Note on the "Kia Boyz" use of USB cables. They aren't using the cable like you would to transfer any kind of data. The hole on the USB A cable (the part that plugs into the computer) is just the right size to fit over the undefended part on the ignition lock, letting them use the end of the USB cable as you would a key. You could use a pair of pliers to grip the ignition lock, but it's not really seen as normal to be carrying a pair of pliers around, whereas it's seen as pretty normal to be carrying around a USB cable for your phone.
The Donut video they show a clip from was pretty interesting... but this is a US / Canada thing as far as I can tell, Kia's have factory fit immobilisers as standard in the EU and UK.
Hey so I just want to point out that if your "secure device" can be broken into by something that an electronics beginner can make and learn to use in a week, you shouldn't get to call it "secure". Banning this tech is not the solution, even if they found a way, it's too easy for criminals to just make the damn thing on their own, and criminals are notoriously lax in their adherence to laws so a piece of paper in parliament saying they aren't supposed to isn't going to slow them down much. The problem is not that this thing exists, it's that the technology around us lacks basic physical security that leaves it vulnerable to whatever random tools anyone happens to make. Imagine securing your house with a lock that opens if you buy a blank key and twist hard. Would you advocate for the restriction of blank keys, or demand that the lock maker make a lock that actually locks?
To be clear, an SDR is very different than an MCU + transceiver. For most use cases a transceiver is more than enough, but it *would* be hard for someone to cobble together an SDR. An MCU + transceiver is much easier to cobble together...but you would still need to create software for it. I personally have spent about 6 months writing my own software for a CC1101 and ESP32 and upstreamed numerous pulls to Radiolib as I go. I still owe the maintainer there my methodology for refilling the tx FIFO to send packets up to 255 bytes long (a capability laid out in the CC1101 datasheet and design notes but much harder to implement)
What would you categorize these devices as then? A hammer can be used to break into a car in a matter of seconds, plus you can kill with the hammer. Its all about intent on what the users is gonna do with the device. Its like double edged sword, you gotta be able to teach about security some how and when you do teach about it the people then can use that knowledge for good or bad, its all up to their intent on what they want to do. The lock is suppose to deter away from someone from easily entering, its not 100% secure proof, you want that then bury your house underground and use a one of them vault doors that banks use.
We used HackRF's in one of my previous jobs. We used it to emulate FM radio to test radio equipment. It was really useful because we were able to automate our testing with it.
As someone in the SDR (software defined radio) community, there's absolutely nothing that can be done to stop people from buying such devices. For instance, the popular RTL-SDR "hacking" tool is just an old USB TV tuner.
@Icefumy Yeah, but it's really hard to compete with the $5 RTL-SDR, even though it's receive only. Don't get me wrong, do like my HackRF too, it's one of the cheapest non-DIY SDRs with a transmitter. But the 8 bit ADC resolution isn't great for the price, in hindsight I kinda wish I'd leapfrogged it and gone straight for a BladeRF or LimeSDR.
Just just ban people from watching TV! Such that they can't buy an SDR. 😆 Now jokes aside: the mainstream media (including TV stations) do quite a lot of fear mongering and are one reason why governments make these stupid decisions.
@@charmio Banning them would also severely hamper research My research involves using half a dozen hackrfone Why do I use these Simple they are cheap and work well If these type of customer grade solution didn't exist my current setup could easily cost 100 times more
@@Icefumy So? With a $2 CC1101 and a $5 MCU I can transmit/receive from any car fob frequency. Fact remains some skid buying these won't be able to do anything, there is a knowledge component.
Car manufacturers don't bother with security so your car doesn't get stolen, but they love "security" by locking down the cars electronics so it is impossible to repair... What a great industry
Another point against ban: Hackrf is a very low powered radio, meaning user w/have to get pretty close in default hardware state. Much more powerful options out there for jam problems. You can even turn a raspberry pi's GPIO pins into a transmitting radio antenna, so there's that - and no one is going to ban raspberry pi. Those causing jamming can be tracked, and in the US w/receive heavy fines. Great video Linus!
My country made concealed carry of firearms illegal in the 90s. The result? No criminal carries firearms because if police stops them and pats them down, possession of a concealed firearm is enough to send them to jail for at least a year. And most long time criminals are known faces to the police so they can't even get a licence to own and carry a gun openly. In the past 20 years, there has been almost zero crimes performed with guns.
Also government in a nutshell: *refuse to hold mandatory bi-decade security training so the 50+ with admin privs doesn't open an email riddled with malware because they didn't check the address, in fact, wasn't their coworker sending them a file*
Loved the reference to Brazilian jails there. The guys living in them are present day McGyver's, only reason why they haven't gone to the Moon yet is that they can't be in the yard unsupervised
Great conclusion! Car Manufacturer security is laughable. Some basic regulations forcing them to do the minimum would solve most of the problem. But they get to lobby to make it our problem instead.
It can't even be called security tbh. Still, things like car locks are a uniquely hard challenge. If it was me, I'd have just ditched the remote and integrated biometric scanners into the handles.
The latest Range Rover can be broken into in about 1 min. All you need to do its pop the mirror glass off the passenger door and rip out a specific wire from the Mirror Adjuster. Why...... Because its a freaking CanBus wire and gives you direct access into the cars network. Cant believe they thought it was a good idea to put a Canbus wire on the outside of the car. Its a bit like leaving your house keys under a flower pot by the front door.
@@TheSaabClinicUK The fact that basically every car is still CanBus blows my mind. It's such a vulnerable protocol. Especially with the way the Auto industry implements it. It's the most lazy and amateurish approach that dates back to the 80s. Irks me to no end!
These tools are absolutely a good thing. If you can't safeguard vital technology and assets against cheap technology that can be built at home or purchased so easily, how are you ever going to harden them against determined individuals and nation states. It's great for IT and security professionals to be able to test their own systems and for people to learn. You could make purchasing pre-built devices like this licensable like amateur radio is - where you have to prove you have an understanding of how they work and what is/isn't ok to do with them, or tie them to a business entity, but don't ban them. Blaming poor security on tools like this is like saying it's okay to not have locks on your door because people shouldn't just walk in.
"Why don't they just ban these things". Its already illegal to use it in those certain ways ... making it "more illegal" does nothing but restrict legit uses
@@ferretsmiles I can take some transistors from inside a microwave and build a jammer or run the microwave with the door open to watch youtube in 144p. Now are microwaves illegal? Right. The law is built to suck 💩not serve people right.
Most big WiFi vendors offer a function to "isolate rogue AP's", which is actually the same type of deauth attack and basically illegal to use. One supplier of event WiFi actually got a hefty fine from the FTC for using it to prevent people from using hotspots.
@@Maxoverpower I know he can, but he doesn't break character by doing it on camera :p (except that one video not too long ago where he just stares at linus for a few seconds, then goes "....dad?" which was very funny)
To get around UK selling laws of these kinds of tools, you can buy "soldering practise kits" that once you've "practised" soldering all the provided components onto the supplied circuit board you have a a functional "Grabber".
IMHO whoever wrote the script for this video is really good. I like the amount of scene changes, the little story, when Linus takes someones stuff away. Even the acting in this video was better than usual. Really the script writer of this video today should be used more often. (this compliment is of course very subjective and comes from someone who hasn't written a script himself (me)). Good job.
