Who was REALLY behind the Microsoft Backdoor...

Поділитися
Вставка
  • Опубліковано 22 гру 2024

КОМЕНТАРІ •

  • @DanielBoctor
    @DanielBoctor  6 місяців тому +189

    To try everything Brilliant has to offer -free- for a full 30 days, visit 👉 brilliant.org/DanielBoctor/. You'll also get 20% off an annual premium subscription!
    PART TWO IS OUT NOW 👉 ua-cam.com/video/L1LZpWqbJG8/v-deo.html
    THANKS FOR WATCHING ❤
    **EDIT - please read**
    Just to be clear, Kaspersky are the ones who discovered the Equation Group in the first place. They announced the discovery on February 16, 2015, at the Kaspersky Security Analysts Summit held in Mexico. The quote @ 3:38 was actually taken from their official report, that they published on the same day. I definitely should have made this more clear, and I can see why there is a lot of confusion.
    JOIN THE DISCORD! 👉 discord.gg/WYqqp7DXbm
    👇 Let me know what type of content you would like to see next! 👇
    Thank you for all of the support, I love all of you

    • @Dreamer66617
      @Dreamer66617 6 місяців тому +5

      Change the thumbnail it’s easier to share if it doesn’t look like I’m sharing some conspiracy stuff

    • @dragonfly-f5u
      @dragonfly-f5u 6 місяців тому +1

      SOMEONE WITH HACKING SKILLS could be very dangerous in the coming months and yrs,all it take is the right motivations/attitude and mind set /bad bad actor villain lvl

    • @luislongoria6621
      @luislongoria6621 6 місяців тому

      So many malware tutorials all using the same attack vector clearly emphasize how exactly nothing has been patched. The real upsell of updating your OS is free tech support (monitoring) for the current generation OS

    • @JPs-q1o
      @JPs-q1o 6 місяців тому +3

      $300 seems like a really reasonable price for an online course on the importance of making regular backups 😁

    • @ReligionAndMaterialismDebunked
      @ReligionAndMaterialismDebunked 5 місяців тому

      Thanks. Shalom.

  • @trephy2999
    @trephy2999 6 місяців тому +8400

    Kaspersky calling them out on this (and many other things) makes banning them now look like a move to protect future backdoors and get revenge

    • @Tb0ne212
      @Tb0ne212 6 місяців тому +187

      That makes sense!

    • @the_expidition427
      @the_expidition427 6 місяців тому +65

      Saving this

    • @IT10T
      @IT10T 6 місяців тому +114

      What was their reasoning to ban Deepcool then? it is actually just as simple as their relation to Russia... And what of the other previous bans years prior like DJI or SMIC?

    • @distorted_heavy
      @distorted_heavy 6 місяців тому +458

      Kaspersky isn't under the thumb of the US gov, so they can't be forced into silence. Easy as

    • @adultdeleted
      @adultdeleted 6 місяців тому +161

      kaspersky didn't call out anyone and isn't even mentioned in the video. wannacry is old and has nothing to do with kaspersky's banning.

  • @UtubeH8tr
    @UtubeH8tr 6 місяців тому +6266

    That's why you should own 2 computers.
    1 plugged to the internet
    1 not.
    They won't ever steal my quake arena mod maps.

    • @christopherleubner6633
      @christopherleubner6633 6 місяців тому +122

      Yup that's how you do it. ❤

    • @LeMicronaut
      @LeMicronaut 6 місяців тому

      RELEASE THE UtubeH8tr MAP PACK!

    • @Thalanox
      @Thalanox 6 місяців тому +190

      Run one of those self-learning AIs in a match for a decade and they'll develop world peace.

    • @CryptidBuddy
      @CryptidBuddy 6 місяців тому +120

      @@Thalanoxthat’s how you start judgement day. That will find a way to get itself off the computer.

    • @sylfraeaveniore2684
      @sylfraeaveniore2684 6 місяців тому +161

      They won't collect my Club Penguin LAN server

  • @jooch_exe
    @jooch_exe 6 місяців тому +2532

    The fact that this exploit was only discovered by hacking the NSA is insane.

    • @omarjimenezromero3463
      @omarjimenezromero3463 6 місяців тому

      haha, every security department of a government has those tools under their sleeve, specially "capitalist" ones, you will be surprised if you catch the embebed code of VISA and MasterCard debit and credit card code, those also work in that way, macOS is the one with the most notable backdoors, microsoft second, and for linux you need to cling into the tools the system use (because you can find a custom linux OS that does not require outside the country code to mitigate backdoors).

    • @Gem10MM
      @Gem10MM 5 місяців тому +147

      They hacked a sub contractor who had an exploit but nobody wanted to buy because they would become a target because NSA spent millions in development of the exploit.

    • @EdwardM919
      @EdwardM919 5 місяців тому +48

      Now we all have to pay the price for their negligence.

    • @Gem10MM
      @Gem10MM 5 місяців тому

      @@EdwardM919 the MS17 EthernalBlue exploit doesent work anymore. The damage was done in the past.

    • @dr-rexmangrca113
      @dr-rexmangrca113 5 місяців тому

      ​@@EdwardM919no no now they have total access to your computer and telephone 😂😂😂🎉😅

  • @OverAndOverAndOver
    @OverAndOverAndOver 6 місяців тому +4855

    Common NSA and Big Tech moment

    • @danwic
      @danwic 6 місяців тому +159

      More like NSA. They never informed Microsoft until it was too late. Microsoft patched the vulnerability almost as soon as they were eventually made aware by the NSA. So big tech doesn't really have much guilt on this, the guilt lies with the NSA.

    • @Kardfogu
      @Kardfogu 6 місяців тому

      @@danwic You assume that Microsoft did an oopsie that noone discovered within their development and the NSA didn't ask for an obscure backdoor... ...again.
      Which is a very bold assumption, or should I say, a quite mentally handicapped assumption.
      Eternal Blue wasn't necessary an accident or a coding error, it could have been and most likely was a feature, intended for the use of USA government agencies - not necessary limited to the NSA -, then the NSA decided to act like NSA does: not reminding Microsoft in time that they got hacked, hoping their favorite toy wasn't stolen.

    • @christophertoth9810
      @christophertoth9810 6 місяців тому +123

      @@danwicyou assume this wasn’t intentional by Microsoft. They created it when they were told to and patched it when they were told to. I mean notified

    • @acid_8
      @acid_8 6 місяців тому

      @@danwic just look at Snowden's revelations. Microsoft does was Big 3-Letter Intel tells them to, pun intended.
      Microsoft builds soft-side code, alphabet smiths exploit it, not to say they're spoonfed, it has to look innocuous. I have zero proof however similar instances of intentional backdoors have been well documented.

    • @NorthernChimp
      @NorthernChimp 6 місяців тому +45

      ​@@christophertoth9810 Not to say it's unlikely, but you're assuming as well.

  • @BobertV702
    @BobertV702 6 місяців тому +1024

    I must say, after 2 years of studying IT, programming, red and blue team, no one ever explained this vulnerability better than you did here. Subscribed. I'll watch all of your videos, and will be waiting for the 2nd part. And thanks for sharing that defcon talk, I'll watch that as well!

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +62

      wow, thanks for this comment. I appreciate the support, and I'm glad you liked the video. Happy to have you on the channel!

    • @JPs-q1o
      @JPs-q1o 6 місяців тому +9

      ​@@DanielBoctor
      TBH $300 seems like a really reasonable price for an online course on the importance of making regular backups 😁

    • @paladro
      @paladro 6 місяців тому

      @@JPs-q1o or, you could tell people for free...

