories and that’s kind of the track that I’m on right now which means that if I’m going somewhere like Palau and the only seat is the one all the way in the back next to the toilets that doesn’t recline, I am happy to have that seat as long as it’s free.
JACK: These are all legal ways to get free flights. Not only does TProphet follow the letter of the law, but also follows the spirit of the rules. But there are people doing some gray and even black hat travel hacks out there. For instance, there’s this one crazy dude who prints up fake business cards just to get better deals in places.
HACKER: [MUSIC] My business cards are not a hoax, okay? It’s a matter of excellence. If it’s $1,000 a night but Raytheon gets it for $195, I think you’re a schmuck if you don’t become a Raytheon employee through Vistaprint for $4.95.
JACK: Yeah, so he uses a fake business card to sort of prove he works at some place to get a corporate discount. Another thing this guy likes to do is book a refundable ticket which comes with free access to the airport’s first class lounge, and then he’ll go to the lounge all day and do work, and then he’ll cancel his flight and get his money back which essentially gave him free lounge access. What he’s doing is wrong and he knows it. You know what? If airlines figure out that you’re trying to cheat the system, they’ll come at you and cancel your flight. There’s a thing called a contract of carriage which many airlines adopt as their rules. If you break the rules by misrepresenting yourself or just being too much of a pain in the butt, they’ll straight up cancel your return trip home and leave you stranded, so you really got to watch out what advice you follow. Another gray area of getting free flights is this whole credit card juggling thing where you just go back and forth paying off credit cards with credit cards to get free points.
Of course, credit card companies don’t like it and will try to spot this sort of thing. Also, I want to [01:10:00] reiterate this whole method that TProphet uses to get points through credit cards; only try that if you’re good at paying off your credit cards every month. If you have to pay interest fees to get points, it’s never worth the points. This method isn’t for everyone and there’s also black hat methods for free flights. Like, this is when you’re stealing other people’s miles or points and transferring them to your account. Because if you could somehow put 100,000 points into your account, you could fly wherever you wanted for free and you could do this by hacking into someone else’s credit card rewards portal and transferring the points to you or hack into the airlines themselves and just put points into your account. Don’t do that because that’s illegal. But if you’re really bent on hacking an airline to get free flights, there is a legal way to do that. United Airlines has a bug bounty program where they pay rewards for anyone who can find vulnerabilities in their systems. Guess what? They can pay you in rewards points if you prefer. So, go check out their bug bounty program, figure out what’s in scope, and go hack your way to some free trips.
(OUTRO):[OUTRO MUSIC] A big thank you to Alex Hope, AKA Mango PDF for your story. You can find more about Alex at his blog which is mango.pdf.zone. Also, thanks to TProphet for sharing some pretty extreme flight hacking tips with us. You can read his blog at seat31B.com and check out Award.Cat if you want help spending your travel points effectively. If you like this show, if it brings value to you, consider donating to it through Patreon. By directly supporting the show, it really does help keep the show going because most of all, it tells me that you like it and want more of it. Please visit patreon.com/darknetdiaries and consider supporting the show. Thank you. This show is made by me, the low-flier, Jack Rhysider. This episode was produced by the travel-sized Christian Green and our theme music is done by the sonic booming Breakmaster Cylinder. Even though I root around in an HTML ball pit just for fun sometimes, this is Darknet Diaries.
[OUTRO MUSIC ENDS]
[END OF RECORDING]