Those Honda and Kia situations are just unacceptable on the part of the manufacturers. If you've produced modern cars with security that lax, you should be issuing a recall and fixing it for free.
@@74rocktiger74 In the video they mentioned that the 2020 Honda CRV is the most stolen vehicle in Canada because of it's bad security. That's what @0xTJ was referring to.
Its a front end for SDR. You can do the same things and more using a laptop, OpenSDR software, and any number of radio transceivers including HackRF. You can do a lot of this illegal stuff using a $20 RTL-SDR transceiver and a laptop, if your signal of interest is less than 1.75 GHz. You do not need to spend $300+ to try out hacking your car door. But the HackRF One is a pretty good radio if you have the money.
If you operate stuff on licensed RF spectrum and you've got interference issues breaking your stuff... tools like this are highly valuable when raising the point to authorities to get things cleared up, or get a new frequency allocation.
Should this tech just be available to everyone though? I mean if everyone can just walk around with powerful RF jammers I can imagine that would make your job harder as well
@@zwenkwiel816 That's part of the point, anyone can do so. These tools make it slightly easier but they aren't specialized hard to find equipment. Antennas, small mobile computers etc aren't new nor hard to acquire
@zwenkwiel816 I don't feel restricting dual use technology behind government red tape will make it any better. Very few places could rapidly pinpoint a jamming source anyway. So, in my mind, it's more like making jaywalking illegal. Sure, jaywalking isn't legal, but it's also impractical/ impossible to enforce. It simply plays a factor in liability after the car hits you. It's already illegal to use this stuff for harm. Making it harder to get just hinders people gaining the skill set to combat and identify bad use.
@@zwenkwiel816 Hackrf is a low power radio, and isn't going to cause issues unless user is right in front of camera (literally). To jam a camera (also made video demo recently), it has to practically be up near it. Itt finishes with the right call: it's much better to beef up security, than restrict future generations from an amazing tool for studying radio. And, there are measures like wired cams that fix the wireless jam issue). Either way, much more powerful jammers are available to those ppl. To any thinking about it: DON'T do it. Ppl using them can easily be tracked. And commonly are. Big fines and more.
On a separate note from my other longer comment. I agree with the probably best solution to all of this. People in general all over need to beef up their security. And in an ironic twist of things, that means more people having devices like these. Not to attack each other over airwaves mind you, though some might. But to give you that ability to fight back if need be, but overall mostly just give you peace of mind that you can look for things that might become issues, and be preemptive about. For instance, if you know you have a device that is probably a security issue, you can use of these devices to find the flaw. Then from there, you can add a better shielding to it, or some other trick that fixes the issue(s). And from a travellers stand point, there are problems with spy cameras that need to be found. These help with that too. Being able to find the random RF bleeding from infrared and other spy cameras used is pretty useful in being able to tell the hotel management they need to do a sweep of their rooms, after you block the view of every camera that shouldn't be there in your room only. (Anything outside that room becomes a potential legal issue on your part maybe.)
Of all the surveillance videos I've seen online of cars being stolen wirelessly, none of them seem to be using these common tools. You can almost certainly make more effective tools when they're specialized for a purpose.
I actually use a HackRF One (not this model with the display and battery) to pull in ADS-B data on flights, as I’m an aviation nerd and live right between Chicago International and Mitchell International, so there’s lots to see. Along with my more local airport becoming a hub for Amazon and other freight flights. Even better, there’s a regional airport in the area too, where some of the aircraft going in and out still have ADS-B transponders. I also use it for downloading images from weather satellites, listening to amateur radio communications, and FM radio listening (rarely). It’s a very flexible and robust tool. I’ve never used its transmitting capabilities, though. You can use them for amateur radio communication when licensed (in the U.S., by the FCC). But I don’t have my amateur license.
this sounds fascinating! i've only recently started taking interest in how radio frequencies are still so relevant to modern life and started gaining interest in things like SDR etc. you have any channel/video recommendations for this kind of thing? i live not super far from JFK/LGA so i'd be curious what i could check out.
@@itsjustcavan I am/was in the same boat a few years ago, and now I have 3 rtl-sdr variants, 2 knockoff rsp1a devices, and 1 1/2 hackrf ones (one in a portapack, the other half dead until I replace the burnt out tx AMP). My point is this: Careful, it is addicting, and you too may have connectors, antennas, and just radio stuff everywhere! 64ft wire strung through the trees to hit some shortwave on the rtl? Check. Parabolic antenna in the backyard, feeding GOES16 data to a laptop, to have every 30 minute half world weather snapshots? Check. In all seriousness, one of the first things that's EASY to do with SDR is ADSB stuff -- and it's super neat. Another program to look for is RTL_433 -- it has built in decoders for many many devices that 'talk' on 433mhz - weather stations, TPMs sensors, etc, etc. These are great starting points for digital stuff, but it's also super interesting to plug it in, and fire up an SDR application of your choice (sdrsharp, sdruno, sdrangel, etc) and just -- play with it. You'll be confused (i am still confused, but have learned a TON by just... doing it) but things will click, and it will become *that much* more interesting. It's everywhere, there is so much stuff in the air around you, that if it were in the visible wavelengths, we could not see feet in front of us. It changes how you look at the world.
Over the years many of my trinkets and tools have been replaced with newer versions or upgrades... except for my HRF. That's one tool that just keeps on giving, regular updates with more and more added features. It is one of the best purchases I made.
"Unfortunately the guard took away my cat5 cable, and theres no wifi... But luckily we managed to get this brand new Z-Fold 6 in via my prison pocket! If you don't mind the sharper edges while sneaking it in, this will make a GREAT cellular wifi hotspot. Full review coming when I'm out in 2035!"
There is actually an active recall by KIA too fix unprotected ignition actuators, and they will be correcting the problem on all new models starting this year. A major issue is that most car owners ignore recall notices when they get them instead of doing their part of the bargain and actually taking the car in for the work despite it being totally free and merely costing them a bit of their time. I got one for my truck a few years ago and took it in immediately to get checked out because it was listed as "potentially effected", sure I wasted a couple of hours on a saturday afternoon waiting around at the dealership while they took things apart and inspected the parts, but it was worth it to find out that the parts that were potentially bad were completely fine and that as a precaution they'd replaced the sway bar bushings tie rod ends and hub knuckles (about $1500 worth of parts) for free just to be sure. So the moral of the story is: when you get a recall notice from the manufacturer of your car deal with it immediately and get the work done as soon as possible instead of putting it off until the next time you're at the dealership for an oil change or just not doing it at all.
Manufacturers got so excited making as much stuff as they could go wireless, that they completely neglected security in the process. The same thing happened with wifi, when everyone got hung up going wireless that they neglected security and completely forgot everything they learned from 802.3 networks about the downfalls of a shared medium. Everyone who introduced wireless technology acted like they're the only person in the world using the spectrum. That's all we're seeing here. Designers who should have known better, but took shortcuts because they wanted to get ahead of their competitors.
I'm a hardware engineer and embedded programmer. I design smart card readers for a living. Mostly for payment application. There are strict standards in terms of security when it comes to that sort of equipment, because it handles money. I'd love to see similar standards for a lot more equipment, because they tend to be lacking.