    • @Cowloverdude
      @Cowloverdude 5 місяців тому +3

      @@DanielBoctor I have gone so far as to complete my bs in comp sci and have years of IT experience (though I do lack programming experience as a junior dev) and I have to agree with Bobert this video was insanely good especially when explaining this sort of thing to someone non-technical (they’ll tune out often but your “recaps”, visuals, style etc can keep the smarter ones watching)

    • @ivok9846
      @ivok9846 5 місяців тому +1

      it's a deep dive without the first step: how did we get infected, thru which channel?
      were ports mentioned? ports opened to web, ports opened locally?
      in that aspect this doesn't help much to protect yourself, but 'grc shields up' might...

  • @systemhalodark
    @systemhalodark 6 місяців тому +4586

    "It was North Korean hackers"
    Yeah... riiiight. How convenient.

    • @homeistheearth
      @homeistheearth 6 місяців тому +216

      Also - NK only have shitty old western computers..

    • @The-Singularity-X01
      @The-Singularity-X01 6 місяців тому

      @@homeistheearth That's really all you need. 'Brute force' style attacks are the ones that require insane computational power, and for the most part those don't happen any more.

    • @Userf384gw
      @Userf384gw 6 місяців тому

      @@homeistheearth got sanctioned by the us to death. literally.

    • @mycelia_ow
      @mycelia_ow 6 місяців тому +225

      @@homeistheearth and the ever glorious RedStar OS

    • @rusername
      @rusername 5 місяців тому +154

      @@mycelia_ow nothing wrong with the OS tho, its linux and probably runs faster than windows 11

  • @christopherleubner6633
    @christopherleubner6633 6 місяців тому +3038

    That the NSA had their little keyhole to spy on everyone used against them is comical. 😂❤

    • @daryljenkins4391
      @daryljenkins4391 6 місяців тому +117

      Maybe we should all use open source OSes like Linux.

    • @ashade2877
      @ashade2877 6 місяців тому +74

      @@daryljenkins4391 YES Welcome to the Open Source world comrade

    • @masterTigress96
      @masterTigress96 6 місяців тому

      @@daryljenkins4391 The "thing" that happened with Debian showed us that open source doesn't mean anything, unless it has been audited independently by reputable auditors/cybersec experts, multiple times in various different ways, with the results being published. Good luck with finding something like that. Maybe Red Hat/SuSe products but I highly doubt it.
      Potentially something like OpenBSD comes to mind but I don't think it can meet all of the listed requirements. I do think it comes the closest to them.

    • @tuamaputanna2897
      @tuamaputanna2897 6 місяців тому

      ​@@daryljenkins4391 not even linux distros are safe sadly: just as an example, systemd's main maintainers are microsoft employees

    • @sloppycee
      @sloppycee 6 місяців тому +44

      @@daryljenkins4391oss is not immune to infiltration. You didn't hear about xz?

  • @hineko_
    @hineko_ 6 місяців тому +1290

    I dont get why they called it Windows. Should have called Backdoors

    • @YoniBaruch-y3m
      @YoniBaruch-y3m 6 місяців тому +16

      Same idea, isn’t it. Good point.

    • @jamiewilliams1410
      @jamiewilliams1410 5 місяців тому +29

      Providing those backdoors gives Microsoft permission from the government to remain in the Apple, MS duopoly. We all know Linux is an option but remains an option for nerds only and is nowhere near any form of mass adoption. Microsoft is a member of the Linux board to keep it that way.

    • @whocarescrapsa
      @whocarescrapsa 5 місяців тому

      @@jamiewilliams1410
      “Microsoft has confirmed that they have more Linux servers than Windows servers on their Azure cloud platform. Over 50% of Azure virtual machine cores are running Linux.”…the good news is that things are changing. At some point they have to listen to their customers.

    • @JayDee-x2b
      @JayDee-x2b 5 місяців тому +6

      Gay backdoor big mike likes

    • @neotek303
      @neotek303 5 місяців тому +12

      Microsoft Backrooms... the possibilities are endless....

  • @KillianTwew
    @KillianTwew 6 місяців тому +4508

    Sounds like Microsoft and NSA are the real adversaries here

    • @RockyPixel
      @RockyPixel 6 місяців тому +232

      Tale old as time

    • @MaakaSakuranbo
      @MaakaSakuranbo 6 місяців тому +321

      Well MS just wrote Buggy code. NSA found the bug and decided that rather than to alert Microsoft, so people could be protected from malicious actors, do keep it for themselves.

    • @jtjames79
      @jtjames79 6 місяців тому +93

      Richard Stallman was right.

    • @metalhead2476
      @metalhead2476 6 місяців тому +25

      No. It's CCP and Russia.

    • @nobeltnium
      @nobeltnium 6 місяців тому +169

      @@MaakaSakuranbo these bug might be introduced by microsoft on behalf of NSA request

  • @RustedCroaker
    @RustedCroaker 6 місяців тому +1274

    That's why they're banning Kaspersky. Because it could detect even NSA's exploits.

    • @soundspark
      @soundspark 6 місяців тому +40

      In that case wouldn't they have been banned in 2017?

    • @BloodwyrmWildheart
      @BloodwyrmWildheart 6 місяців тому

      @@soundspark Gov aren't as bright as they'd have us believe.

    • @gremirid
      @gremirid 6 місяців тому +52

      ​@@soundspark But is banned now.

    • @alexandrep4913
      @alexandrep4913 6 місяців тому +121

      ​@soundspark How can they ban Kaspersky in 2017 and bringing this attention and have people know.
      This has blew it all off the lid. What's worse is that Kaspersky is so good, that it gives you a performance boost. My laptop went from 3-4 hours of work time on battery, to 6 to 8 hours.

    • @RustedCroaker
      @RustedCroaker 6 місяців тому

      @@soundspark They started a smearing campaign exactly in 2017. After Kaspersky ability to detect government's malwares went public. Google for articles from the time.

  • @IAT1964
    @IAT1964 6 місяців тому +1038

    Department of Defence is a misnomer. It's actually the Department of War

    • @benitomgomez3290
      @benitomgomez3290 6 місяців тому +73

      It was it's original name! They changed to try to cover the truth ! !! 😮😢

    • @szjakesan
      @szjakesan 5 місяців тому +20

      So do other ministries of defense in other countries, which may not be for defense only

    • @themongol1475
      @themongol1475 5 місяців тому +31

      the little hats control it all

    • @mmixlinus
      @mmixlinus 5 місяців тому +12

      Is that you, Winston?

    • @ReonE60000
      @ReonE60000 5 місяців тому +40

      Yes, countries should rename their departments of "defence" back to departments of war, like how it was before world war 1. Because it sounds more epic.

  • @GaryCameron780
    @GaryCameron780 6 місяців тому +1031

    NSA being hacked is a form of poetic justice. LOL

    • @Conserpov
      @Conserpov 6 місяців тому +4

      Do you also believe in Saddam's WMD?

    • @paladro
      @paladro 6 місяців тому +4

      its just part of the landscape, what army(even IT) doesn't attack or have to defend, at some point.... not entirely sure it's justice, since nothing will come of it.

    • @nigelrhodes4330
      @nigelrhodes4330 5 місяців тому

      The NSA was not hacked, a stupid employee took files home and had Kaspersky installed on their home system and the files were exfiltrated that way.

    • @navyseal1689
      @navyseal1689 5 місяців тому +4

      But u paid the price tho

    • @oentrepreneur
      @oentrepreneur 5 місяців тому +2

      ​@Conserpov what do you mean?

