Authors: Allen Wong
One of the major differences between humans and animals is that we can share knowledge easily and learn things faster than animals can. Why should we throw this talent away? Educate yourself beyond what is expected of you, and you will be rewarded in the long run.
“Continuous effort - not strength or intelligence - is the key to unlocking our potential.”
– Winston Churchill
8
Ugly World
From all of the bullies and gangsters at my school, I already knew how ugly the world was out there. It was pretty much a dog eat dog world. It seemed like almost every day there was someone trying to scam you.
I was even scammed by an older classmate when I was in the first grade. Back then, I used to make and sell paper ninja stars for a dime each. None of my classmates knew how to make them, but they thought the ninja stars were the coolest things they’ve ever seen. One day, a classmate who was a year older than us told me that he would pay 50 cents for each of my ninja stars. But he said that I’d have to let him try out my paper ninja stars at home first before he would pay me the next day. So he took my whole box of a dozen or so ninja stars with him home. He ended up never paying for them. When I asked him about the money, he would always find an excuse to explain why he didn’t have it. I trusted him, because I was gullible at that age. My brother had to explain to me later on that I’d just been scammed.
And when I got on the internet, there were even more scams. I had my first major experience with an online scam back when I was a teenager. It involved a web-based game called Neopets®.
One of the biggest crazes during my time in high school was online multiplayer games. Neopets became very popular at my school. You basically control a virtual pet, and you must play Flash games to gain money to buy food and clothes for your pet. There was even a store interface that you could set up to sell your in-game items for in-game currency. It was through these customizable stores that people were scamming victims.
Lifehack #15: Use social engineering to get what you want.
The creators of Neopets were ignorant enough to allow HTML tags for your store. They even allowed you to add custom cascading style-sheets (CSS). So scammers of the game would sell high-valued items at low prices to attract unsuspecting victims to their Neopets store. But they also hid their actual store using CSS, and created a fake store made out of HTML. If you clicked on the fake store item in an attempt to try to buy it, you were taken to an external website that resembled the login page for the Neopets website. After the victim enters his username and password into the fake login page, the scammer can use that info to log into the victim’s account.
The whole setup is what computer security professionals called ‘Phishing’. It is a play on the word ‘fishing’, because the whole setup resembles a person laying out bait and fishing for what he wants (and in this case, Neopets accounts). What the Neopets scammer would do next was log into the victim’s account, buy cheap items from his own account’s store at ridiculously high prices, and then create a fake shop for the victim’s account to reel in even more victims. This allowed the scammer to transfer a lot of in-game currency from the victim’s account to his own account. The whole setup could be repeated over and over again with increasingly higher success rates as more and more fake shops were being set up.
The hack was pretty interesting to me because it was more of a social engineering hack than a computer hack. It relied more on the hacker’s ability to deceive the human mind rather than his ability to find vulnerabilities in a programmer’s code. I studied this type of social engineering extensively and mastered it myself. The ability to convince a massive number of people to do what you want without them knowing that they are being manipulated proved to be quite useful later on. It was actually a lot like how chess players tried to convince their opponents to move their pieces in a certain way without them knowing that they were being influenced into doing so.
The 1% Rule
I never fell for these scams, but I learned that there were many naïve people out there who would. That gave me the confidence to believe that given a large enough sample size, there was bound to be someone who would do what you wanted him to do. I called it the 1% rule.
The 1% rule is simply my theory that about 1% or more of people in a large enough sample size will do exactly the opposite of what everyone else is doing. Take movie ratings for example. Even if a movie is universally praised by a majority of critics, there will always be a few reviews that say that the movie is horrible. And you can even see this 1% rule occur during the U.S. elections. While a majority of people vote for either Democrats or Republicans, there’s always that small percentage of people who votes for a third party. Even though the odds are very stacked against them for the third candidate to win the election, they still use their vote to vote for that third candidate.
App development tip #2: Position your ads carefully.
You can actually make money off of this rule. By placing banner advertisements in strategic locations on your website, you can get ad revenue when 1% of the people clicks on the banner advertisements.
The best location I found on a mobile website is a banner at the very top of the page. When I ran my company’s regoapps.com website with just a few banner ads at the bottom, the ad revenue was not that great. But when I added a banner to the very top, my ad revenue more than doubled. I verified this strategy when I made the same changes to the mobile website of a photo-sharing company that I co-owned. The changes doubled the ad revenue overnight.