Hahaha, I used to work on building smartcard controllers. I was actually on the configuration software, but I knew the embedded programmers. Our stuff was actually designed to be fairly secure. There were no regulations for that. I'm not just talking about Canada and the US. I say fairly secure because there were some things out of our control. Like the keys themselves, and LonWorks network protocol. We worked around the limitations of LonWorks protocal a bit by doing things like adding our own encryption on certain settings. We were absolutely not allowed to call the keys FOBs. A FOB is the device that usually extends and retracts that attaches a key to something like your belt.
@@Hanneth Well we also make access control readers. There's 0 regulations on those. When there is, it's a specific client's requirement. There's worldwore regulation only on the payment readers.
Hey, I used to be in the smartcard field too. SIM, to be exact. I'm one of the first people to implement 5G to SIM OS. Before this, I wrote firmware for SSDs and HDDs.
@@bassyey know any good resources for SIM applet development? For whatever reason, finding a decent documentation for the STK/CAT libraries is impossible :(
Great video. Thanks for shedding some more light on the Kia Boyz. It’s STILL a massive problem in Milwaukee, WI. Kia still thinks they can quietly address it.
8:42 the Hyundais and Kias in question were easy to steal because Hyundai/Kia didn't equip them with any sort of ignition immobilizer technology whatsoever.
It's a part that would be insanely cheap in bulk to implement into the cars, they cheaped out, even if you get one installed they only cost $50-100 for the part and install. So it's at worst a $20-40 part. No excuse why not to include that into a full sticker price.
It is also hard to ban those gadgets. You ban the whole thing, they will sell it in parts. You cannot ban things like antenna. You can deliver it without software. You can even write on website, that it is illegal to buy the parts together (noone will care). And if you just have it at home, your legimate use could be something like testing your security system. Crime is illegal and people do it, if you make it more illegal, nothing will happen
Speaking of lax security, it's now 4 months later and VW just had a massive data breach where the location of some 800 000 cars were leaked, in some cases along with personal information, had been available for months for the aforementioned ne'er-do-wells. One should also ask why car companies feel like they need to collect this information in the first place.
I want a full blown Linus vs Employees hack competition against each other! How many ways can you (not maliciously) prank each other, or make it a CTF style competition!
I've had a HackRF for years - and kudos for showing the Mayhem firmware! - and these things are great. From optimising my home Zigbee network, to finding interference sources, there is just nothing else like it available. It helped me figure out that when using a certain Zigbee channel, my HyperX wireless headset dongle would 'seek' for the headset while it was turned off - which caused massive packet loss on the Zigbee network. Change Zigbee channels, and presto - no more interference. I can't think of any other way I would have been able to figure this out!
I got that D-Stike watch as a Christmas gift from my brother. First off being into computers is NOT the same as being a hacker! Second I showed it to a cop I know and his reaction was, "Well it isn't illegal to own it... just to ever use it"
i just had a thought, and im just cookin' here, potato batteries still work underground, we use these devices plugged in to growing potato batteries buried in dirt and essentially build potato powered emp's that nobody can find, and we put these under every Starbucks nationwide and their customer base disapears because they cannot maintain wifi. our corporate overlords overtaken by potatoes. Glados was onto something the whole time.
Honestly glad you made this one. As an ex cyber security individual too much is put on "bad actors" and less so on manufacturers. Lets save pennys on the dollar and compromise security of our product then Blame bad actors for discovering the fact is the industry norm.
Oh man, this can get you into a lot of trouble already. ISED here in Canaderp is the group that deals with radio signals and frequency allotment. As a Canadian HAM nerd, they don't like it when you transmit on frequencies you aren't allowed, with tech that isn't approved as being certified, and transmitting without a license. Knowing ISED they will put the onus on the end user. Anyone in Canada can legally purchase a HAM radio and listen with it, but you break the law the moment you key up the radio on any frequency without a license. All the companies refused comment because they know this products are illegal or in the greyest of the unknown legal zones! And that antenna you were talking about is called a Yagi-Uda or just Yagi, they are extremely easy to make, I made one for the 2 metre ham band for contacting repeaters on the ISS and other various HAMSATs up in orbit. They are basically high gain, extremely directional dipole antennas. If you really like these tools I highly suggest you check out the TINYVNA and TINYSA I am almost sure the TINYSA (spectrum analyzer) might have some nifty nefarious uses too!
as a pilot, i saw some transmit modes that our planes use to transmit crucial information such as position, heading, and altitude. that is some SCARY illegal stuff.
As a network engineer a tool like this would be so useful for tracking things like wifi coverage. Seems like any professional tool that can show the radio traffic of an area is prohibitively expensive and reliant on a piece of crap proprietary software.
Sadly, the bandwidth on the HackRF just isn't there to be able to monitor channels wide enough for wifi. You're going to need to head up a few price points to be able to do that.
@@CRCinAU Yep any SDR that connects over pcie and has enough resolution and capability to monitor large bandwidth is at least 500$ or more as a baseline, easily jumping into 2000$ plus for good ones.
The Hack RF is actually a pretty commonly used gadget for Amateur Radio enthusiasts. All of those guys are licensed by the FCC and have their addresses readily available to the government… so most “hams” aren’t super thrilled with doing illegal stuff.
3:05 "a directional fm antenna similar to the kind that was found on home rooftops in the 20th century" I BEG your pardon, arent those still common ??😅
Well a piece of metal can be of many uses, what other use can you have for a hacking tool? Because "educational" is not good enough of an excuse for me, I mean you can learn but shouldn't be testing it on actual people's stuff, I'd hate for my neighbor to try out these things and really inconvenience me because he wants to learn something.
The UK has certainly tried. So strict are their knife bans that a plastic Mastersword fidget toy was enough to get someone sent to jail for a year. Meanwhile London is still the stabbings capital. And those who do commit stabbings (or worse, and let's admit, there's a lot worse), get jailed for less time than that. But racialized policies often introduce such inconsistencies.
@@darkceptor44as Linus said in the video, it can be used to find flaws in your wifi and Bluetooth connections as well as security breaches. A pencil can be used for writing 99.999% of the time but someone always manages to get stabbed with one sometime.
As a cybersecurity person, I hope you make more of these types of videos. Goes to show you how laughably bad manufacturers are when it comes to security.
The HackRF is an amazing SDR, and the Portapack is an insane piece of hardware. I have both, a lot of fun, and you can do a lot with them, especially due to the versatility with it's options and frequency range, you can use it for countless applications.
@@firstname4337 honestly, yes.. The one Mel Brooks movie that i actually havent seen yet for some reason. (Rather silly actually, as i can recite every line in Space Balls and Men in Tights from memory)
Security is such an afterthought for most companies that it really should be on them to fix. I feel it is getting even worse lately now that so many cars are coming out with a cellular connection and an app. The manufacturer will probably stop supporting "older" vehicles after 5-10 years even though most cars live 2-3x as long as that. Similar to online video games obsolescence is a big issue here. You have often discussed what happens when your video game breaks because the developer shuts down the server. What will happen to your Full Self Driving purchase when Tesla drops support for the model year of your car or your heated seats when BMW decides it isn't worth the cost keeping the authentication server running?
@@bobowon5450Crimes are there in order to have a legitimate reason to punish and reform individuals who commit them. But banning tech that enables the crime will only make it harder for people to test them out. I am unaware of any cyber crime having been lessened by banning those products. It's not the same as banning guns since those can be used by anyone, these things are only usable by people who are very technical. These device bans only make inaccessible to the average person and law-abiding people.