  • @mx338
    @mx338 6 місяців тому +610

    The US State Department just accuses however meets their current strategic goals the best, so I really don't trust their attributions to North Korea and Russia.
    Ultimately their cyber weapons are to blame regardless.

    • @raiden72
      @raiden72 6 місяців тому

      Well the USA did invent the internet and they accelerated computer development to where the world could have computers so, they basically own everyone's computers anyway. No matter how much China tries to steal our technology we will always be ahead.

    • @Sammyli99
      @Sammyli99 6 місяців тому +14

      DOH. Deciet in the Deceit, deflection is the new projection, actually since 1776.

    • @dannydetonator
      @dannydetonator 6 місяців тому

      If it was just US whatever or NSA i'd get you, but no software engineer who looked at it, from US to S. Korea has objected to the evidence, of which there are more than plenty. And you, worm for a brain, are doing _exactly_ what all US enemies whant you to do. Becoming an enemy to yourselves.

    • @FitraRahim
      @FitraRahim 6 місяців тому +71

      Russian, Iran, North Korean hackers = Euh.... Bad man...
      US, UK, EU hackers = It's not exist, not bad man.

    • @HammerStudioGames
      @HammerStudioGames 6 місяців тому +12

      What a braindead take.

  • @tsvetislavrangelov5932
    @tsvetislavrangelov5932 6 місяців тому +185

    My friend, your explanation of the exploit is STELLAR! Even as a guy in this industry, it boggles my mind how complicated this exploit is, and moreover, how others found the actual exploit itself!
    Crazy stuff, appreciate the effort you put into this man!

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +7

      of course, glad you liked it!

    • @adultdeleted
      @adultdeleted 6 місяців тому +2

      ​@@DanielBoctorwhat does this have to do with kaspersky? the title is leading people to believe kaspersky is being banned for uncovering or "stopping" wannacry, when that isn't the case and has no correlation in timing.

    • @adultdeleted
      @adultdeleted 6 місяців тому +2

      the only connection i can make here is kaspersky's leak from an nsa contractor. i am not seeing that connection explained in the video. is this an old video you already uploaded?

    • @himalayo
      @himalayo 6 місяців тому +4

      the NSA has windows' source code and all the money in the world at their disposal

    • @Derederi
      @Derederi 6 місяців тому +1

      ​@@DanielBoctorcould you out more ads in it? Its almost 60% ads vs content. You could easily reach 100% efficiency.
      Just play ads. Start and End with brilliant ads, and fill the rest with youtube ads.

  • @tim.martin
    @tim.martin 6 місяців тому +259

    "but I digress", the digressions were great mate.

  • @Furry_Lord
    @Furry_Lord 6 місяців тому +116

    This is why you should always take advices and try to understand why someone is warning you to fix the bug and not just dismiss it as a joke attempt. Happens often with superiors who think they are more superior then you, just because they want it done faster and get that chachink.

    • @homegirlshy
      @homegirlshy 5 місяців тому

      The Internet IS a USA invention in the first place. Duh. You're welcome. You're not going to out internet the USA on it's own invention & creation. It's not "thinking it's superior", it just simply is. Facts are facts. Be mad about it. Doesn't really matter.

  • @Trizzer89
    @Trizzer89 6 місяців тому +686

    Ransomware has to be the fastest way to make money ever invented

    • @PenguinCrayon269
      @PenguinCrayon269 6 місяців тому +145

      the fastest way is to print it 💀

    • @blindedjourneyman
      @blindedjourneyman 6 місяців тому +41

      ​@@PenguinCrayon269Not everyone is a banker o thr government.

    • @anekodot.
      @anekodot. 6 місяців тому +14

      ​@@blindedjourneymancounterfit money exists

    • @Trizzer89
      @Trizzer89 6 місяців тому

      ​@@PenguinCrayon269 Cant print in one day enough to multiply your net worth by 100000x

    • @Kenionatus
      @Kenionatus 6 місяців тому +49

      ​@@PenguinCrayon269 Conterfeit money at the hundreds of millions or even billions might be really hard to actually spend. You can't just walk into a bank and slap down a few tens of millions without having to answer some questions. If you're paying in cash you also will only be able to use relatively small quantities in order to not become extremely suspicious.
      Then again, that does in a way apply to all kinds of illegally obtained currency.

  • @stereo-soulsoundsystem5070
    @stereo-soulsoundsystem5070 6 місяців тому +74

    Damn Kapersky said they're a weapon to surpass Metal Gear thats crazy

  • @recgar
    @recgar 6 місяців тому +1201

    So what is the REAL reason the US government has labeled Kaspersky a national threat?

    • @milutzuk
      @milutzuk 6 місяців тому +274

      Maybe it's because Eugene Kaspersky was an FSB graduate? That's a secondary reason, the main reason was that KAV has ring 0 permissions (required to scan for rootkits) and is able to push overnight updates. Just add 2 and 2.
      Ring 0 is the most privileged ring. Everything that runs here is said to be in kernel mode because, well, the Windows kernel runs here. Also the drivers. Here everything has the most privileges. The other ring in Windows is ring 3. Processes that run here are said to run in user mode. There are no rings 1 and 2 in Windows (technically Windows wasn't implemented with rings, but the principles of segregating the privileges still do apply). Any antivirus needs to run in kernel mode for obvious, now, reasons. And, to make that 2+2 for you, albeit Eugene Kaspersky didn't prove to do everything his "colleague" Putin probably asked, the risk is there and the risk is to have in the morning tens to hundreds of thousands of computers being completely Russian puppets. It would be impossible to scan every antivirus update for backdoors especially when you don't see the source code. That scan would have been mandatory because Russia put cyberwarfare in its Military Doctrine in 2014 as part of the hybrid war, basically declaring war on the whole West. So the US took the sane approach: when you have no defense against an unconvicted criminal, better not invite him into your home.

    • @thecianinator
      @thecianinator 6 місяців тому +408

      He literally says it in this video. They discovered closed backdoors that the NSA was using

    • @helixwash4508
      @helixwash4508 6 місяців тому +20

      Truth

    • @jamieevans5979
      @jamieevans5979 6 місяців тому

      It's based on Kaspersky Antivirus being the source of a leak of classified material originating from a NSA contractor's home computer. That's it.

    • @Conserpov
      @Conserpov 6 місяців тому +223

      In the empire of lies, truth is a national threat.

  • @DoMyHomework_
    @DoMyHomework_ 6 місяців тому +341

    This highlights why closed-source is inherently dangerous.

    • @douglasgoodall3612
      @douglasgoodall3612 6 місяців тому +35

      Had this been open source, it is still uncertain that anyone would have noticed this exploit. In fact, had it been open source, the hack might have been discovered sooner and used longer. Don't get me wrong, I gave up Windows long ago and now use Linux strictly.

    • @baconofburger8784
      @baconofburger8784 6 місяців тому +69

      @@douglasgoodall3612 if it would have been discovered sooner it would've been patched sooner

    • @YodaWhat
      @YodaWhat 6 місяців тому

      @@baconofburger8784 - You ASSUME discovery by White Hats. Black Hats keep their own secrets.

    • @mycelia_ow
      @mycelia_ow 6 місяців тому +10

      Potentially* not inherently. You're using a closed-sourced platform, if you really believed that then you wouldn't.

    • @DevelopingJon
      @DevelopingJon 6 місяців тому

      lol this is why Elon is freaking out at the people he gave money to in order to research AI for humanities greater good (i.e. open source).. now they’re turning around and selling it directly to the highest bidder. We’re screwed.