On a mobile app, I found that the best location is at the very bottom of the app. Sometimes people need to reach the very top of their phone’s screen with their thumbs while they are holding their phone. The bulging flesh at the bottom of their thumbs tends to touch the bottom-right of the screen when they reach for the top of the screen with their thumb (or bottom-left corner if they are holding it with their left hand).
Another trick I learned to double the ad revenue on the mobile ads was to put a “close” or “hide” button on the top-right of the ad banner. You should not be covering the ad itself or else you’d be violating some ad network policies. But it should be small enough and close enough to the banner to cause users to accidentally tap the banner ads. But be careful when you use this method, as Google does not like it when their banner ads are tapped by accident. In fact, they would ban you or your company for life if there are too many accidental clicks to their banner ads. And if you try to appeal it, they will just give you a robotic answer denying your request for a second chance. That’s why I would avoid using Google’s ad networks if you want to employ this trick.
One of the other tricks I learned is to become an affiliate for iTunes®, Amazon® and other websites. For those who don’t know, affiliate marketing is where a company pays you commission for helping them sell their products. You can make extra revenue just by putting links to the company’s products on your website or app. As long as people are clicking on the link, there is bound to be a percentage of people who will then proceed to buy something. And for each sale, you earn a percent of the purchase price. I’ve been making a lot of money from the affiliate links that I put on my website and my apps, so I can tell you that it’s worth it. It’s not so much that it is giving me millions of dollars, but it’s a decent amount of money that will make it worth your while. That’s in stark contrast to zero affiliate revenue if I haven’t put those links in. And there is very little work in putting a link on your website or app.
Affiliate marketing is something that a lot of those “make money online” e-books teach you to do. However, there is not really much secret magic behind it, and it will not make you rich quickly (unless your website or app gets millions upon millions of visitor hits). Just do your research on where to sign up for affiliate links, and there, they will give you instructions on how to link to certain products with your affiliate link. So if your website is related to jazz music, you may want to link to some jazz songs. And if your website is related to apps, then you may want to link to some apps. This is what is called ‘targeted advertising’, because you’re giving your target audience certain advertisements based on what they enjoy. Even if you link to your apps on iTunes, you can earn commission off those sales. That way, you’d really be earning 75% of the sale instead of the usual 70% that Apple gives you.
That’s pretty much all you need to know about affiliate marketing. A more detailed analysis on affiliate marketing could found by searching on your favorite search engine for more information. Keep in mind that most educational material can be found for free online these days, so dishing out money is not required. The people hawking those “get rich from working at home” e-books are really just making the majority of their income from the e-book sales, and not really from their affiliate marketing tricks. If a person has a good strategy, then that person would more likely spend his or her time trying to grow that method of making money instead of trying to share it with other people.
9
College
For college, I chose to attend UCLA (University of California, Los Angeles) and majored in Computer Science and Engineering. I had always wanted to live in Los Angeles after having been there for a few months when I was younger. The weather was great, the restaurants were world-renowned, and the people were laid back. The other top colleges were in the middle of nowhere, and just studying all day didn’t seem like my ideal college experience.
I’d also be lying if I said that the vast number of beautiful girls at UCLA wasn’t a major selling point for me and my hormonal self. My brother, who got his B.S. from Carnegie Mellon University (CMU), told me that I shouldn’t expect to meet a lot of girls at CMU if I chose to go there. It was ranked as the number one computer science school, but the male to female ratio there was three to two. That wasn’t very appealing.
But besides the allure of attractive girls, UCLA was the birthplace of the internet and one of the top computer science schools in the world. Some of UCLA’s course material was taken straight from Massachusetts Institute of Technology’s open-course material. So, the things that I was learning at UCLA were similar to the things I would have learned at M.I.T. I figured that if there was anything else I wanted to learn, I could have learned it on my own.
By having less competition in my classes, I was able to spend more time self-educating myself rather than studying material that I would probably never use in a real-life career. For example, since the many years that I’ve graduated from UCLA, I have never been required to flip through my advanced calculus notes to figure out how to deal with a real-world problem. Perhaps if I was in a career where advanced calculus was needed, then I would probably be glad that I learned it. But, college tends to teach more than you need to know (presumably to milk as much tuition out of you as possible). They, of course, would call it expanding your general knowledge of the world. I would call it a waste of my time and money. Luckily, UCLA was a public school and a relaxing one, so my wasted time and money was minimized. This opened up the opportunity for me
to start my hobby of online game hacking.