I heard from a seller there's an unofficial ban in RU of the HRF's, so sellers send them in partially assembled kits and they get through customs. Car manufacturers don't have an excuse, especially considering how old the HRF is. Some are STILL vulnerable to even simpler attacks than rollingpwn. There's software mods for the quansheng handheld radios that allow for simple capture and replay. There's no "tools" on it... you just have to know how to use it.
I have to agree with Linus's conclusion here. A crowbar can break into a house, but we're not blaming crowbar manufacturers for people breaking into houses
Now I want to see a joke video featuring Linus reviewing LTT screwdriver on how much it easier to break into other people's properties using LTT screwdriver.
I just want to say that the moral lesson at the end is so beautiful. It is not the tools fault it is the users! I feel the same about owning guns, even though I don't have one, but I might conceal-n-carry in the future. God bless you guys and great video.
7:30 The correct thing for GSG to do would have been, "We politely decline. But we know you'll probably put this email on your show, so here's a 5% off coupon code!" 😁 Hehehehe.
Try the Ettus B210 the next time. It's a software defined radio which was made for professionals. It Supports parallel transmit and receive at the same time. You can even create a prive mobile network with it to use old phones as SIP phones on the network.
10:00 EU should force automakers to open source all of their security protocols. (This seems to be where EU is at these days. Doing things that are "common sense" like USB-C, when US doesn't want the negative publicity.) EU could say, "open source all your security protocols now, and fix bugs as they are found, and be liable for them too".
Why force better security, which involves making big companies upset, when you can go after the low-hanging fruit of attacking small manufacturers of devices whose legitimate use cases overlap into the nefarious.
Love the conversation. I like keeping it in the "tools" category. Same can be said for allot of things like knives in the UK or guns in the US. Criminal actions need to be more consequential rather than letting everyone off to do it again. Keeps people more honest knowing they can't make a plea deal to get out of everything.
He on a roll recently. Something really rubbed him the wrong way, probably the same thing that has been festering with a lot of people. The whole as a service thing escalating. Companies just expecting everyone to accept there product is hot garbage. Things gone down the drain recently. Mostly to greed. More extreme than they did in prior decades as well. I smell the general sentiment of setting sail in the sweaty waves of the internet. Last time it smelled so sweaty, Half-Life was the new hot stuff.
Note on the "Kia Boyz" use of USB cables. They aren't using the cable like you would to transfer any kind of data. The hole on the USB A cable (the part that plugs into the computer) is just the right size to fit over the undefended part on the ignition lock, letting them use the end of the USB cable as you would a key. You could use a pair of pliers to grip the ignition lock, but it's not really seen as normal to be carrying a pair of pliers around, whereas it's seen as pretty normal to be carrying around a USB cable for your phone.
@@CAMintmier carrying around something like a leatherman multitool is very feasible and consealable
The Donut video they show a clip from was pretty interesting... but this is a US / Canada thing as far as I can tell, Kia's have factory fit immobilisers as standard in the EU and UK.
often the USB cable is already in the car since people use them for their phones and leave them in there.
I mean, they should be using thumbdrives instead of cables. Smaller.
Lets ban USB cables because they are a worrysome hackertool!
I call it the Anti-HackerNoodle Bill.
/s
Hey so I just want to point out that if your "secure device" can be broken into by something that an electronics beginner can make and learn to use in a week, you shouldn't get to call it "secure". Banning this tech is not the solution, even if they found a way, it's too easy for criminals to just make the damn thing on their own, and criminals are notoriously lax in their adherence to laws so a piece of paper in parliament saying they aren't supposed to isn't going to slow them down much.
The problem is not that this thing exists, it's that the technology around us lacks basic physical security that leaves it vulnerable to whatever random tools anyone happens to make. Imagine securing your house with a lock that opens if you buy a blank key and twist hard. Would you advocate for the restriction of blank keys, or demand that the lock maker make a lock that actually locks?
To be clear, an SDR is very different than an MCU + transceiver. For most use cases a transceiver is more than enough, but it *would* be hard for someone to cobble together an SDR. An MCU + transceiver is much easier to cobble together...but you would still need to create software for it. I personally have spent about 6 months writing my own software for a CC1101 and ESP32 and upstreamed numerous pulls to Radiolib as I go. I still owe the maintainer there my methodology for refilling the tx FIFO to send packets up to 255 bytes long (a capability laid out in the CC1101 datasheet and design notes but much harder to implement)
Amazing point and analogy
What would you categorize these devices as then? A hammer can be used to break into a car in a matter of seconds, plus you can kill with the hammer. Its all about intent on what the users is gonna do with the device. Its like double edged sword, you gotta be able to teach about security some how and when you do teach about it the people then can use that knowledge for good or bad, its all up to their intent on what they want to do.
The lock is suppose to deter away from someone from easily entering, its not 100% secure proof, you want that then bury your house underground and use a one of them vault doors that banks use.
Fun fact: 99% of home locks aren't much better than what you described
"criminals are notoriously lax in their adherence to laws" Now THAT is a take.
I didn’t wake up thinking I’d hear Linus saying Skibidi toilet today
I didn’t wake up thinking I’d see Linus improvising as Andrew Tate too
Linus is fr goated skibidi ohio mewing bateman sigma, no cap.
what the sigma fr
I didn't wake up thinking id ever hear skibidi toilet. I knew about it prior to today but it's so dumb.
Skibidi Toilet and a Andrew Tate being arrested reference?
💯💯💯💯💯
And hey, nice profile pic of Nezuko-chan! :)
10:10 instructions unclear, raided Squarespace hq, didn't find any incriminating evidence of rf hacking
Lol
Can't wait for Linus to Zoom in from prison on the next WAN Show.
He said he might be doing a show with the rcmp so it could happen
I imagine Canadian prisons are like 5 star resorts.
@@bglad09 far from it, Canada is basically just the states but poorer unfortunately.
Or from an unspecified location.
@@John.._ Canada is not the same as the States. The prisons are similar though.
We used HackRF's in one of my previous jobs. We used it to emulate FM radio to test radio equipment. It was really useful because we were able to automate our testing with it.
As someone in the SDR (software defined radio) community, there's absolutely nothing that can be done to stop people from buying such devices. For instance, the popular RTL-SDR "hacking" tool is just an old USB TV tuner.
HackRF One has much wider range than said RTL-SDR based radio's, though. (About 3-5x the bandwidth). Then again, It's also much more expensive.
@Icefumy Yeah, but it's really hard to compete with the $5 RTL-SDR, even though it's receive only.
Don't get me wrong, do like my HackRF too, it's one of the cheapest non-DIY SDRs with a transmitter. But the 8 bit ADC resolution isn't great for the price, in hindsight I kinda wish I'd leapfrogged it and gone straight for a BladeRF or LimeSDR.
Just just ban people from watching TV! Such that they can't buy an SDR. 😆
Now jokes aside: the mainstream media (including TV stations) do quite a lot of fear mongering and are one reason why governments make these stupid decisions.