  • @solanaceae2069
    @solanaceae2069 6 місяців тому +398

    And just like that their sudden banning of Kaspersky makes sense. They will not tolerate any whistle blower exposing their crime.

    • @glennquagmire3258
      @glennquagmire3258 5 місяців тому

      It would help if you thought a little more globally. How much do you trust a Russian program? They likely have trojans, too. The lesson is to trust neither without being unpatriotic. It is cyber-warfare that has been continually going on.

    • @softwarerevolutions
      @softwarerevolutions 5 місяців тому +13

      Like Edward Snowden the champ. Add to that Gates personally bashed Snowden.

    • @solanaceae2069
      @solanaceae2069 5 місяців тому +1

      @@softwarerevolutions Exactly.

  • @onemoreguyonline7878
    @onemoreguyonline7878 6 місяців тому +331

    Every intel computer is backdoored anyway with management engine

    • @humansvd3269
      @humansvd3269 6 місяців тому +15

      You can buy non ime chips from govt sales I think. But just don't use Intel.

    • @BeefIngot
      @BeefIngot 6 місяців тому +89

      AMD too with the pse.
      Very angry we cant have private computing. Even arm microcontrollers have backdoors.

    • @notaras1985
      @notaras1985 6 місяців тому +78

      ​@@BeefIngotwelcome to 1984

    • @NorthernChimp
      @NorthernChimp 6 місяців тому +17

      The IME and the PSE are official utilities available to the network administrator. That makes it more of a normal feature than a real stealth backdoor IMO. Although the NSA did complain about it to Intel as a potential vulnerability 😆

    • @slimesushi
      @slimesushi 6 місяців тому +13

      I love my librebooted thinkpad

  • @alienJIZ1990
    @alienJIZ1990 6 місяців тому +222

    Wait, so the NSA knew about a vulnerability, but were so full of arrogance and hubris that they didn't even bother to secure their systems so that it can't be used against them? Shocker.
    Even if SMB2 didn't exist at the time, they tailor the OS to their needs anyway, and could've easily either switched to NFS or even wrote their own more secure protocol to reduce the giant attack surface caused by SMB1
    Edit: SMB2 was released in 2006, Microsoft Deprecates SMB1 in 2013, NSA gets hacked in 2016. They literally just had to disable SMB1 🤦‍♂️

    • @zeitgeistx5239
      @zeitgeistx5239 6 місяців тому

      Nope. They were banned from government comp back in 2015 after NSA Equation Group hacker took his NSA malware home. His home PC Kaspersky anti virus picked it up on their servers in their Russian HQ. Kaspersky is controlled by Russian intelligence due to Russian state laws. So in 2015 Russian hackers leaked the NSA Malware and documentation to embarrass the U.S.

    • @erikkonstas
      @erikkonstas 6 місяців тому +6

      "they tailor the OS to their needs anyway" ain't a very easy feat... the switching protocols part though could be "easy", it would just involve a bunch of custom drivers.

    • @Acorn_Anomaly
      @Acorn_Anomaly 6 місяців тому +15

      Was it ever specified that the attack against the NSA was carried out using the EternalBlue vulnerability?
      I would think that they would have secured their systems against this vulnerability, and a different attack vector was used.
      Could easily be wrong, but I don't recall that being stated in this video.

    • @letcreate123
      @letcreate123 6 місяців тому +4

      Super Mario Bros 2

    • @Xynic48
      @Xynic48 5 місяців тому +1

      It's not arrogance, they were using it or planning to use it to spy on people. This is not exactly the first time they discovered an exploit and used it for spying.

  • @HasteCS
    @HasteCS 6 місяців тому +271

    Damn yo I’m a software engineer and I feel stupid as fuck watching this. Super complicated exploit but u did a good ass job explaining. Not sure how this doesn’t have way more views lol

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +26

      haha, it be like that sometimes. I appreciate the support 😊

    • @reset5899
      @reset5899 6 місяців тому +1

      u should be a software engineer then nn dog

    • @MaillonRecordz
      @MaillonRecordz 6 місяців тому +13

      Dude but that’s with every new project or thing you learn in coding. You always feel lost and find your way lol if it was easy software/programming engineers positions would be handed out like free water

    • @HasteCS
      @HasteCS 6 місяців тому +5

      @@MaillonRecordz haha yeah I mean normally I have a easy enough time following along and have enough knowledge to like have a general idea of what’s happening but this vid I had to pay laser focus to or else I had to go back and rewatch . But I agree, the constant learning is what makes software engineering such a great job!

    • @ClosestNearUtopia
      @ClosestNearUtopia 6 місяців тому

      Has not more vieuws because its old af already.

  • @helixwash4508
    @helixwash4508 6 місяців тому +290

    So Kaspersky found backdoors that the nsa was using? Makes perfect sense that they would be banned from the us 😂

    • @tropickman
      @tropickman 5 місяців тому +1

      Had they not interfered with Kasprski, it could have protected you & everyone else much better…

    • @dead-claudia
      @dead-claudia 5 місяців тому

      it's more so that kaspersky had buddied itself up with the kremlin (everyone in cybersecurity knew this) and that it was only a matter of time before the kremlin started using it for foul play.
      2017 spooked the us gov, but it wasn't clear if the kremlin was in on that or if it was just kremlin negligence and kaspersky luck, part of why they weren't fully sanctioned on the spot.
      but over time, non-government researchers started sounding alarms after seeing more of this ambiguous foul play, and this really hit a peak in 2022 with stuff that looked more clear-cut. the 2024 ban may have been the us finally finding a smoking gun that private security researchers were suspecting existed

    • @Yakoaxxi
      @Yakoaxxi 5 місяців тому

      You people are dumb

  • @FailedSquare
    @FailedSquare 6 місяців тому +49

    I worked in a SOC on night shift at the time of this, I grabbed one of the screenshots and set it as the slideshow screensaver on every machine in the room. The next morning my relief was late so i left, she finally showed up about a half hour later and i got a panicked phone call from her on my drive home. I had to pull over and catch my breath because i was laughing so hard.

  • @Varangian_af_Scaniae
    @Varangian_af_Scaniae 6 місяців тому +339

    American government responsible... Blame Russia and DPRK... Jobs done!

    • @eugeniocassano3475
      @eugeniocassano3475 5 місяців тому

      Jobs done!?
      La banda che opprime e sfrutta i cittadini usa e del mondo, e tu sei contento?
      O sei uno che ci mangia, o sei uno che non ha capito un gran ché.
      Pensi che "lo stato profondo" abbia a cuore l'interesse del cittadino?

    • @givikap120
      @givikap120 5 місяців тому

      Petya is obviously russian
      There's only one country that can target specifically Ukraine and name their virus as "petya"

    • @sesad5035
      @sesad5035 5 місяців тому

      I'd rather give my data to ruZZia rather than a gay country.

    • @Athenaa13
      @Athenaa13 5 місяців тому +2

      Because they are responsible lol

    • @auditoriooo8078
      @auditoriooo8078 5 місяців тому

      ​@@Athenaa13Least mental challenged americunt

  • @andyaskew1543
    @andyaskew1543 6 місяців тому +201

    The NSA was engaged in cyber gain of function research, and it got away from them.

  • @ronin_user
    @ronin_user 6 місяців тому +69

    That British researcher wrote Kronos on an amphetamine binge.

    • @nogrammer
      @nogrammer 6 місяців тому +15

      _"Ferb, I know what we're gonna do today"_

  • @antoniorocha9438
    @antoniorocha9438 6 місяців тому +30

    After the Snowden incident, they won't repeat the same mistake near soon.

