Reliable and Fast Web Hosting
Sometimes I wonder about a way to delete the entire Internet…
I want to be a hacker!!! Because I need robux in roblox???
The first part of this video makes a common mistake that a lot of publications made when the flaw in question was first discovered. The name "Stagefright" doesn't refer to the bug; it refers to the component of Android that the bug is in. The bug itself doesn't have a fancy name (like most vulnerabilities, it received a rather bland ID number; in this case, CVE-2015-1538), so people called it "the Stagefright bug" (i.e. "the bug in Stagefright") for simplicity, and people unfamiliar with the details of the issue ended up thinking that was a brand name for the bug, like with "heartbleed".
I have never heard of? What? How can you know what I have or haven't heard? Or maybe, this is a clickbait?
Mean while on facebook suggestion:5 security holes that the government doesnt want you to know!
everyones heard of wannacry
What's with the clickbait title? That's not something I'd have expected from SciShow.
P.I.C.N.I.C.Problem in chair, not in computer
I can guarantee a nordVPN sponsorship at the end of this
I love these cyber security videos. They’re super interesting! ?
So the only thing we could do to no be hacked it is to do not have technology acess
5:04 I see what you did there.
1# isn’t that “feature” on every cellphone? Even without hacking.
I have a flip phone so I don't have to worry about this
wew. Anyone else tempted to just give up on cybersecurity and live in a cave somewhere?
I didn't understand anything.
You missed some. IP range hijacking and BGP poisoning for example. Various amusing WiFi exploits as well as cell impersonation… long list of far scarier exploits than the ones you listed.
Disclaimer: I know nothing about anything I said.
The third one reminds me of Thanos. With one snap, you could destroy half the internet
I'm immune from any vulnerability because i used Windows XP without any antivirus.
Oh god, if shellshock has been exposed… penises and swastikas everywhere.
Spectre and Meltdown are worth a mention – although subtle, their clever timing attacks allow you to read any part of memory no matter your privilege level, and there's still a lot of debate about how to stop it.
No mention of Meltdown?
guys guys guys, Pro Tip here:Always do updates!
Sounds simple enough, but you have no idea how many exploits were only possible because users clicked "Update later".Wannacry was the best example of this. You know how he said "Older versions of Windows"? That's right, Microsoft knew about this flaw months before it hit and released fixes for it.But people who refused to update or, god forbid, stayed with Windows XP beyond its expiration, were easy targets.
Other bigger ones that are somewhat obscure were not mentioned.Hhmm..
the NSA didn't fix EternalBlue, they caused it. they're the ones that found the bug, wrote the exploit library, and ultimately leaked it, rather than reporting it asap
What, no mention of viruses built into peripherals? It has happened.
michael aranda never blinks
Question (for a future episode): Is vinegar as good at killing mold and bacteria as some people say?
It’s funny. I’ve found a similar bug based on a 32 bits signed/unsigned arithmetic error on Novell 20 years ago. But instead of increasing disk quota by cheating the math it was a guaranteed server freeze, taking the two desktop rooms with it.
The dns cache poisoning is not solved by a better random generation but by having the resolver also match the port number and, for more recent implementations, to use an extension with what is essentially a big random number in it.But yes, using DNSSEC is much safer and only requires 30 times more bandwidth and asymmetric cryptography operations to work. A wonder why it’s not widespread.
I no longer feel safe on… no matter which device I use to view this video!
The Clickbait title 'you never heard of this' makes this video worse. Contentwise it is, as always, fine.
Why dose a bee sting burn is the venom affecting your blood. I dont know dose it plz awnser my question plz
More of this! 🙂
if you want to hack system to get ppls data, now you dont have to write elaborate hacking code for injection mechanism, facebook is providing all the data for nominal costs
"YOU'VE BEEN HACKED!"
Sci show is slowly becoming watchmojo
Well researched sir!
These "Good" hackers better be rewarded.
Eternal blue virus affects the old versions of windows, that"s why i think microsoft has a free win 10 update globally.
QQ: Can you melt metal with magnets???
That was a really well drawn cow, oh I geuss the rest of the video was okay to, but that cow was clearly the highlight
Kudos to you guys for explaining advanced IT features in such an intelligible fashion!
Now that you mention it.
When you mentioned bash I cried
Thank you very much. I watched the full episode. I enjoyed it.
What about spectre/meltdown?
These videos are awesome can we do more?
Hoping for advice. I'm using Android on a tablet and when I try to access some sites I get a pop up saying my connection is not secure, click here for info. Is there a way of knowing whether this is genuine or malicious? So far I've backed out without touching the pop up.
at 4:12 — IIRC the NSA found the exploit and sat on it for their own purposes, and eventualy got leaked by the shadow brokers. If they had notified MS to fix it none of that would've happened
well, they would find 52 pictures of my cat sleeping in the same position, and they would hear how bored i am at my job, and see my online shopping history and ne deeply disappointed, so…
Cheap Viagra dot exe lol. Why is it an exe file??