@@charmio
Banning them would also severely hamper research
My research involves using half a dozen hackrfone
Why do I use these
Simple they are cheap and work well
If these type of customer grade solution didn't exist my current setup could easily cost 100 times more
@@Icefumy So? With a $2 CC1101 and a $5 MCU I can transmit/receive from any car fob frequency. Fact remains some skid buying these won't be able to do anything, there is a knowledge component.
Car manufacturers don't bother with security so your car doesn't get stolen, but they love "security" by locking down the cars electronics so it is impossible to repair... What a great industry
my vehicle security, is a 95 silverado stick shift
That FBI agent in the thumbnail isn't arresting Linus, he is doing something else.
Dude, I came here just to mention, how creepy af he is😂
Linus is a good man in a cruel world....
Nah man, that sussy as hell
What are you doing step-agent UwU
My man, we are in the upside down world where even the police or some member of the spy force or your neighbor can do it for him.
Another point against ban: Hackrf is a very low powered radio, meaning user w/have to get pretty close in default hardware state. Much more powerful options out there for jam problems. You can even turn a raspberry pi's GPIO pins into a transmitting radio antenna, so there's that - and no one is going to ban raspberry pi. Those causing jamming can be tracked, and in the US w/receive heavy fines. Great video Linus!
Government in a nutshell: "It's now illegal. problem solved"
Then 5 years later; "It's legal, and taxed. Problem solved."
Then 1 comment later: "Dissident voices have been jailed. Problem solved."
Sheepish Citizen in a nutshell: "Way to go Government!".
My country made concealed carry of firearms illegal in the 90s. The result? No criminal carries firearms because if police stops them and pats them down, possession of a concealed firearm is enough to send them to jail for at least a year. And most long time criminals are known faces to the police so they can't even get a licence to own and carry a gun openly. In the past 20 years, there has been almost zero crimes performed with guns.
Just like minimum wage 🤡
Also government in a nutshell: *refuse to hold mandatory bi-decade security training so the 50+ with admin privs doesn't open an email riddled with malware because they didn't check the address, in fact, wasn't their coworker sending them a file*
Loved the reference to Brazilian jails there. The guys living in them are present day McGyver's, only reason why they haven't gone to the Moon yet is that they can't be in the yard unsupervised
Great conclusion! Car Manufacturer security is laughable. Some basic regulations forcing them to do the minimum would solve most of the problem. But they get to lobby to make it our problem instead.
Yep. Esp since the ones making the decisions are largely immune to any negative consequence of those decisions that crush the regular folks.
It can't even be called security tbh. Still, things like car locks are a uniquely hard challenge. If it was me, I'd have just ditched the remote and integrated biometric scanners into the handles.
The latest Range Rover can be broken into in about 1 min. All you need to do its pop the mirror glass off the passenger door and rip out a specific wire from the Mirror Adjuster. Why...... Because its a freaking CanBus wire and gives you direct access into the cars network. Cant believe they thought it was a good idea to put a Canbus wire on the outside of the car. Its a bit like leaving your house keys under a flower pot by the front door.
@@TheSaabClinicUK more like leaving an ethernet cable running out your window
@@TheSaabClinicUK The fact that basically every car is still CanBus blows my mind. It's such a vulnerable protocol. Especially with the way the Auto industry implements it. It's the most lazy and amateurish approach that dates back to the 80s. Irks me to no end!
These tools are absolutely a good thing. If you can't safeguard vital technology and assets against cheap technology that can be built at home or purchased so easily, how are you ever going to harden them against determined individuals and nation states.
It's great for IT and security professionals to be able to test their own systems and for people to learn. You could make purchasing pre-built devices like this licensable like amateur radio is - where you have to prove you have an understanding of how they work and what is/isn't ok to do with them, or tie them to a business entity, but don't ban them.
Blaming poor security on tools like this is like saying it's okay to not have locks on your door because people shouldn't just walk in.
"Why don't they just ban these things". Its already illegal to use it in those certain ways ... making it "more illegal" does nothing but restrict legit uses
Yes and no. Limiting ready made tools does deter use. It can't completely eliminate it but it would cut down in it heavily.
Liberalism
I think the question was rhetorical, but thank you for contributing your perspective.
@ferretsmiles that totally works right? just look at California
@@ferretsmiles I can take some transistors from inside a microwave and build a jammer or run the microwave with the door open to watch youtube in 144p. Now are microwaves illegal? Right. The law is built to suck 💩not serve people right.
Most big WiFi vendors offer a function to "isolate rogue AP's", which is actually the same type of deauth attack and basically illegal to use. One supplier of event WiFi actually got a hefty fine from the FTC for using it to prevent people from using hotspots.
i love how whenever linus uses his workers as actors, they just sit at the desk like 'wtf is going on'? i wonder if they never tell them lol
Poor Collin can't stand up for himself either can't speak :d
@@PureRushXevus he can
@@Maxoverpower I know he can, but he doesn't break character by doing it on camera :p
(except that one video not too long ago where he just stares at linus for a few seconds, then goes "....dad?" which was very funny)
@@carfo its rehearsed. Nothing is a first take.
@@carfo I'd assume the workers would notice the cameras, lighting, and microphones being setup.
To get around UK selling laws of these kinds of tools, you can buy "soldering practise kits" that once you've "practised" soldering all the provided components onto the supplied circuit board you have a a functional "Grabber".
1:17 I wasn't really paying attention when they segued to the sponsor, so at first I thought James had randomly shouted "Mexico!". 😂
Me too
IMHO whoever wrote the script for this video is really good. I like the amount of scene changes, the little story, when Linus takes someones stuff away. Even the acting in this video was better than usual. Really the script writer of this video today should be used more often. (this compliment is of course very subjective and comes from someone who hasn't written a script himself (me)). Good job.
agreed
@@Cokai Tanner wrote it, it's in the credits at the end
Piecing together shots and graphics etc into a final cut is the role of the video editor/producer(s) rather than the writer
Those Honda and Kia situations are just unacceptable on the part of the manufacturers. If you've produced modern cars with security that lax, you should be issuing a recall and fixing it for free.
Hyundai not Honda
@@74rocktiger74all 3, some CR-V models had bugs in rolling key codes as explained in the video
@@74rocktiger74 I'm referring to the CR-V mentioned in this video after Kia/Hyundai.
@@74rocktiger74 In the video they mentioned that the 2020 Honda CRV is the most stolen vehicle in Canada because of it's bad security. That's what
@0xTJ was referring to.
They should be FORCED to do a recall
Its a front end for SDR. You can do the same things and more using a laptop, OpenSDR software, and any number of radio transceivers including HackRF. You can do a lot of this illegal stuff using a $20 RTL-SDR transceiver and a laptop, if your signal of interest is less than 1.75 GHz. You do not need to spend $300+ to try out hacking your car door. But the HackRF One is a pretty good radio if you have the money.
If you operate stuff on licensed RF spectrum and you've got interference issues breaking your stuff... tools like this are highly valuable when raising the point to authorities to get things cleared up, or get a new frequency allocation.
Should this tech just be available to everyone though? I mean if everyone can just walk around with powerful RF jammers I can imagine that would make your job harder as well
@@zwenkwiel816 That's part of the point, anyone can do so. These tools make it slightly easier but they aren't specialized hard to find equipment. Antennas, small mobile computers etc aren't new nor hard to acquire
@zwenkwiel816 I don't feel restricting dual use technology behind government red tape will make it any better. Very few places could rapidly pinpoint a jamming source anyway. So, in my mind, it's more like making jaywalking illegal. Sure, jaywalking isn't legal, but it's also impractical/ impossible to enforce. It simply plays a factor in liability after the car hits you. It's already illegal to use this stuff for harm. Making it harder to get just hinders people gaining the skill set to combat and identify bad use.