  • @dennisbuswell
    @dennisbuswell 6 місяців тому +139

    idk why but my brain read your channel as Daniel Backdoor.

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +41

      haha, that's would be quite fitting

    • @IngwiePhoenix_nb
      @IngwiePhoenix_nb 6 місяців тому +14

      Welp, that's stuck in my mind now. Can't unread... xD
      immutable buffer. (:

    • @BASEDHITLORLOVER14n88
      @BASEDHITLORLOVER14n88 5 місяців тому +2

      Daniel's backdoor 😈

  • @luketien928
    @luketien928 6 місяців тому +16

    I feel like I’ve been hacked just by watching this video.
    I am by no means a hacker, just an everyday computer-user, but I still watched the whole video. I understood very little, and I feel like I am not qualified to comment or compliment. That said, I felt as if the explanations were very thorough and yet succinct at the same time! Well done!

  • @id104335409
    @id104335409 5 місяців тому +7

    Kasperski: We found this backdoor...
    NSA:SHUTUP! IT WAS THE KOREAN SPIES!!! AND YOU ARE A ILLEGITIMATE COMPANY! AND ALSO.. SHUTUP!

  • @WifeWantsAWizard
    @WifeWantsAWizard 6 місяців тому +339

    On behalf of all Linux users, let me just say, "Not EVERY computer."

    • @timmeh87
      @timmeh87 6 місяців тому +139

      Linux users were lucky the xz utils backdoor CVE-2024-3094 was caught in time, Different OS, different exploit, nobody is really safe these days

    • @o0Donuts0o
      @o0Donuts0o 6 місяців тому +45

      Didn’t someone try to insert a back door in SSH and only found out by accident?
      That’s just laughable.

    • @o0Donuts0o
      @o0Donuts0o 6 місяців тому +66

      Just as aside, our servers were invulnerable to WannaCry because we disabled SMBv1 YEARS ago as per MS security guidance, which is freely published.
      That’s the difference between knowing what to to and “install Linux because ima rocket scientist now, hurdy durdy”

    • @AshTag
      @AshTag 6 місяців тому

      @@o0Donuts0o 🤣

    • @MyCompAndGadgetHacks
      @MyCompAndGadgetHacks 6 місяців тому +49

      @@o0Donuts0o I don’t know which is more laughable. The fact that the attack was planned years only to get discovered because some dev didn’t like his performance numbers. Actually thanks to that we learned not to rely on critical libraries that are maintained by a single person.

  • @GabrielTobing
    @GabrielTobing 6 місяців тому +95

    3:31 Yeah this is probs why Kaspersky is now banned in the US, only the US is allowed to spy on you and Kaspersky just outed them hahahhha

    • @wyattarich
      @wyattarich 6 місяців тому +7

      It's got a lot more to do with Eugene Kaspersky's habit of going to saunas with FSB officials. This isn't new information either, Google it!

    • @BloodwyrmWildheart
      @BloodwyrmWildheart 6 місяців тому

      @@wyattarich Nothing more than a smear campaign.

    • @masoodjalal1152
      @masoodjalal1152 6 місяців тому +36

      @@wyattarich Question? Did he start going to saunas with FSB officials recently or he was doing it before as well? If he was why not ban Kaspersky earlier? The fact remains that Kaspersky is one of the best anti-virus in the market. Besides the US policy has been simple, if you cant control them, ban them. They did this with Huawei, now Kaspersky.

    • @BloodwyrmWildheart
      @BloodwyrmWildheart 5 місяців тому +6

      ​@@wyattarich *yawn* Basic slander. Nothing new.

    • @aephos.overwatch
      @aephos.overwatch 5 місяців тому +3

      ​@@masoodjalal1152 Kaspersky is an FSB graduate too. This alone was never enough to justify keeping his company out, they must've found a new reason and his FAB ties are a secondary reason.

  • @James-hb8qu
    @James-hb8qu 6 місяців тому +54

    I don't see the work "Kaspersky" anywhere in the transcript for this video.

  • @therealnoodledog6660
    @therealnoodledog6660 5 місяців тому +8

    Bro you're the only channel in youtube ill ring the bell for. You're amazing. Your capacity of explaining ultra complex subjects into digestible videos is amazing!!!

    • @DanielBoctor
      @DanielBoctor  5 місяців тому +2

      ahhh, I'm honoured! love to hear it 😊. thanks for watching and supporting :)

  • @roryfree4707
    @roryfree4707 6 місяців тому +21

    you are uniquely very good at laying out these exploits in a way that's simple to follow. awesome video

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +1

      I'm honoured, thank you 😊

  • @sidensvans67
    @sidensvans67 6 місяців тому +136

    The Backdoors are now Barn Doors . 👀

    • @larryc1616
      @larryc1616 5 місяців тому +1

      Just give me back backpage 💋

  • @NextLineIsMine
    @NextLineIsMine 5 місяців тому +7

    Hits close to home. My Dad built most of the fundamentals of NFS while at Sun Microsystems. Suddenly he got an invite to give a lecture about it at the NSA. This was around the mid to late 90s.

  • @lukeumhoefer
    @lukeumhoefer 6 місяців тому +47

    The part of the story that never gets told on the news... Great video!

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +3

      Glad you enjoyed it!

    • @mr.sir.
      @mr.sir. 5 місяців тому

      ​@@DanielBoctor can't wait to see you do Copilot next

  • @Florent_ATo
    @Florent_ATo 6 місяців тому +4

    This is easily THE most comprehensive video on the topic. Very well put together. Subscribed!

  • @RokeJulianLockhart.s13ouq
    @RokeJulianLockhart.s13ouq 6 місяців тому +100

    A terrible, clickbaity title (which almost caused me to ignore the video) for a brilliantly researched and explained video. Please do more of these.

    • @YoniBaruch-y3m
      @YoniBaruch-y3m 6 місяців тому +14

      And the political trolls on the comments section have the same effect, giving the impression of clickbait hype. In actuality yes, this is pure tech, nice!!

    • @thefumyandthechev
      @thefumyandthechev 5 місяців тому +1

      ​@@YoniBaruch-y3mWhich political trolls?

    • @JackMarcuson
      @JackMarcuson 5 місяців тому

      @@YoniBaruch-y3m oy vey you cannot call out NSA, thats russian propaganda!11

  • @rolfnoduk
    @rolfnoduk 5 місяців тому +6

    Almost expected: 'This is where today's video sponsor comes in - The NSA is an industry leading...'

  • @garypinholster1962
    @garypinholster1962 6 місяців тому +10

    If something connects to a network. It can be accessed. Nothing is safe unless it's completely unattached. If you have files you want to keep safe, back them on up external drives and after back up disconnect it from the network and store it away. Use a computer not connected to the main network to access files. Middle man if you will. It's a hassle but it will guarantee security.

  • @Sprinkles-r5y
    @Sprinkles-r5y 6 місяців тому +8

    The complexity of the crafting of this video essay, let alone the words leaving your head by your mouth in a sensical, comprehensible and eloquent way (without stumbling at any point) is, in my opinion, as significant in effort as the input that the actual exploit initially was to uncover. How you managed to convey some of the complexity of this sophisticated attack in an incredibly interesting digestible 20min video i have no idea?! But it was brilliant!! 👏👏👏

  • @m4rt_
    @m4rt_ 6 місяців тому +72

    This is why open source operating systems (like Linux) and open source software in general is better.
    Anyone can look into the code, and if they find a bug, they can fix it themselves, or ask someone else to fix it.
    With closed source software, like Windows, you are forced to just ask Microsoft if they could fix the issue... which in many cases they just ignore (there are several security issues that are in Windows 11 that have been there since at least Windows 7)

    • @Mitch-xo1rd
      @Mitch-xo1rd 6 місяців тому +1

      This is why all servers use Linux, including much of Azure (Microsoft actually maintains their own distro), any person or group who knows the dangers of proprietary software should avoid it like the plague. Microsoft is forced to share their source code with the US government, so they can develop all the Eternal Blues they want, and Windows will be at the whims of whoever has access to that network, be it spys on our side, or North Korea. Use Linux, and samba to serve your files, it will save you much headache and security.

