HN Theater @HNTheaterMonth

He did a Google talk in 2017 https://www.youtube.com/watch?v=vsMydMDi3rI

"For Google's Security and Privacy Month, we are honored to present the real Frank Abagnale, Renowned Cybersecurity And Fraud Prevention Expert, Bestselling Author & Subject of Catch Me If You Can.

His transformation from one of the world’s most notorious con men to an international cybersecurity expert trusted by the FBI has been mythologized in film and literature – but the takeaways he shares are the real deal." ...

Frank Abnagale's Comments on the movie and book (2002) [0]. I don't know if his story is true or not. But regardless of his story, his talk at Google is one of the best ones I've heard [1].

> I was interviewed by the co-writer only about four times. I believe he did a great job of telling the story, but he also over dramatized and exaggerated some of the story. That was his style and what the editor wanted. He always reminded me that he was just telling a story and not writing my biography. This is one of the reasons that from the very beginning, I insisted the publisher put a disclaimer in the book and tapes.

[0] https://www.abagnale.com/comments.htm

[1] https://www.youtube.com/watch?v=vsMydMDi3rI

⬐ OmarShehata

They reference this talk in the article. I also used to think it was an amazing talk...too bad it's almost entirely fiction.

⬐ hcrisp

I read the book when I was younger and later watched the Google talk. I remember thinking as I watched the talk that things just didn't add up. A simple search online could not verify that he had ever worked with the FBI. His answers in the Q&A seemed shallow. He admitted elsewhere that his book is lacking verisimilitude. I was left with the strong feeling that, "He's probably still just pulling a con!"

If I buy coffee, I buy it on a credit card. Every daily purchase uses a credit card. Why? I want a buffer between me and the purchaser. I don't want them to be able to take money from my bank.

https://youtu.be/vsMydMDi3rI?t=2595

Now, if I shop online, I used to put it on a credit card. Now I generate a virtual debit card using an online service and pay with that. The logic is the same.

⬐ anyfoo

That is actually the one thing I grant credit cards to be superior in. Back before I moved here, I was traveling with friends to the US. We knew credit cards were prevalent in the US, so I got a "normal" credit card from my bank, and one of my friends got a debit type credit card.

We later got some fraudulent charges on it, which got resolved for either of us, but for me the money was never gone (I had not paid the bill yet), while for my friend it took a while to get the money back on their account.

Another fun difference: When during our trip, waiters and cashiers would not just take the credit card, but walk away with it, we were horrified. In Germany, you never give your card away to anyone. You stick it in a terminal and type in your PIN.

⬐ throwawayboise

Yes, the European/Canadian way to do credit cards at a restaurant is nice. The card never leaves your posession. I wish that would get adopted here, but restaurants will resist having to buy the handheld devices. I like restaurants where you get the bill at the table but pay at a desk near the front door, avoiding the problem of handing your card to the waiter.

⬐ drdec

Many "family" restaurants in the in my area of the US have tablets at the table which allows you to pay your bill when you are ready to leave with a credit/debit card with no interaction with the server required.

Family restaurant means a chain like Applebees for those unfamiliar with the term.

The tablets are also a revenue-generating device as you can play games on them for a fee. They also have surveys so you can give feedback on the service, this has become somewhat controversial (see https://www.eater.com/2018/6/22/17492528/tablets-restaurants...).

⬐ wholinator2

Yes, I believe ive seen those terminals at applebees and chili's

⬐ setr

> That is actually the one thing I grant credit cards to be superior in

I mean, it’s basically their only purpose in life (if you use it for the other purpose to purchase things ahead of your paycheck, that you don’t have the cash for already, you’re going to get yourself in trouble — 20% interest _hurts_)

⬐ Semaphor

> I mean, it’s basically their only purpose in life

Cash back/miles is another one.

⬐ skeletal88

Does not exist in europe, because they come from insane fees charged from merchants and the fees are regulated here to be lower than in the us.

⬐ maccard

Amex offers 1.25% cashback, and they also have rewards cards that provide "points" which are redeemable on most major airline/hotel rewards programs. In practice Amex is almost universally accepted (I make 1-2 transactions a month that aren't on my Amex, but almost never a big ticket purchase).