If you are transmitting on licensed RF spectrum you probably have a professional spectrum analyser...
@@zwenkwiel816 Hackrf is a low power radio, and isn't going to cause issues unless user is right in front of camera (literally). To jam a camera (also made video demo recently), it has to practically be up near it.
Itt finishes with the right call: it's much better to beef up security, than restrict future generations from an amazing tool for studying radio.
And, there are measures like wired cams that fix the wireless jam issue).
Either way, much more powerful jammers are available to those ppl.
To any thinking about it: DON'T do it. Ppl using them can easily be tracked. And commonly are. Big fines and more.
Blows my mind that the burden of having a use for it falls on you...the burden of proving someone committed a crime falls on the accuser
It's like we are throwing due process out the window, and you are now guilty until proven innocent.
"Stampeding cattle through the Vatican....Kinky" A nice ode to Blazing Saddles!
As long as you don't chew gum on line without bringing enough for everyone.
Immediately after filming this video, Linus tragically lost this device in a boating accident
@4:00
Colin, earning his spot among the great silent movie actors of our time. 🤜🤛🏾
On a separate note from my other longer comment. I agree with the probably best solution to all of this. People in general all over need to beef up their security. And in an ironic twist of things, that means more people having devices like these. Not to attack each other over airwaves mind you, though some might. But to give you that ability to fight back if need be, but overall mostly just give you peace of mind that you can look for things that might become issues, and be preemptive about.
For instance, if you know you have a device that is probably a security issue, you can use of these devices to find the flaw. Then from there, you can add a better shielding to it, or some other trick that fixes the issue(s).
And from a travellers stand point, there are problems with spy cameras that need to be found. These help with that too. Being able to find the random RF bleeding from infrared and other spy cameras used is pretty useful in being able to tell the hotel management they need to do a sweep of their rooms, after you block the view of every camera that shouldn't be there in your room only. (Anything outside that room becomes a potential legal issue on your part maybe.)
"stampeding cattle"
"That's not much of a crime"
"Through the Vatican"
"Kinky..."
Ah a fellow man of culture
Did not expect a blazing saddles reference in this video, lol
Of all the surveillance videos I've seen online of cars being stolen wirelessly, none of them seem to be using these common tools. You can almost certainly make more effective tools when they're specialized for a purpose.
I actually use a HackRF One (not this model with the display and battery) to pull in ADS-B data on flights, as I’m an aviation nerd and live right between Chicago International and Mitchell International, so there’s lots to see. Along with my more local airport becoming a hub for Amazon and other freight flights. Even better, there’s a regional airport in the area too, where some of the aircraft going in and out still have ADS-B transponders.
I also use it for downloading images from weather satellites, listening to amateur radio communications, and FM radio listening (rarely).
It’s a very flexible and robust tool. I’ve never used its transmitting capabilities, though. You can use them for amateur radio communication when licensed (in the U.S., by the FCC). But I don’t have my amateur license.
this sounds fascinating! i've only recently started taking interest in how radio frequencies are still so relevant to modern life and started gaining interest in things like SDR etc. you have any channel/video recommendations for this kind of thing? i live not super far from JFK/LGA so i'd be curious what i could check out.
@@itsjustcavan I am/was in the same boat a few years ago, and now I have 3 rtl-sdr variants, 2 knockoff rsp1a devices, and 1 1/2 hackrf ones (one in a portapack, the other half dead until I replace the burnt out tx AMP). My point is this: Careful, it is addicting, and you too may have connectors, antennas, and just radio stuff everywhere! 64ft wire strung through the trees to hit some shortwave on the rtl? Check. Parabolic antenna in the backyard, feeding GOES16 data to a laptop, to have every 30 minute half world weather snapshots? Check.
In all seriousness, one of the first things that's EASY to do with SDR is ADSB stuff -- and it's super neat. Another program to look for is RTL_433 -- it has built in decoders for many many devices that 'talk' on 433mhz - weather stations, TPMs sensors, etc, etc. These are great starting points for digital stuff, but it's also super interesting to plug it in, and fire up an SDR application of your choice (sdrsharp, sdruno, sdrangel, etc) and just -- play with it. You'll be confused (i am still confused, but have learned a TON by just... doing it) but things will click, and it will become *that much* more interesting.
It's everywhere, there is so much stuff in the air around you, that if it were in the visible wavelengths, we could not see feet in front of us.
It changes how you look at the world.
@@itsjustcavansaveitforparts is a pretty good channel to get into receiving images from weather satellites, he’s the one who got me into it
@@itsjustcavan
And if you are more into reading, buy the ARRL handbook.
Over the years many of my trinkets and tools have been replaced with newer versions or upgrades... except for my HRF.
That's one tool that just keeps on giving, regular updates with more and more added features. It is one of the best purchases I made.
0:54 Stampeding cattle through the Vatican...?
5:24 Not very likely.
7:12 Hang on! What about, "innocent until proven guilty"?
next video: making a pc in prison so i can order contraband to escape prison
"Unfortunately the guard took away my cat5 cable, and theres no wifi... But luckily we managed to get this brand new Z-Fold 6 in via my prison pocket! If you don't mind the sharper edges while sneaking it in, this will make a GREAT cellular wifi hotspot. Full review coming when I'm out in 2035!"
There is actually an active recall by KIA too fix unprotected ignition actuators, and they will be correcting the problem on all new models starting this year.
A major issue is that most car owners ignore recall notices when they get them instead of doing their part of the bargain and actually taking the car in for the work despite it being totally free and merely costing them a bit of their time.
I got one for my truck a few years ago and took it in immediately to get checked out because it was listed as "potentially effected", sure I wasted a couple of hours on a saturday afternoon waiting around at the dealership while they took things apart and inspected the parts, but it was worth it to find out that the parts that were potentially bad were completely fine and that as a precaution they'd replaced the sway bar bushings tie rod ends and hub knuckles (about $1500 worth of parts) for free just to be sure.
So the moral of the story is: when you get a recall notice from the manufacturer of your car deal with it immediately and get the work done as soon as possible instead of putting it off until the next time you're at the dealership for an oil change or just not doing it at all.
I love when you do hacker and cyber security stuff
He IS the expert in that, correct?
*ahem* got hacked twice in a span of 3 years *ahem*
@@TheSlimeKilling_Minecart Lmao why I'm on the opposite end
Linus's voice in these videos is very relaxing in my opinion.
is 5:25 a andrew tate reference because of the robes?
YES AND FOR SOME REASON NO ONE ELSE IS TALKING ABOUT IT
best part of the video
I was looking to see if anybody else saw it
saw that 😂
Manufacturers got so excited making as much stuff as they could go wireless, that they completely neglected security in the process. The same thing happened with wifi, when everyone got hung up going wireless that they neglected security and completely forgot everything they learned from 802.3 networks about the downfalls of a shared medium. Everyone who introduced wireless technology acted like they're the only person in the world using the spectrum. That's all we're seeing here. Designers who should have known better, but took shortcuts because they wanted to get ahead of their competitors.