Online Game Hacking
During my freshmen year in college, there was a Korean game called GunBound
®
that grew popular among Asian-Americans. GunBound was a free online multiplayer game, where you choose a tank and fight against other people in teams of four. Every player takes turns trying to destroy the tanks on the other team. You earned in-game gold for every kill and win you got, and you could power up your character by buying equipment using the in-game gold.
My best friend and I were late adopters to the game, so we were constantly being crushed by my friends from high school, because they had better equipment. She and I worked really hard to earn the gold to catch up to our friends. But each time we tried to catch up, they would progress more in the game as well.
This was around the time when I started learning how to read and modify assembly language (ASM), which is a low-level programming code where each statement corresponds to machine code. Machine code is the actual set of instructions that you give a CPU to do the task given. In comparison, C++ and Java are high-level programming languages that convert your simple statements into complex machine code. But coding in assembly language meant that you were coding every line of machine code yourself.
The reason why this is significant is because when programs are running, they get stored in the RAM as machine code. Thus, to reverse engineer a computer program, you would have to understand the machine code that was written. And by understanding how the game code works, you can modify the machine code in the RAM to get the game to do what you want it to do.
In GunBound, for example, there must be a piece of game code that tells your computer that your character lost health after getting hit. By modifying that game code, you can get your computer to think that you never got hit and therefore would never lose health. This would have been easy game hack to do if this were an offline game. However, since all the computers playing in the same game had to be in sync, you would get kicked out of the game if your health reading did not match up with the health readings from the rest of the players.
Therefore, it was a challenge to hack this game, and nobody really knew how to do it. I took up that challenge, because it seemed fun to search for the vulnerabilities in the game code and hack the game to my advantage.
One of the first hacks I found for the game was an innocent one. It allowed you to bypass the vulgar language filter, and allowed you to swear in the in-game chat without it turning into a mash of asterisks and punctuation marks. I shared the hack among my friends so that we could speak freely amongst one another without ever being filtered again. But, I never told them that I was the one who made it. I also distributed the hack freely on a new blog I created.
Since I valued my anonymity, I created that blog under a false alias named Janette. The picture I used for my alias was a picture of a cute blonde girl, whose photo I found from some random website. I maintained that alias until the closure of that blog. Although I could have attached my name to the blog, I had put my ego aside in exchange for my privacy.
Eventually, I discovered more fun hacks that the game developers did not block. I created a hack that allowed users to modify the trajectory of their opponents’ missiles by changing the gravity and wind physics in the game. This led to some hilarious scenarios where people shot themselves. After seeing how fun it was to modify the game, I spent more time exploring the game code and figuring out new ways to hack the game.
Another hack I made, which I nicknamed “act of Zeus”, allowed you to shoot an unlimited number of lightning bolts from the sky at anywhere you chose. The ability to shoot one lightning bolt per round usually only occurred after you died (sort of like a revenge attack), and each bolt did very little damage. However, I hacked the game code to allow me to shoot as many lightning bolts as I wanted, even though it wasn’t my turn and I wasn’t dead. This meant that I could blast anyone into smithereens at any given time during the game.
Having that kind of power at a young age, even in a video game, was quite alluring. The whole world of hacking was alluring in general. It was a mix of curiosity and fun. But I knew that having this kind of power could have corrupted me. So, I rarely used my hacks, even if they were for good intentions. When I did use them, they were mainly targeted at cyberbullies who liked to pick on weaker people.
The best GunBound matches are between people with equal equipment stats and equal experience. The new players usually don’t have much equipment, so their avatars are weaker. The more experienced players usually have better equipment and can easily beat the new players (newbies) without much skill. The bullies are the ones who have the best equipment and purposefully join the games that are full of newbies. The newbies usually are okay with starting the game, because they don’t know that they’re about to be slaughtered. The bullies have close to a 100% chance of winning the game and gaining the gold coins, while the newbies are left defeated with no gold coins at all. I remember that this happened to me once when I first started playing the game, and it wasn’t a pleasant experience.
It was an injustice that I wanted to make right. So what I did was create a new account with no equipment at all. I would then join these games where an entire side would be full of unknowing newbies and the other side would be full of decked out bullies. I didn’t do any hacks until the match was almost over, and until the bullies thought that they got another easy win. Just when the newbies started running away after realizing that they were being slaughtered like defenseless lamb, I turned on my hacks. I changed the wind and gravity physics so that during each turn, the bullies would end up shooting themselves. I, then, shot enough lightning bolts at the bullies so that their tank would not get destroyed, but it would end up being buried six feet underground. At that point, they had no place to run to, and they had no chance of shooting any one of the newbies. Their only choices were to quit the game and forfeit, or to shoot at a wall and kill themselves from the blast. The bullies had been defeated either way. Once my anti-bullying tactics became known throughout the GunBound community, there was less and less cyberbullying in the game.