For the cases that amex isn't accepted, all the major airline groups have a rewards card too (although BA's is an Amex), and most of the supermarkets have cashback cards in the 0.75-1% range.

⬐ Semaphor

Yup. I’m in Germany and I get cash back points on my Amex. Same experience that it’s very rare not being able to use it, I carry a Mastercard for that case.

This is an interesting talk by Frank Abagnale (the real life person the story was based on) at Google.

https://www.youtube.com/watch?v=vsMydMDi3rI

Here is an FBI employee explaining the difference between the two when a breach happens: https://youtu.be/vsMydMDi3rI?t=2737

A more general article: https://www.investopedia.com/articles/personal-finance/05021...

⬐ fomine3

OP said "debit credit cards" (not debit cards) and 22%. What's it?

Frank Abagnale has worked for the FBI for 40 years now. He still has an Ego, but he has turned down several offers of pardons for his past crimes and is now very much on the light side of the force.

https://youtu.be/vsMydMDi3rI

Obligatory link [0] to his amazing talk at Google a while back.

[0]: https://www.youtube.com/watch?v=vsMydMDi3rI

⬐ slumdev

He's delivered that talk at many different companies. I had the opportunity to see it last year. I was surprised at how consistent his word choice and cadence were between the two instances of the talk.

⬐ agumonkey

Somehow I am not surprised by him liking precision

⬐ cpuguy83

A good presentation is rarely unrehearsed.

⬐ dredmorbius

Very common in public speakers.

YouTube often offers the opportunity to catch different stops on speaking tours.

Talking heads in multiple TV soundbites, or candidates in stump speeches as well.

⬐ pottertheotter

It's the same with podcasts when someone comes out with a new book.

FWIW, Frank Abagnale Jr (the guy depicted in the movie "Catch Me If You Can") was asked whether he thought it'd be harder for him to do what he did with technology as it is today. https://www.youtube.com/watch?v=vsMydMDi3rI

He suggested that technology makes it easier for the fraudster to come up with the right details, whereas he often had to bluff when he was defrauding people.

very sorry to hear that. Debit cards are convenient etc, but they don't offer much in terms of fraud protection. The general suggestion is to always use a credit card instead so that you don't expose your own money to theft, but the bank's.

This is among the most important learnings you can get from Frank Abagnale's talk at Google (https://www.youtube.com/watch?v=vsMydMDi3rI)

Offtopic, Frank Abnegale ( Catch me if you can fame ) also says the same thing in his [1] lecture at Google. The whole lecture is also pretty interesting.

One of the best google talks I have seen.

[1]: https://www.youtube.com/watch?v=vsMydMDi3rI&t=3264s

He did a talk at Google where he asserted basically the same thing: https://www.youtube.com/watch?v=vsMydMDi3rI

Great talk by the way, he's an incredibly charismatic and well spoken story teller, also a consultant for the FBI and a successful businessman - which makes you think about just how important likability and charisma are both to being a successful social engineer and being successful in-general. People will let you stray pretty far from reality if they like you - Holmes, Abagnale, and apparently Troy Woody (at least to this poor girl). Eventually reality catches up, one way or another.

Technically not a tech talk but since it was at Talks at Google, this one: Frank Abagnale: "Catch Me If You Can" | Talks at Google - YouTube

https://www.youtube.com/watch?v=vsMydMDi3rI

Talk Frank Abagnale gave about his life

https://youtu.be/vsMydMDi3rI

Frank Abagnale's ("Catch Me If You Can" protagonist) take on divorce gives some insight into his life story [1], and is an interesting counterpoint. A transcript for those who hate watching videos. The transcript starts from the link and transcribes 132 seconds of his speech, up to the 23:57 mark.

--- BGN --- I was one of those few children that got to grow up in the world with a daddy. Now, the world is full of fathers. But there are very few men worthy of being called daddy by their child. I had a daddy; loved his children more than he loved life itself. Steven Spielberg told Barbara Walters the more I've researched Frank's youth, without having met Frank, I couldn't help but put his father in the film through the likes of Christopher Walken.