I'm a hardware engineer and embedded programmer. I design smart card readers for a living. Mostly for payment application. There are strict standards in terms of security when it comes to that sort of equipment, because it handles money. I'd love to see similar standards for a lot more equipment, because they tend to be lacking.
Hi there, mind me asking something about your job ? Interested in that area. (If not its ok, I get you most likely have other things to do)
Hahaha, I used to work on building smartcard controllers. I was actually on the configuration software, but I knew the embedded programmers. Our stuff was actually designed to be fairly secure. There were no regulations for that. I'm not just talking about Canada and the US.
I say fairly secure because there were some things out of our control.
Like the keys themselves, and LonWorks network protocol. We worked around the limitations of LonWorks protocal a bit by doing things like adding our own encryption on certain settings.
We were absolutely not allowed to call the keys FOBs. A FOB is the device that usually extends and retracts that attaches a key to something like your belt.
@@Hanneth Well we also make access control readers. There's 0 regulations on those. When there is, it's a specific client's requirement.
There's worldwore regulation only on the payment readers.
Hey, I used to be in the smartcard field too. SIM, to be exact. I'm one of the first people to implement 5G to SIM OS. Before this, I wrote firmware for SSDs and HDDs.
@@bassyey know any good resources for SIM applet development? For whatever reason, finding a decent documentation for the STK/CAT libraries is impossible :(
Great video. Thanks for shedding some more light on the Kia Boyz. It’s STILL a massive problem in Milwaukee, WI. Kia still thinks they can quietly address it.
8:42 the Hyundais and Kias in question were easy to steal because Hyundai/Kia didn't equip them with any sort of ignition immobilizer technology whatsoever.
It's a part that would be insanely cheap in bulk to implement into the cars, they cheaped out, even if you get one installed they only cost $50-100 for the part and install. So it's at worst a $20-40 part. No excuse why not to include that into a full sticker price.
I really appreciate linus covering this, as I completely agree with his takeaway point.
Thanks for defending maker/tinkerer tech for us!
It is also hard to ban those gadgets. You ban the whole thing, they will sell it in parts. You cannot ban things like antenna. You can deliver it without software. You can even write on website, that it is illegal to buy the parts together (noone will care). And if you just have it at home, your legimate use could be something like testing your security system.
Crime is illegal and people do it, if you make it more illegal, nothing will happen
as if its hard to get some electronics from china
Speaking of lax security, it's now 4 months later and VW just had a massive data breach where the location of some 800 000 cars were leaked, in some cases along with personal information, had been available for months for the aforementioned ne'er-do-wells. One should also ask why car companies feel like they need to collect this information in the first place.
1:00 Urm what!
Poor Attempt to bring in more views
Poor attempt? Simply knowing that reference gives points in my book
@@PowarbrosOfficial what the sigma
Hello fellow kids
STOP
Loving the hacking tools explanation! Great details 👌
I want a full blown Linus vs Employees hack competition against each other! How many ways can you (not maliciously) prank each other, or make it a CTF style competition!
I've had a HackRF for years - and kudos for showing the Mayhem firmware! - and these things are great. From optimising my home Zigbee network, to finding interference sources, there is just nothing else like it available. It helped me figure out that when using a certain Zigbee channel, my HyperX wireless headset dongle would 'seek' for the headset while it was turned off - which caused massive packet loss on the Zigbee network. Change Zigbee channels, and presto - no more interference. I can't think of any other way I would have been able to figure this out!
Some group can rebuild what is on a monitor from the "light bleeding" from your room. The tech these days is nuts, little is truly safe
@@RGBeanie that only works for the old school CRT monitors. Does not work with LCD and oleds screens
@tratzum true, but still impressive. They've no doubt got other ways we don't know about
@RGBeanie way back when I was a private in the Army we had a group of contractors demonstrate it. Pretty neat.
I got that D-Stike watch as a Christmas gift from my brother. First off being into computers is NOT the same as being a hacker! Second I showed it to a cop I know and his reaction was, "Well it isn't illegal to own it... just to ever use it"
2:19 Freaky display port
Instead of displaying graphics it displays the Diddy freak party
@@PizzaPowerXYZ and it takes calls from freakbob
Stampeding cattle through the Vatican.... Awesome reference! Glad to see you have excellent taste in Mel Brooks Films!
Nice dig @ Tatertot with that "Romain one " line..
i just had a thought, and im just cookin' here, potato batteries still work underground, we use these devices plugged in to growing potato batteries buried in dirt and essentially build potato powered emp's that nobody can find, and we put these under every Starbucks nationwide and their customer base disapears because they cannot maintain wifi. our corporate overlords overtaken by potatoes. Glados was onto something the whole time.
a new meme is born at 11:09
I love how I can tell if im watching an old or new video based off Linus different hair cuts
First LTT video on new pc... and its the one where linus says skibidi toilet 💀💀💀
You need a new pc now
Honestly glad you made this one. As an ex cyber security individual too much is put on "bad actors" and less so on manufacturers. Lets save pennys on the dollar and compromise security of our product then Blame bad actors for discovering the fact is the industry norm.
5:26 Romanian jail? that was unexpected
I'm guessing an Andrew Tate reference? Since he was wearing that thing that I can't remember the name of.
Must be because of the PC that Linus hid in Romania for that beggar.
Oh man, this can get you into a lot of trouble already. ISED here in Canaderp is the group that deals with radio signals and frequency allotment. As a Canadian HAM nerd, they don't like it when you transmit on frequencies you aren't allowed, with tech that isn't approved as being certified, and transmitting without a license. Knowing ISED they will put the onus on the end user. Anyone in Canada can legally purchase a HAM radio and listen with it, but you break the law the moment you key up the radio on any frequency without a license. All the companies refused comment because they know this products are illegal or in the greyest of the unknown legal zones! And that antenna you were talking about is called a Yagi-Uda or just Yagi, they are extremely easy to make, I made one for the 2 metre ham band for contacting repeaters on the ISS and other various HAMSATs up in orbit. They are basically high gain, extremely directional dipole antennas. If you really like these tools I highly suggest you check out the TINYVNA and TINYSA I am almost sure the TINYSA (spectrum analyzer) might have some nifty nefarious uses too!
the sudden noise you can hear are the prices of these devices going up right now.
as a pilot, i saw some transmit modes that our planes use to transmit crucial information such as position, heading, and altitude. that is some SCARY illegal stuff.
As a network engineer a tool like this would be so useful for tracking things like wifi coverage. Seems like any professional tool that can show the radio traffic of an area is prohibitively expensive and reliant on a piece of crap proprietary software.
Sadly, the bandwidth on the HackRF just isn't there to be able to monitor channels wide enough for wifi. You're going to need to head up a few price points to be able to do that.
@@CRCinAU Yep any SDR that connects over pcie and has enough resolution and capability to monitor large bandwidth is at least 500$ or more as a baseline, easily jumping into 2000$ plus for good ones.
I wasn’t expecting that blazing saddles reference. I love it
9:44 Linus making a Defensive argument for the 2nd amendment lol.. love it
The Hack RF is actually a pretty commonly used gadget for Amateur Radio enthusiasts. All of those guys are licensed by the FCC and have their addresses readily available to the government… so most “hams” aren’t super thrilled with doing illegal stuff.