    • @artu165
      @artu165 6 місяців тому +16

      It works the other way around and the reason why security agencies like the NSA and CIA don't use open source products.
      Because with open source, you can go to the source code itself, find bugs and exploit them.
      One of the requirements to store secret and top secret information is for the device it's stored in to not use any open source code or libraries.
      Specially since other foreign states with almost unlimited resources and some of the smartest security actors could easily find and exploit open source bugs that no one else has found.
      Most corporations and enterprises do the same, you're only allowed to use open source projects if your security team has vetted an open source project and agreed there is minimal risk in using that project

    • @wumi2419
      @wumi2419 6 місяців тому +42

      ​​@@artu165"specially since other foreighn states could easily find and exploit open source bugs that no one else has found" and what makes the argument different for closed source?
      Edit: I would assume that your comment was sarcastic, as claiming that closed source is more secure under a video about NSA backdoor exploit is way too ironic.

    • @C-aFilms
      @C-aFilms 6 місяців тому +17

      @@artu165 your point is self invalidating, if you can read the code to find a bug, someone else can to FIX the bug

    • @InhalingWeasel
      @InhalingWeasel 6 місяців тому +19

      ​@@C-aFilmsExcept that having a state funded dedicated team of engineers tend to find vulnerabilities far more efficiently than a bunch of hippies in their free time.

  • @MarcCastellsBallesta
    @MarcCastellsBallesta 6 місяців тому +3

    The connection between video and the promotion was so smooth...
    Well done!

  • @jamesbenson1809
    @jamesbenson1809 6 місяців тому +108

    So... the root cause is the NSA.

    • @sametekiz3709
      @sametekiz3709 6 місяців тому +5

      yes

    • @sovahc
      @sovahc 6 місяців тому +2

      Root cause is complicated code. KISS

    • @753238
      @753238 5 місяців тому

      BR

    • @kristofferjohansson3768
      @kristofferjohansson3768 5 місяців тому

      Root cause Is a SMB protocol bug.

    • @N1c0T1n3__
      @N1c0T1n3__ 3 місяці тому

      @@kristofferjohansson3768 More like the "SMB protocol RCE suite".

  • @MareWT
    @MareWT 6 місяців тому +46

    For Russian spy anti-virus they helped normal PC users more than those good guys

    • @KonekoPurrrfection
      @KonekoPurrrfection 5 місяців тому

      I find them far more honest and trustworthy then the US government and all its little octopus tendrils.

  • @JacobP81
    @JacobP81 6 місяців тому +4

    11:47 This is why Hungarian Notation is good. If that was used they could have used it to indicate the data type. Unfortunately the language they used didn't inforce the data type of the variable which was the main problem. If the compile warned that the data type didn't match (2 byte vs 4 byte) we wouldn't have this problem. I hope C/C++ compilers are smart enough to catch buffer overflows and type mismatches now.

    • @jonhdoe4119
      @jonhdoe4119 5 місяців тому +2

      C compilers has been catching that kind of bug since decades and C++ completely disallow it without a reinterpret cast. The problem was not the tools, it was the devs who choose to disregard compiler warnings.

  • @bowarc
    @bowarc 6 місяців тому +19

    Insane video !
    It's crazy to think that something like that can exist / be accepted

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +7

      I know, it blows my mind everytime I research something like this. Thanks for watching!

  • @quintrapnell3605
    @quintrapnell3605 6 місяців тому +48

    It’s nuclear proliferation in cyber form

    • @xecoq
      @xecoq 6 місяців тому +1

      Except in this case everyone has a uranium mine, can hide the reactors and can develop their capabilities much faster.

  • @DanielRenardAnimation
    @DanielRenardAnimation 6 місяців тому +11

    So the take-home message was, that a lot of finger-pointing was done to Koreans and Russians, but the *digital rapists at the NSA* are not going to be held accountable, for not only developing this vulnerability, but also, that the lummoxes left out this cookie jar of goodies, for someone crafty enough to climb up on the counter to help themselves to these tasty treats? Yep, the National Insecurity Agency strikes again. Hundreds of billions in damage.

  • @wapuvdvdv
    @wapuvdvdv 6 місяців тому +4

    A part 2 on how an adversary could use the out of bounds memory write to gain control of the computer would be very interesting!

  • @TheKeule33
    @TheKeule33 6 місяців тому +5

    @0:30 Yea, so what? Clean the Drive, reinstall the OS, restore from Backup.

    • @mgsxx
      @mgsxx 2 місяці тому

      Offline time. It’s not always acceptable.

    • @TheKeule33
      @TheKeule33 2 місяці тому

      @@mgsxx fair point

  • @Corteum
    @Corteum 6 місяців тому +21

    What happens if US customers just ignore the ban and go ahead and use VPN's to extend their subscriptions to Kaspersky and download updates for their Kaspersky products?

    • @YoniBaruch-y3m
      @YoniBaruch-y3m 6 місяців тому +8

      Experimental verification of Kaspersky’s benevolence, that’s what happens.

    • @Palaemon44
      @Palaemon44 5 місяців тому +10

      Apparently nothing, because that’s what my brother does and he doesn’t have any problems so far. What Kaspersky does is that they provide their VPN along with the security package. My brother is really cheap and uses Kaspersky because he gets the whole package for $40 a year. Also he isn’t very tech savvy and he likes that if you call the Kaspersky help line you usually have a real person pick up immediately.
      I wonder where their help desk is. He told me that the last two times he called to get support on the renewal the first person sounded Indian, but the second one sounded American.

    • @Corteum
      @Corteum 5 місяців тому +1

      @@Palaemon44 Sounds like a sales advert for kaspersky. 😂

    • @OfLastingThunder
      @OfLastingThunder 5 місяців тому

      I didn't know anything about any of this. Been using Kaspersky for a while now.

  • @Dreamer66617
    @Dreamer66617 6 місяців тому +6

    10/10 graphics and explaination. MORE VIDEOS KEP IT UP!

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +2

      glad you thought so 😊. More is on the way 🚀🚀🚀

  • @diamondblack3776
    @diamondblack3776 6 місяців тому +12

    Offline is the new online (like the 80s)

  • @rejvaik00
    @rejvaik00 6 місяців тому +7

    1 minor correction the NSA is not part of the department of defense they are part of the department of Homeland security or DHS meaning they fall under title 32 not title 10

  • @zFede_Rico
    @zFede_Rico 6 місяців тому +4

    1:40 that one guy in greenland

  • @Bob.Jenkins
    @Bob.Jenkins 6 місяців тому +9

    Why was the NSA never fingered as the *real* source of all the woe that these exploits caused? If, like any responsible organisation, it'd simply informed MS and others of these exploits then a great deal of fear, damage and financial loss could have been been prevented.
    I can, partially, understand the NSA being reticence in reporting the exploits - but weighed against the huge cost to the public and governments for their failure to do it - it's reasons are, to put it mildly, pathetic. Those exploits *would* have been found by others - there's a huge number of people constantly searching for them - and all their delayed reporting did, was give people the opportunity to find them... though I doubt those people thought they'd find them all documented on the NSA's servers.