My father was a man who had four children---three boys and a daughter. Every night at bedtime, he'd walk into your room. He was 6'3". He would drop down on one knee, kiss you on the cheek, pull the cover up, and he'd put his lip up on your earlobe. And he'd whisper deep into your ear, "I love you. I love you very much."

He never, ever, missed a night.

As I grew older, I sometimes fell asleep before he got home. But I always woke up the next morning, knew he had been at my bedside.

Years later, my older brother joined me in my room, temporarily; he was in the Marine Corps. He was 6'4". He played semi-pro football for Buffalo. But my father would walk around to his bed, hug him, kiss him, whisper in his hear he loved him.

When I was 16 years old, I was just a child. All 16 year olds are just children. Much as we'd like them to be adults, they're just children. And like all children, they need their mother, and they need their father. All children need their mother and father. All children are entitled to their mother, and their father. And though it is not popular to say so, divorce is a very devastating thing for a child to deal with, and then have to deal with the rest of their natural life.

For me, a complete stranger, a judge, told me I had to choose one parent over the other. That was a choice a 16 year old boy could not make. So I ran. How could I tell you my life was glamorous? I cried myself to sleep 'til I was 19 years old. I spent every birthday, Christmas, Mother's Day, Father's Day in a hotel room somewhere in the world where people didn't speak my language. --- END ---

[1] https://www.youtube.com/watch?v=vsMydMDi3rI&feature=youtu.be...

Seems like you did the right thing: https://youtu.be/vsMydMDi3rI?t=2397

* not in current use according to Equifax. I'm hesitant to take their word at face value, as they've tried to mitigate the entire situation via PR already and claim many users [who were affected] were not affected. However the site was still live, and exposed to the public web. It's only unrelated to the specific event in the United States, but clearly indicative of a pattern of negligence.

I also wanted to add that the software in question that was compromised was a free and open source solution[0], not some top-dollar security program. And it was breached by relative simple XSS attack that even may have been carried out automatically. Beyond that it could just as likely have been a script kiddie who caught wind of the vulnerability on a message board somewhere and went hunting. I wouldn't call that highly sophisticated. XSS protection is the very baseline of internet data security...

I'd also like to point to a video posted by another user upthread (willfarvar):

https://www.youtube.com/watch?v=vsMydMDi3rI

FBI's Frank Abagnale speaks to the Equifax breach at ~37m (as willfarvar says, though, the entire video/talk is great)

---

[0] https://struts.apache.org/announce.html#a20170707

⬐ g051051

> I'm hesitant to take their word at face value

Can you document a lie they've told?

> as they've tried to mitigate the entire situation via PR already

Of course, any company would do the same. But did they lie?

> claim many users [who were affected] were not affected.

Can you back up this claim? They claim 147 million potentially affected...and you think that was under representing it?

> I also wanted to add that the software in question that was compromised was a free and open source solution[0], not some top-dollar security program.

The code in question is heavily used in the industry, from the highly respected Apache Foundation. I.E. it wasn't some college project they found on github. Many other companies were affected by this vulnerability...they just either did a better job of patching it or weren't sufficiently interesting targets to make it worth going after. Or didn't report it...

As far as the sophistication, you should read this: https://www.bloomberg.com/news/features/2017-09-29/the-equif...

Assuming you trust Bloomberg, they report that there was an initial intrusion that didn't get anywhere, but appeared to get handed off to a much more sophisticated team that did the real breach.

Re: Frank Abagnale...he's exactly right on one point. The breach was tracked back to an employee who failed to follow the procedures and left a system vulnerable. In my view, the real problem is that their procedures were brittle enough that one person failing to do their part was enough to leave them vulnerable. Not enough redundancy. Even that isn't enough for perfect security, but having multiple people required to certify something like this would greatly reduce the odds of a breach.

However, his claim of negligence is complete bunk and supposition on his part. Equifax followed their procedures...they received the vulnerability report, processed it, applied patches, and ran scans to verify. However, one employee failed to do as required, and the scans were faulty and they didn't know. How is that negligence? It's a broken process, for sure, and they didn't have the ability to detect that it had failed. But negligence would be if they knew about the vulnerability and ignored it, and it's simply not true.