3:05 "a directional fm antenna similar to the kind that was found on home rooftops in the 20th century" I BEG your pardon, arent those still common ??😅
@@cupofkofy Wonder if it's a country specific thing. Those sorts of antennas are normal in the UK but then we have pretty decent free-to-air TV
@@--throwaway-username Now i only see them in the countryside (im french) but a decade ago, they were absolutely everywhere !
Even if they're not common, it can be easily made using scraps
Linus calling a mallet a hammer and none of the people who worked on this video noticing is completely predictable.
A lock pick is just a piece of metal until it is used to pick a lock. You can ban the action you cant ban the tool.
Well a piece of metal can be of many uses, what other use can you have for a hacking tool? Because "educational" is not good enough of an excuse for me, I mean you can learn but shouldn't be testing it on actual people's stuff, I'd hate for my neighbor to try out these things and really inconvenience me because he wants to learn something.
Tell that to UK, they make the tool illegal. Have a box cutter on u but not currently cutting a box? Ur breaking the law.
The UK has certainly tried. So strict are their knife bans that a plastic Mastersword fidget toy was enough to get someone sent to jail for a year.
Meanwhile London is still the stabbings capital. And those who do commit stabbings (or worse, and let's admit, there's a lot worse), get jailed for less time than that. But racialized policies often introduce such inconsistencies.
Tell that to anti-gunners.
@@darkceptor44as Linus said in the video, it can be used to find flaws in your wifi and Bluetooth connections as well as security breaches. A pencil can be used for writing 99.999% of the time but someone always manages to get stabbed with one sometime.
As a cybersecurity person, I hope you make more of these types of videos. Goes to show you how laughably bad manufacturers are when it comes to security.
"Stampeding cattle"
"That's not much of a crime"
"Through the Vatican?"
"Kinky!"
Blazing Saddles
Your thumbnail pic is comedy! Lookin’ like the two of you are playing “ hide the salami!”
the EE department of every university has a bunch of these, you can even borrow it from the university at my uni
The HackRF is an amazing SDR, and the Portapack is an insane piece of hardware. I have both, a lot of fun, and you can do a lot with them, especially due to the versatility with it's options and frequency range, you can use it for countless applications.
Stampeding cattle through the Vatican?? Now that is some serious hacking power.. Given that you need to first get the cattle to said Vatican.. :D
Dress them up as a.. nvr mnd
did you miss the Blazing Saddles reference ?
@@firstname4337 honestly, yes.. The one Mel Brooks movie that i actually havent seen yet for some reason. (Rather silly actually, as i can recite every line in Space Balls and Men in Tights from memory)
@anumeon you should see Blazing Saddles, one of the best, if not the best, Mel brooks' film.
I really want that EMP device so I can shut up my neighbours tv whilst I'm trying to sleep.
Security is such an afterthought for most companies that it really should be on them to fix. I feel it is getting even worse lately now that so many cars are coming out with a cellular connection and an app. The manufacturer will probably stop supporting "older" vehicles after 5-10 years even though most cars live 2-3x as long as that. Similar to online video games obsolescence is a big issue here. You have often discussed what happens when your video game breaks because the developer shuts down the server. What will happen to your Full Self Driving purchase when Tesla drops support for the model year of your car or your heated seats when BMW decides it isn't worth the cost keeping the authentication server running?
I was not expecting to hear the selling point for a webcam to be "1080p 60fps" in 2024
Banning the thing won't prevent _actual_ evil-doers from getting their hands on one
Like banning murder.
why have any crimes then?
@@bobowon5450 Outlaw the act not the tool.
@@bobowon5450Crimes are there in order to have a legitimate reason to punish and reform individuals who commit them. But banning tech that enables the crime will only make it harder for people to test them out. I am unaware of any cyber crime having been lessened by banning those products. It's not the same as banning guns since those can be used by anyone, these things are only usable by people who are very technical. These device bans only make inaccessible to the average person and law-abiding people.
@@Harry-bp2dl the act is already outlawed
I heard from a seller there's an unofficial ban in RU of the HRF's, so sellers send them in partially assembled kits and they get through customs.
Car manufacturers don't have an excuse, especially considering how old the HRF is.
Some are STILL vulnerable to even simpler attacks than rollingpwn. There's software mods for the quansheng handheld radios that allow for simple capture and replay. There's no "tools" on it... you just have to know how to use it.
0:59 Unsubbed
@@Seiftechie huh? Banger movie
@@seandorr7564 they said skibidi toilet
@@Jayess-clol
I have to agree with Linus's conclusion here. A crowbar can break into a house, but we're not blaming crowbar manufacturers for people breaking into houses
4:20 The closest well get to hear him talking.
He already did in one video
@@neostark1480 which one
@@Plqnes in one of the amd sponsered upgrade videos check last 2 videos
Scrapyard Wars latest season Part 1
Now I want to see a joke video featuring Linus reviewing LTT screwdriver on how much it easier to break into other people's properties using LTT screwdriver.
11:11 make a wish
wtf!!! The video is 11:10
@@timofeidruzhinin the video change the display time 1-2 seconds between people
@@timofeidruzhinin *changes*
I just want to say that the moral lesson at the end is so beautiful. It is not the tools fault it is the users! I feel the same about owning guns, even though I don't have one, but I might conceal-n-carry in the future. God bless you guys and great video.
I'm shook by how Linus pronounces Uruguay
Troubling isn't it.
came looking for this comment too, odd
7:30 The correct thing for GSG to do would have been, "We politely decline. But we know you'll probably put this email on your show, so here's a 5% off coupon code!" 😁 Hehehehe.
Linus bought a private island??
❤ The blazing saddles reference!
1:28 looking good 🔥😻
Thank you for all the great information Fred Durst
Linus be stirring up paranoia.
Try the Ettus B210 the next time. It's a software defined radio which was made for professionals. It Supports parallel transmit and receive at the same time. You can even create a prive mobile network with it to use old phones as SIP phones on the network.
Banning this stuff would kinda be like banning computers to prevent computer hacking.
10:00 EU should force automakers to open source all of their security protocols. (This seems to be where EU is at these days. Doing things that are "common sense" like USB-C, when US doesn't want the negative publicity.) EU could say, "open source all your security protocols now, and fix bugs as they are found, and be liable for them too".
Why force better security, which involves making big companies upset, when you can go after the low-hanging fruit of attacking small manufacturers of devices whose legitimate use cases overlap into the nefarious.
Love the conversation. I like keeping it in the "tools" category. Same can be said for allot of things like knives in the UK or guns in the US. Criminal actions need to be more consequential rather than letting everyone off to do it again. Keeps people more honest knowing they can't make a plea deal to get out of everything.
Another vid of Linus casually breaking the law again
Buying and owning them is still legal there. Demonstrating what they can do on his own stuff is legal use.
He on a roll recently. Something really rubbed him the wrong way, probably the same thing that has been festering with a lot of people. The whole as a service thing escalating. Companies just expecting everyone to accept there product is hot garbage. Things gone down the drain recently. Mostly to greed. More extreme than they did in prior decades as well.
I smell the general sentiment of setting sail in the sweaty waves of the internet. Last time it smelled so sweaty, Half-Life was the new hot stuff.
I knew there will be a time where security needs to be better in every aspect when the flipper zero first came out