I see, so that AWS 'human' flaw didn't make it to the list
I remember just hearing about WannaCry! Someone came into my Discord server and tried to get people to download it.
I understand it's hard to "dumb" some of these things down so that most people understand, but a lot of this is just straight up wrong…
That little anecdote about drawing a cow was wonderful, now every time I write a method/function I'm going think of exactly that. Thanks.
Heard of all 5, but hey, I'm an enthusiast…
Hate to tell you this, but I knew about all 5 of those.Now mention HeartBleed. And the NSA who knew about it for about 10 years and told nobody, because they were using it to spy on everyone…Then you might talk about Spectre & Melt-Down, and how the implementation of the out-or-order-execution unit(s) in your cores, has been broken and vulnerable to side channel exploit since those things showed up, in about 1994 or 5…Now tell me this. Riddle me this, Batman. Micro$oft faced the biggest & baddest and nastiest and most terrifying anti-trust case in the history of the world. Then suddenly … nothing happened…. The noise went quiet, and it all just stopped. What if, to please the US gov, Bill Gates agreed to add a back door into Windows. Let's say (just a guess) there's a hard wired password to use the remote desktop, which all your spooks (CIA, NSA, NRA…) have. So for 20 years, any spy (maybe with a bit of rank & seniority, I don't know) can get at your machine with the user_name "admin" and the password of (string of gibberish 256 bytes long, but which just happens to be the 'random' registry key for something in every windows box…Have you ever used Remote Desktop? Have you ever seen it used? Have you ever seen it used from the service desk end? I have…. I used to be help desk at a university IT dep, and we used it all the time….I think the U$ gov, has a back door into Windows, and I think they've had it for 20 years….
Something you failed to note, is that the NSA never had any intentions of having the Eternal Blue bug fixed, and it was leaked by accident. The NSA was actually using this for their own purposes.
I knew about the first one. HAH!
The number of corny jokes in this comment sections is too damn high!
PEBKAC. That's all you need to know when it comes to most issues.
what servers update your pc?
… predictive execution bugs aren’t mentioned.. and their by far, the most worrying
Damn this sounds like a WatchMojo title
Once I organized a DARPA security conference. We really looked forward to the keynote speaker. He got up said, if it's secret don't put it on the net and sat down. Yup.
O no I didn't know about stagefright and its my job to know all the infosec words oops.
Reasons why I've always taped of the webcam on my laptop even though people laugh when they see it.
I have never seen such a good set of explanations for vulnerabilities before. You've managed to clarify some very complex problems in this ever-connected society.
Also, that was the most concise explanation of a buffer overflow and RCE that I've ever heard.
What about “the man in the middle attack?”
Michael’s back with the long ones!!!!!!! Please stay (I love the other host’s too!!)
I never knew the intro sounded so cool at 1.25x
no Michael. that haircut is badddddddd
So the dislikes are from hackers?
That's why I cover my camera with tape! Now to deal with microphone…
Man, I always click the viagra.exe attachments
no spectre or meltdown ?
Credit to your writers and researchers on this one, you've done a great job on a topic that usually gets talked about either with a huge amount of assumed knowledge or so much dumbing-down that it becomes inaccurate. Nice work!
Very cool topic and a great presentation! Thanks SciShow
That thumbnail hurts me on a spiritual level.
Sometimes updates do come with malicious code, so don't be too quick to update either. Ex: Transmission on Mac OSX
Love the not-so-subtle PEBKAC reference.
frantically typing god damn it he's decoding our IP, i need more RAM!
This comment will get buried but seriously SciShow, you're better than this. You've got a dumb early 2010s click bait title saying we've never heard of them and then in the video mention that WannaCry was a huge story, which it was, so a lot of us have heard of it. I know YouTube's ad policies are hitting everyone hard but this will just erode your audience's trust slowly over time.
Shellshock is patched, and wasn't even a problem if you actually set an SSH password and weren't so lazy as to leave it as default.
Plot twist, this video is an RCE attack.SciShow… More like SlyShow.
Holy crap, that is FRIGHTENING!As if I'm not paranoid already when it come to the vulnerabilities computer software.
OMG this is litreally what I'm studying, SciShow really know what they're talking about!!
I see your very model of a Hamilton reference
Reported for clickbait. I heard of 2 of these before (/s).
All of these are REALLY well known, who came up with that stupid title?
Norton is the best
Dude like barely blinks
6:40 Did anyone notice it read C.I.A?
TBH the first one is the big reason I don’t want to get an Android… apart from the hassle of moving my music library. Like don’t get me wrong, I’m not an Apple stan, but I really dislike the fragmentation of Android.
How to do it:Delete the program.
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.