⬐ 52-6F-62

I didn't claim they lied. As far as the sophistication, it was the critical lapse in maintaining the front-line defenses that is at the root of the problem. Without entering through the front door, any attacker would have had a monumentally more difficult time installing any kind of back door access, let alone a series of shells as redundancies. Keeping the logs clean probably kept them nearly invisible for all that time to be able to pass off or sell off the access to a more capable group.

Negligence in their case is evidenced in the larger picture. One isolated incident can be just a dramatically terrible mistake. When there are obvious and foolish mistakes being made when the stakes are millions of peoples' personal and irreplaceable identification, then I think negligence is a fair term.

Re: not telling users they were affected https://www.marketwatch.com/story/after-huge-data-breach-equ...

Re: continued negligence in the response https://www.wired.com/story/equifax-breach-response/

Re: signalling of Equifax's possible intentions through the fallout https://techcrunch.com/2017/09/08/psa-no-matter-what-you-wri...

⬐ g051051

> I didn't claim they lied.

Then why did you say you were "hesitant to take their word at face value"?

> Without entering through the front door, any attacker would have had a monumentally more difficult time installing any kind of back door access.

Again, read the Bloomberg article for more details...your version doesn't match the facts as reported.

> When there are obvious and foolish mistakes being made when the stakes are millions of peoples' personal and irreplaceable identification, then I think negligence is a fair term.

What "obvious and foolish mistakes"? A single failure to patch a single vulnerability? Equifax receives a vulnerability report. They do their process to apply the fix. They get the messages back from the project teams that it's done. They run the scan to verify, and it comes back green. Where's the negligence? I know the process didn't work, but that's a hindsight thing...how can you tell something like that is broken unless it breaks?

> Re: not telling users they were affected

Per the article, they weren't "not telling people" as in, withholding information. The messaging was poor, but they weren't intentionally misleading anyone.

> Re: continued negligence in the response

Incompetent, maybe. But that article doesn't reference any negligent behavior.

> Re: signalling of Equifax's possible intentions through the fallout

And idiot opinion piece with no basis in fact. It's clear that none of the B.S. predicted there has come true in the 4 months since it was written.

I bumped into this talk today: Frank Abagnale: "Catch Me If You Can" https://www.youtube.com/watch?v=vsMydMDi3rI

He became an FBI agent and works with data breaches. So after entertainingly describing his life story he does mention the Equifax breach at the 37m mark.

He paints a very negative picture of Equifax.

Its well worth watching the whole thing, and not just skipping to his FBI Agent opinion of Equifax.

⬐ sharpercoder

A great story. What I do not understand (I am a European) is that he uses a credit card, but not a credit card. I just did an AirBnB and I was prohibited by the system to use my debit card. I was outraged. I still am. I had to buy a separate debit-credit-card to be able to use AirBnB services. AirBnB supports iDeal (Dutch payment system), but only for bookings >6 days.

From my point of view, using a debit card is far superior to using a credit card. Why would I want to debt myself to pay stuff? I have enough on my account to pay for a mere AirBnB. I don't want to indebt myself. yet, there is a system which forces me to.

⬐ gvb

His recommendation is based on the USA consumer protection laws so it may or may not apply in other countries.

For credit cards, US law limits your personal liability to $50 (typically $0). "Under the FCBA, your liability for unauthorized use of your credit card tops out at $50. However, if you report the loss before your credit card is used, the FCBA says you are not responsible for any charges you didn’t authorize. If your credit card number is stolen, but not the card, you are not liable for unauthorized use."[1]

If you contest a charge, you are NOT required to pay that amount until the matter is resolved. Resolving it typically takes two or more months, but it isn't your problem and doesn't affect your life during this period. If it is resolved in your favor, dealing with the loss/recovery/reversal is not your problem, it is like it never happened (for you). The bar you need to achieve to show a charge was fraudulent is pretty low - typically a phone call to challenge the charge and a followup letter with a statement and any documentation available (as simple as stating you did not order/receive the goods shown or the goods were damaged).