    • @tannhausergate7162
      @tannhausergate7162 6 місяців тому

      The entire purpose behind the all the three letter agencies is to transform the world into a dystopian wasteland. Why would they try and seek to minimize damages? They are gleeful over every million that gets burned for nothing.

  • @app0the
    @app0the 5 місяців тому +1

    Like this format, great balance of context to be descriptive and meaningful so as not to have to go and look up specific things but also not to boil down to a CS for dummies tutorial. Nice work! Longer videos rather than multiple parts would've been much appreciated too

  • @piratet0aster719
    @piratet0aster719 6 місяців тому +18

    Now it explains why Kaspersky falls under sanctions/ - Thank you Kasperksy team for keeping us protected.

  • @ai_outline
    @ai_outline 5 місяців тому +3

    This video being free is amazing. Great content! 🙏🏼❤️

    • @DanielBoctor
      @DanielBoctor  5 місяців тому +2

      Glad you think so! Thanks for watching

  • @javabeanz8549
    @javabeanz8549 5 місяців тому +3

    Huh, no wonder there were no reports of this malware at the ISPs I worked for back then. I had port 445 blocked the the firewalls.

  • @IndyAdvant
    @IndyAdvant 6 місяців тому +3

    Dude this video is so well done. Tons of history all in one shot. Insta sub.

  • @raxirex6443
    @raxirex6443 5 місяців тому +1

    I've read about this before but never knew how it REALLY worked. Security research sure is an amazing field for those courageous enough to dive deep into uncharted territories

  • @williamrgrant
    @williamrgrant 6 місяців тому +2

    Super well done video!
    I love the visual components to help explain the various copying and data movements.
    Really helps to grasp the concept for visual learners.

  • @JacobP81
    @JacobP81 6 місяців тому +3

    NSA kept information about the bug to themselves instead of disclosing it to Microsoft causing all that damage and lost information. Despicable.

  • @bigbilly29
    @bigbilly29 6 місяців тому +4

    Great video man, cant wait for the next one!

  • @harbinger200
    @harbinger200 6 місяців тому +7

    There is software CIA declared a pain, and its Commodo firewall+AV. Im not sure its authentic, but from experience i can say its tough.

  • @xCheddarB0b42x
    @xCheddarB0b42x 5 місяців тому +1

    Great job drilling down into the nuts and bolts of SMB memory space. Looking forward to part 2 and more. Subbed.

  • @jeremyng1021
    @jeremyng1021 5 місяців тому

    13:50 - if the size has been wrongly shrunk (and thus expanded), why would the arbitrary attacker’s data overflow the NtFeaList buffer, since we expect the NtFeaListSize to be correctly calculated (which im assuming it was reading 4 bytes of the Os2FeaListSize correctly and not the UShort version)?

    • @jeremyng1021
      @jeremyng1021 5 місяців тому

      Ok i rewatched i think it uses the shrunk (by extension, the 2 bytes size) size to be converted to the NtFeaListSize. Am i correct?

  • @Mitch-xo1rd
    @Mitch-xo1rd 6 місяців тому +7

    Love the content man, keep it up!

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +3

      glad you enjoyed! thanks for the support

  • @Ellarian_Liara
    @Ellarian_Liara 6 місяців тому +48

    "every computer" shows macs that weren't affected

    • @Sauceyjames
      @Sauceyjames 6 місяців тому +9

      Shhhh the Apple fanboys might get upset.

    • @RustedCroaker
      @RustedCroaker 6 місяців тому

      Macs just openly funnel all your private data to Apple. No secret backdoor could compete with that.

    • @jonathanhirschbaum6754
      @jonathanhirschbaum6754 6 місяців тому +11

      @@Sauceyjames He is right tho. That should be clearly show affected OS. I dont give a damn about Apple or Windows but this vid is misleading AF

    • @tajo48
      @tajo48 6 місяців тому +9

      Dont forget about linux

    • @Vincent_Beers
      @Vincent_Beers 6 місяців тому +7

      Apple OS is a custom Linux shell behind a paywall.

  • @FluffyFoxUwU
    @FluffyFoxUwU 6 місяців тому

    11:41 pretty sure "-Wincompatible-pointer-types" should prevent it unless SmbPutUshort takes "void*" as first parameter, then i can see why it failed to warn because implicitly cast to "void*" wont cause warning.

  • @joseville
    @joseville 4 місяці тому

    You explain this so well! The order is carefully thought out and you even put asides for relevant topics (e.g. paged pool vs non-paged pool).

  • @daanmageddon
    @daanmageddon 6 місяців тому +27

    Nice vid, very interesting lets see part 2!

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +3

      glad you liked it!

    • @vectorsahel5420
      @vectorsahel5420 5 місяців тому

      Let's see Paul Allen's part 2

    • @daanmageddon
      @daanmageddon 5 місяців тому

      @@vectorsahel5420 Not getting enough attention from the first time you made that comment?

    • @vectorsahel5420
      @vectorsahel5420 5 місяців тому

      @@daanmageddon what?

    • @daanmageddon
      @daanmageddon 5 місяців тому

      @@vectorsahel5420 ​ Sorry, different account, still not very original and it has nothing to do with this thread. Hit ctrl-f and search for "Paul Allen" on this page. Could be coincidence. Still begs the question "what?" your comment has to do with mine. Maybe i missed something?

  • @YokeyDokey
    @YokeyDokey 5 місяців тому +3

    It's called Windows for a reason... it's made of glass and see-through. They can look into your life at will. Then they use the back door to enter.

  • @cpuuk
    @cpuuk 6 місяців тому +3

    If you are wondering why OS2 gets a mention, it's because IBM invented SMB and Microsoft adopted it for interoperability.

  • @PriyavShah
    @PriyavShah 6 місяців тому

    This was so well put together and described. CANT WAIT FOR PART 2

  • @creekmonster17
    @creekmonster17 6 місяців тому +48

    Do we know we're that 2.1 trillion dollars that the Pentagon lost 9/10/2001 is?

    • @stevensons78
      @stevensons78 5 місяців тому +2

      How soon people forget...

    • @LRADtheInhaler
      @LRADtheInhaler 5 місяців тому

      That’s not important… what’s important is that you fear the brown people and pledge your undying loyalty to your new overlords and hand over any and all personal information to them! It’s a new world order after all…

    • @Matt-cn1eh
      @Matt-cn1eh 5 місяців тому

      Yes they went to illegal black projects that operate outside of the president and congress and the public. Dr. Steven Greer and his witnesses proved it all and the there was a national press club event 2021. It’s on his UA-cam and the national press club UA-cam page. These witnesses have sworn affidavits to prove it in front of congress. It’s all there. Plus his whole archive was made public months ago, 20 terabytes available for you. 8-10 hour interviews, still classified documents available for public access cause they were illegally classified and can’t be silenced now. Enjoy there is so much more.

    • @In3xorable
      @In3xorable 5 місяців тому +3

      They know, it's just not popular opinion.

    • @Matt-cn1eh
      @Matt-cn1eh 5 місяців тому

      @@creekmonster17 yes Illegal Special Access project, it’s on Dr Steven Greer website, the national press club events, both the 2001, and 2021. It’s on the National Press Club UA-cam page too. His whole archive is free to everyone world wide including all the still illegally classified documents that they don’t want you to see but you can cause no court will ever support them. Hundreds upon hundreds of first hand accounts, financial data, names, dates. All there

  • @justinofirmino8774
    @justinofirmino8774 6 місяців тому +21

    You didn´t answer the title "What Kaspersky really discoverd". Clickbait.