My First Business Venture
Since the price of college books and tuition was high, I had to do what every other college student had to do: Make money on the side. And since GunBound was taking up a lot of my free time, I wanted to find a way to profit from it.
What I had been seeing were people selling their GunBound equipment online for real money. And we're only talking about a few dollars or so for an item that would take hours of playing to obtain. It was a great bargain for players who wanted the powerful items without having to play the game for hours on end. And it was good for people who played the game and wanted to make money on the side. This business model became popular when the online PC game Diablo® came out. People were selling their rare items for tens of dollars on online auction sites.
I realized that I could do pretty well in this business model because I had the advantage of my computer skills. So what I had done was create a hack that made me automatically win after a round begins. I cloned the game and modified it a bit so that it would allow me to run the game more than once on the same computer. This allowed me to play on two accounts in the same computer. Then I coded a computer script that automated the process of starting a new game against my second account. So each time the match started, my primary account would win and get gold for the win. This process, which I nicknamed “gold hack”, proved successful, and I was able to generate large amounts of gold even when I was not on my computer (whether I was sleeping or in class). I then used the gold to buy powerful items, which I then sold for real money. I also gave my best friend and some of my other friends all of the most powerful items in the game for free. Being my friend had its benefits.
I also realized that if I sold my gold hack, I would be able to make even more money. So I set the price at $10, and sold hundreds of dollars worth of hacks each day under my blonde hacker girl alias, Janette. This went on for months, and I accumulated enough profits to pay for my college books and my college tuition.
I even became legendary among the GunBound community under my alias. When I was playing, there were people in the game claiming to be or personally know my fictitious hacker alias. The most bizarre incident of this was when my friend from high school, Jason, said that his college classmate, George, claimed to be dating Janette. At the time, none of my friends (or anyone in the world for that matter) knew that I was the one who was pulling the strings behind Janette. So I played a prank on Jason's classmate. I added a new blog post on Janette’s blog that said that she dumped George, because it turned out that he had a small penis and cried like a little pansy all the time. I then told Jason to look at Janette’s blog, and he cracked up after seeing that post. I later revealed that I personally knew who Janette was and that I spoke to her personally. That decision to reveal my relations to her later bit me in the ass.
Lifehack #16: Your privacy is one of your most important assets.
The invention of the internet only made gossip and rumor spread faster and wider. Word about my relations to Janette traveled pretty quickly and reached many of my friends, even though I told Jason not to tell anyone. Soon, a lot of people from my high school who played GunBound found out that I was actually Janette. The people from my high school were pretty smart, so it wasn’t that hard to realize that I was only using her as a cover. After that, it was only a matter of time before word broke out of the circle of friends and onto the internet forums.
Finally, on one fateful day, it happened. I found out about it when my mother called me from New York at one in the morning. I was still in my college dorm in California at the time, so my 1 A.M. was her 4 A.M. What had happened was that a person with a deep-sounding voice had called my mother at four in the morning while pretending to be a police officer. He threatened to arrest me if I didn’t stop what I was doing (selling hacks and game items). Soon after she hung up, a different person called her and asked for me. She told him that I wasn’t living there anymore and hung up. It was only a few seconds later that she’d receive yet another call. My mother had no idea what I had been up to or what this was all about, so she got scared and confused and called me. Her phone kept getting so many phone calls that almost every time she picked up the phone to try to call me, she’d end up unknowingly answering another phone call. When she finally got through to me, I told her over the phone that I’d stop my business immediately without really explaining what my business was. I also told her to unplug the phone lines and not to worry.
I immediately went on the GunBound community forums to find out what was going on. What happened was that someone had posted my parents’ landline phone number and address on a popular GunBound hacking forum. The address was obtained by doing a reverse phone lookup on my parents’ landline phone number. The phone number was obtained through a cached version of one of my old websites. It was a personal website I had made back when I was only 13. It was meant to be a phone directory for my classmates, so that we had a central location to find each others’ numbers without having to ask someone else for a person’s number. Being 13 meant that I wasn’t yet exposed to or lectured on the dangers of revealing your personal information online.