Debit cards typically have limits to liability, but the stolen money is not restored until the matter is resolved. It typically is a LOT more work and can be several months to get the card issuer to make you whole again. Also, with a debit card, the theoretical limit of what the thieves can take is ALL the money in your bank account (and more with overdrafts). The bills don't stop while you are unwinding the mess and your money is unavailable... You can end up in a big hole; restoration of original funds that were stolen does not make you whole because of the "knock-on" charges and losses while your money was unavailable.

[1] https://www.consumer.ftc.gov/articles/0213-lost-or-stolen-cr...

⬐ girvo

In Australia, my debit card was stolen. My bank worked out this fact before I did, and sent me a text message. The charges were reversed within 3 days.

⬐ gregmac

You're still without that money for three days, instead of zero days. Credit cards act like a buffer to your real money, so disputed transactions have no real effect on you.

⬐ bkor

Debit cards costs less money to shops and so on (transaction cost). Maestro system is way cheaper than anything else.

Credit cards are annoying that your balance isn't updated immediately, they're much more costly to operate, more fraud tolerant (just need to copy the numbers) while the benefit only applies to US and maybe a few others. Meaning, any bank here will pay you back regarding debit card fraud similar to the other response.

Credit/debit cards; it's weird that having such a card results in so many differences other than paying on credit/debit.

⬐ ec109685

You can immediately pay off your credit card balance if you so desire and credit cards (at least American ones) don't charge interest initially. So if you automatically have your credit card debit from your checking account each month there is literally no cost to you to use a credit card and only upside.

The merchant is already pricing in credit card fees into their prices, so you should go with the payment instrument that provides you the best protection and other perks — otherwise you are leaving value on the table.

⬐ dagw

there is literally no cost to you to use a credit card

I don't know what it's like in the US, but at least in Sweden basically all credit cards have an annual fee.

⬐ shoover

Mostly no annual fee in the US, or if there is a fee you are getting some worthwhile rewards or benefits out of the deal.

⬐ letsgetphysITal

I use a Revolut card for this purpose. Pre-pay the card, pay the amount required. Also benefit from interbank rates for foreign transactions. Also means that if the card details are stolen from the merchant or processor, or are stolen in transit, all they have is a prepay account number with a $0 balance 99.999% of the time. If they get my checking account debit card number, they could easily take dozens of dollars on any given day. Dozens!

⬐ barrkel

Because the risk of being out of pocket for a period of time is higher with debit cards than credit cards.

If you just think of your credit card as a delayed bill, where you can quibble over charges trivially, they're not like debt at all. Always pay off in full every month, automatically.

⬐ zaarn

Prepaid Credit Cards are also usually poorly supported and may get your account locked up (tried to signup for Mailgun).

Which I find a bit weird, a Prepaid Card is my safest option considering I have no want for a Credit Card at all. I pay my bills immediately or as early as possible, I don't even like ongoing costs and I try to buffer then into yearly payments if possible (which usually also means you get stuff cheaper)

⬐ shoover

It’s all about putting fraud liability completely on the bank and not on yourself for the duration of an investigation. And building credit.

⬐ abritinthebay

From a general point of view: using a credit card responsibly will improve your credit rating.

A debit card won’t.

I had to explain this to a school friend recently as he has never owned a credit card and avoids loans - preferring to save first, then spend.

When it came time to get a mortgage he couldn’t get good rates - or a large enough loan - as his credit history was so lacking.

He was infuriated but I pointed out to him that it makes sense from a lenders point of view: they gave no record of him being able to manage debt responsibly.

So that’s one reason to use a credit card, though likely not any reason Frank would suggest (he’s going with their better protection and coverage)

⬐ skrebbel

In other words, American banks extort their customers to go into debt with them early and often.

⬐ B0btheBuilder

To be fair, you can pay off the full amount of your credit card every month and never have to pay interest. A common misconception is the idea that you have to pay interest to build credit.

⬐ abritinthebay

Er.. no. Credit ratings are basically a giant risk assessment.

The more you demonstrate your ability to manage debt (and you can do that by simply paying off your card every couple of weeks) the better you demonstrate your ability to do so. More data points, so to speak.