    • @Shrapnel_Music
      @Shrapnel_Music 6 місяців тому +1

      100% it's just that because they got banned like they should have. It's like a propaganda video really, "oh the protection works and they find stuff", yeah; but they can still be stealing. I noticed a lot of people in the comments don't understand that.

  • @sangeetguha51
    @sangeetguha51 6 місяців тому +5

    As always, great video. I love how you explain things. Eagerly waiting for the next part. Pls keep making such videos :)

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +3

      Thanks for the support! Will do - part two is almost done 🙌

  • @abdosoliman
    @abdosoliman 5 місяців тому +6

    Kaspersky was mentioned like once in the video and it was a comment about the NSA that has nothing to do with content of the video yet they managed to make it all the way to the title.
    Logic
    Kaspersky = Russian = BAD = Must Watch 😀

  • @RaD-re6kb
    @RaD-re6kb 6 місяців тому +1

    you have a great knack for making complex topics fun! ‍♂️

  • @RonKan69
    @RonKan69 5 місяців тому +2

    12:30 I don't understand why this doesn't happen with a non-malformed packet if it treats the size of list as a word anyway, and how 0000 turns into FF5D there

    • @DanielBoctor
      @DanielBoctor  5 місяців тому +2

      Ah, good question. if you send a non-malformed packet, the SizeOfListInBytes shrinking process will *not occur* at all. The shrinking process only happens in response to a malformed packet, when the FEAs extend beyond what was expected, based off the value of SizeOfListInBytes. With a non-malformed packet, the SrvOs2FeaListSizeToNT function would have *only* performed step 1, as it would have no reason to move onto step 2, as mentioned @ 10:30.
      Hopefully this makes sense!

    • @RonKan69
      @RonKan69 5 місяців тому

      @@DanielBoctor Oh I probably missed the part where it considers it a word only in the shrinking process. Thanks for the reply!
      I'm still confused about how it detects it being malformed, just a simple "SizeOfListInBytes -= SizeOfListInBytes % FeaSize" operation?
      edit: ohhh I get it now

  • @AdmiralBonetoPick
    @AdmiralBonetoPick 5 місяців тому +18

    Wait, so this video is called "What Kaspersky really discovered", but you don't mention Kaspersky once in the video. Did you just click-bait us?

    • @SolRojo_
      @SolRojo_ 5 місяців тому +5

      You misunderstood, the whole video talks about what kapersky discovered about this attacks and the NSA

  • @dltsabatino
    @dltsabatino 6 місяців тому +5

    You think these bugs were accidental?
    You think that’s air you’re breathing? Hmm.

  • @illia2492
    @illia2492 5 місяців тому +3

    First mistake was inviting KGB agent to your computer installing Kasperski...

    • @b44rt
      @b44rt 5 місяців тому +9

      Haha how is the war going 😆

    • @randygraham926
      @randygraham926 5 місяців тому +3

      Are you guys still winning? Z elensky looking a little anxious these days.
      🤣

    • @i_cri_evertim
      @i_cri_evertim 5 місяців тому

      Found the NSA agent 🤣

  • @user-hr2zt9gd1l
    @user-hr2zt9gd1l 6 місяців тому +2

    Awesome video!
    At 12:34 you said the size may be enlarged instead of shrunk. How is this possible, considering that the low dword is shrunk and the high dword is unaltered?

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +7

      ah, good question. it is able to be enlarged instead of shrunk because the lowdword is *not always* shrunk. it could be enlarged, depending on the exact values being used. let me explain:
      Let's put the hexadecimal digits aside and just focus on regular base 10 numbers. Imagine you want to shrink the number 20 down to the number 15. If you froze the first digit (the '2' in 20), but allowed the second digit to change (the '0' in 20), you would end up with 25, instead of 15. this is because the 2 remained a 2, whereas the 0 was turned into a 5. does this make sense?
      the unfrozen, right hand digits could very well end up being a larger value, so long as you shrink the original number by an amount so large that the frozen, left hand digits also need to drop down.
      hopefully this makes sense!

    • @user-hr2zt9gd1l
      @user-hr2zt9gd1l 6 місяців тому

      ​@@DanielBoctorthanks for the wonderful explanation. I hadn't noticed the underflow :)

  • @spirotheoriginal250
    @spirotheoriginal250 6 місяців тому

    someone who finally explained in detail, you gained a loyal sub waiting for part 2

  • @shutsz
    @shutsz 6 місяців тому +4

    you got me with the cicada 3301 music

  • @banyanyas839
    @banyanyas839 6 місяців тому +19

    Damn gotta buy some Kaspersky now

    • @larryc1616
      @larryc1616 5 місяців тому +3

      Adolf putin thanks you 🎉

    • @NitroDS
      @NitroDS 5 місяців тому +2

      why would you deliberatlety give a program you didnt write yourself level 0 acces in the kernel?

    • @DaveSmith-cp5kj
      @DaveSmith-cp5kj 5 місяців тому

      @@larryc1616 Ukraine has the neo nazis not Russia.

    • @hevnet
      @hevnet 5 місяців тому +3

      ​@@NitroDSSkibidi toilet brrr yes yes

    • @Peglegkickboxer
      @Peglegkickboxer 5 місяців тому

      ​@larryc1616 worship your masters on Wall Street serf. You will own nothing and be happy.

  • @PowerPot
    @PowerPot 6 місяців тому +3

    Thank you so much for these type of videos!!

    • @DanielBoctor
      @DanielBoctor  6 місяців тому +1

      of course!! glad you like them. thanks for the support

  • @ryandixon8202
    @ryandixon8202 6 місяців тому +2

    I feel like you end this video early, where is the part where you relate this to kaspersky? or did you just use the name for the clicks as it’s a hot topic right now. regardless though really good explanation of this exploit

  • @crossed6577
    @crossed6577 5 місяців тому

    ¡Gracias!

  • @Renee-b5b
    @Renee-b5b 3 місяці тому +2

    More and more people might face a tough time in retirement. Low-paying jobs, inflation, and high rents make it hard to save. Now, middle-class Americans find it tough to own a home too, leaving them without a place to retire.

    • @CheriFanizza
      @CheriFanizza 3 місяці тому +2

      The increasing prices have impacted my plan to retire at 62, work part-time, and save for the future. I'm concerned about whether those who navigated the 2008 financial crisis had an easier time than I am currently experiencing. The combination of stock market volatility and a decrease in income is causing anxiety about whether I'll have sufficient funds for retirement.

    • @franklyn-z1k
      @franklyn-z1k 3 місяці тому +2

      Certain Ai companies are rumoured to be overvalued and might cause a market correction, I’d suggest you go with a managed portfolio, but even those don’t perform so well, so it’s best you reach out to a proper fiduciary to guide you, that’s what works for my spouse and I.

    • @Tommyp-w1b
      @Tommyp-w1b 3 місяці тому +2

      this is all new to me, where do I find a fiduciary, can you recommend any?

    • @franklyn-z1k
      @franklyn-z1k 3 місяці тому +2

      'Grace Adams Cook' , is the licensed advisor I use. Just research the name. You’d find necessary details to work with a correspondence to set up an appointment.

    • @Tommyp-w1b
      @Tommyp-w1b 3 місяці тому

      Thank you for the lead. I searched her up, and I have sent her an email. I hope she gets back to me soon.