Of course if you can't manage that then that's data too.

⬐ barrkel

Credit cards are more like a delayed bill than debt, if you pay off the amount in full every month (and I don't know why you wouldn't, credit cards are a poor way to borrow money).

⬐ ryanwaggoner

And yet, most credit card users do NOT pay off the amount in full. Why do you think banks push these cards so hard?

⬐ abritinthebay

And that means that they, in turn, could be a credit risk. Which is what was being talked about.

Although it has to be said a running balance is not actually a direct credit risk. It doesn't make financial sense, as you're racking up interest fees, but if you are safely managing your payments (no late ones) and your credit usage (a percentage of what your total available credit lines are) then it's not a bad thing for your credit score.

Not that I would recommend it of course.

⬐ barrkel

Don't they? Everyone I know does, who I've talked to about it.

Seems a bit like Trump supporters.

⬐ dragonwriter

A delayed bill is a debt, so it's impossible for something to be more like a delayed bill than debt.

They are also often the best method consumers have to borrow money for many purposes.

⬐ barrkel

A debt has interest; a delayed bill doesn't. An interest-free loan is literally free money (the difference between net present value of future repayments and current value, which will be higher); I always take 0% finance if it's on offer.

(The only exception would be in a deflationary environment.)

⬐ fatjokes

> So that’s one reason to use a credit card, though likely not any reason Frank would suggest (he’s going with their better protection and coverage)

He does mention it: by giving his sons a credit card, one benefit is that when they graduate college, Frank has essentially built their credit for them.

⬐ burntrelish1273

Credit cards have consumer protections and dispute resolution processes like chargebacks. Debit cards often have nearly zero recourse for disputes. Why would you want to lose all protections for the less important temporary debt that you can pay at the end of the month? It seems like you're optimizing for the wrong things.

⬐ crististm

Apparently, this is the system favoured in US: make people depend on credit and add protections to offset the negatives that you mentioned.

End result: http://www.usdebtclock.org/

⬐ ryanwaggoner

The US national debt has nothing to do with credit card debt.

⬐ crististm

Can you really say "nothing" with a straight face?

⬐ drspacemonkey

To my knowledge, it's because if somebody steals money off your debit card, they've stolen YOUR money. You gotta fight with the bank to get it back.

But thanks to consumer protection laws, if somebody steals money off your credit card, they've stolen the BANK'S money. It's up to the bank to get it back.

⬐ tyingq

They've stolen the merchant's money if it was an online transaction. Bank only takes the fall for card-present transactions.

⬐ sitepodmatt

I dont think that's true with vBv and Securecode - I believe that indemnifies the merchant of stolen scenario if enabled, at least in Europe.

⬐ gvb

The key is that it's somebody else's problem, not yours.

⬐ tyingq

Sure. As a merchant myself, though, I cringe at generalizations that the bank eats the cost.

Personally, I think they should, because they have access to the aggregate data that could prevent more of it.

Because they take no hit for online fraud, however, they do almost nothing to make things better.

⬐ icebraining

Well, they implemented 3D Secure. I've had to use it quite a few times for online purchases this year (I use an European CC, if that makes a difference).

Although apparently it's a crappy protocol and it's used to shift liability to customers[1], so yeah, they could do better.

[1] http://www.cl.cam.ac.uk/~rja14/Papers/fc10vbvsecurecode.pdf

⬐ tyingq

Verified by visa (and similar) in the US just never took off. You have to implement it as optional, as most consumers have no idea what it is. So very, very, few people use it if you turn it on.

⬐ Daviey

"I don't often talk about my life, but $company has asked me to"

The talk seems identical to one he gave at Fed Talks 2013, and probably a bunch of other venues:

https://www.youtube.com/watch?v=iJIc16aqpO8

It is a well practiced speech he gives.

⬐ TazeTSchnitzel

He's given it several times for sure. I guess he's saying he's more frequently talking about other things? Talking about his life story isn't his actual job.

⬐ fatjokes

> It is a well practiced speech he gives.

You can tell he pretty much has it memorized. Still a great story.

⬐ Daviey

Yeah! I didn't mean to imply I thought it wasn't. :)

⬐ akhilcacharya

I had never seen him give a talk before - is this one of his first that's publicly available? He's a phenomenal storyteller.

⬐ shoover

That’s what I was thinking. It’s also great PR for the FBI to demonstrate competence and an optimistic outlook in a time when DOJ is taking hits from the executive branch and the rank and file get no public defense from the AG.

⬐ None

None

⬐ briankelly

He spoke at my University and mentioned that he does talks regularly now - not sure if any other are recorded though.

⬐ giosch

Talks yes, telling his own story I don't think so. He specifically say that he rarely tells his story at the beginning of this.

⬐ Daviey

See the link in my top level comment, he has had this recorded before.

⬐ syotos2

If you click around on youtube you can find multiple versions of this talk : https://www.youtube.com/watch?v=x0fEA0MsiV8 , https://www.youtube.com/watch?v=0X-LlwupIqc which are almost identical, though in the google version there is a part about him "being" a doctor missing which is in some other versions i have found. Even the answers to some off the questions are almost identical

⬐ briankelly

Well specifically he gave his own story at said talk - it did not seem like a rare thing.

⬐ maxxxxx

Given his history I would expect him to be an extremely charming and charismatic person.

⬐ rev_null

Coincidentally, Catch Me If You Can was showing at the Brattle Theater in Cambridge, MA tonight. It was part of Hanksgiving (Tom Hanks series).

⬐ shoover

He draws interesting lessons from his life that you don’t hear all the time from famous people. One example is the ultimate priority of family responsibilities over money, skills, work, etc. He comes out strongly against divorce due to the lifelong effect on kids (which I think undercuts his point that his own father loved his children more than anything—he may have never missed a bedtime kiss, but he still let his kid be put in that horrific position at the courthouse).

Secondly, his admission that he did not see the light or get rehabilitated in prison but found purpose in family and work afterward is worthy of highlighting given the mandate for US politicians to be tough on crime.

⬐ dannylandau

The book is wonderful as well.

⬐ shoover

I first heard of Frank Abagnale when adjunct professor Edward Amoroso told my information security class at Stevens that Catch Me If You Can was the best book he ever read. A few weeks later he jokingly berated the class when a quick poll showed no one had yet read it. “I said it’s the best book I ever read and no one reads it?!”

I had queued it and later read it. I couldn’t agree it was the best I ever read but I did thoroughly enjoy it. Incidentally Amoroso was the most compelling speaker of all my professors at Stevens. It was a shame he only taught the one course.

⬐ hudibras

I picked the book up for a dollar at a used bookstore, not expecting much. I then proceeded to tear through it in less than a day. It's a phenomenal story. The book includes everything in the movie, of course, plus a lot of fine details of how he pulled off his scams (I think a lot of HN users would like these; very hacker-like), PLUS an extraordinary section expanding on his time in French and Swedish prisons. The French prison is mentioned in the movie, but they, if anything, downplayed what it was like.

I've since learned that maybe much of it was embellished, but I still recommend it.

BONUS Frank Abagnale story-slash-rumor: I heard from a friend of a friend that, soon after the movie came out, Courtney Love was tripping out on "something" and started screaming that she needed to speak with Frank Abagnale--somebody who she had never spoken to nor had ever mentioned before. Her agent called somebody, who called somebody else, who called somebody else, and within 30 minutes Frank was on the phone having a long conversation with Courtney, calming her down. No real point to this story, other than it's neat how the six-degrees-of-separation works in show business circles.

⬐ jstanley

Some of his closing remarks about the future of technology are hard to believe. I highly doubt passwords will entirely disappear in favour of "Trusona". I personally will not be submitting to any authentication scheme that can "100% identify the person remotely". It sounds like a bigger vulnerability than the one it solves.

I also find it hard to believe that the FBI can remotely disable a car's engine in the general case. I drive a car which has no ECU. And even cars which do have ECUs don't all have the ability for the ECU to receive radio signals. And even cars that do have the ability to control the ECU with radio signals probably aren't all vulnerable.

Edit: but, aside from that, I thoroughly enjoyed the talk. I intend to watch the film.