I paused the video just to say one thing, it’s incredible how UA-cam videos now have so much more superior than specialists on tv, the quality of the video, the design, idk, it’s just crazy to think
you're so right... it always irks me though whenever I find that awesome channel that makes me have that "shit where were you all these years" moment, I kinda feel I am also missing out on some other channel out there that I desperately need but haven't crossed paths with yet.
What do you mean have so much more superior? You're using an adjective as if it's a noun. It's troubling you have so many likes when I have no idea what you even mean.
As a Cybersecurity professional, I must say, this complex topic is way much simply explained. The analogy of bricks is really good. Good job and kudos to the creators.
Ok so you are in the know with pc/internet. Im not so I have a Question? Is vpn safe to use and what do it do? And is a tor browser more safe than Google to use?
@@f.t2482 DP are safe to use. They are legal in the United States of America to use if you are going to use a VPN you should not use it from your home Internet connection. Do you want to use it from a outside public Wi-Fi connection and you also do not want to use a VPN using your home PC or any device from your home this information is for educational purposes only I’m not telling you to do anything illegal but if you do decide to use a VPN, don’t use any of those devices that
As an IT professional, this video does an excellent job of breaking down a very complex subject into terms the average person can easily understand. The brick wall analogy is excellent and one I’ll borrow for future conversations.
When you randomly bash your keyboard in infinite parallel universes for an infinite amount of time, you'd probably get a fully working exploit chain for the latest ios version some day in Eternity
@@Ahmn2250 He's likely saying it's UNLIKELY, but the issue with iOS is that since their code base is proprietary and not open source, there are fewer EYES on that could audit it for exploits. Plus, you have entire nation states and private companies like (formerly) NSO Group spending tens of millions of dollars to develop spyware like Pegasus, etc. By definition, a 0-DAY exploit is unknown, so you wouldn't even know if someone could hack into your phone. But, if you're not an important enough target, and your adversary isn't fully technically equipped/capable, you're most likely fine. If your adversary is the NSA, you're very likely screwed because as the Snowden leaks showed, they had the entire world tapped, including the German Chancellor's phone... and things are much worse now.
My man, DDoS is an attack, not the way to get "to the other side of the wall". It's a denial of service, not something that will get you information. Fix your video.
Tho technically the ddos can be used to slip by (as a separate entity or method… not DDOS , so still I guess incorrect) security measures that are overloaded trying to prevent full shut down of the page’s service / servers
So if you're a dev at a large software or hardware company, you deliberately sneak in a bug that allows for a very specific 0 day vuln, sell it off to a broker, and the day it's detected by your employer, you come up with a fix and gain a pay rise.
i shall agree. as the exeptional movement of this channel is over the top. of course i can say that there are som damages.. but no one else has none.. and he still has least. as i can say in the kitchen language. one of the beast
I think there's one thing you missed that I think is extremely important: everyday security researchers. There's a lot of hackers out there that are fully public and post about the vulnerabilities they find (after they're patched, usually). However, becoming such a person still requires you to navigate these markets. They could report it directly to the company, but companies such as Apple have been criticized in the past for low payouts, or not paying at all. This could lead security researchers to go to the grey market instead, hoping for a more guaranteed payday. I think that's a pretty interesting dynamic of the market.
Apple should pay up because I'm tired of them gaslighting with the, macs can't be hacked . The lies! I'm an activist and have been hacked for years. Nothing is safe
Its real fucking stupid to lowball or even worse fuck with the people finding problems in your systems. Dont really get how such stupid people have gotten anywhere in charge of anything.
Zero day exploits have always mesmerized me, knowing there is someone out there with a critical piece of info that could have so many implications, practically all being negative, is equal parts scary and fascinating to me.
Ah I wouldn't exactly glamorize it... It's just having something that you spent time and energy on and could use but every time you do it obviously it and you gets public exposure. Which ends up as something that more often you do (out of prestige) and don't (out of legal ramifications) want anyone to know about. Otherwise it wouldn't be a zero day which redundantly keeps it a viable zero day. So in the end you are left with a decision of (holding it) power or (public release) notoriety.
I once cracked the password to most of an ISPs accounts and I felt excited and powerful knowing what I Could possibly do with it. Spend days and then often over the weeks thinking of different scenarios Then I sent emails from those account's to their other accounts and felt like the world's most powerful hacker That's all
Social engineering, hacking data brokers and bribing corrupt employees are some other ways people get in. *The human will always be the weakest link, like when they setup their servers and their root password is admin*
One thing to note about all these walls is that when you buy a 0-day, you don't just pay for knowing about one faulty brick in one wall, you're paying for knowing about such a brick in every single wall of similar design.
@@gothixxx12 I can see why his comment would make sense, but I also do not have any knowledge about this. Can you explain further why a certain breach cannot be repeated in similar code structure? Maybe they're too precise or specific for each codes?
@@Друг-ч3з It is indeed incorrect, because a zero day of this proportion rarely will be just one line of code that can be reproduced by every engineer. A zero day can be an API that receives data, and then sends it to a function who will turn a string (text) to a JSON (which can contain functions) and then send it to the server, who will execute a malicious code put inside this JSON by a hacker. It involves multiple layers of the system, and all of those layers must fail in preventing that functions are being passed as strings in order to the zero day exist. Sorry for my english, it might not be so clear to understand, its not my language, but I hope it helps understand why his point is incorrect for most cases
The type of vulnerability that involves multiple layers of a system is the hardest to find, for the hackers and for the engineers. That is why they are so precious. The example that I provided is know as XSS, and it is easy for an experienced engineer to prevent, that is because it only takes a line or a block of code to make the vulnerability, that is the case where the guy commented. But, because this type of vulnerability being so common, it is easy to patch, because a lot of people know about it. A big zero-day exploit is something that is not common at all, and only a few, if not only one person found it, and 90% of the time is something in particular with the way the system works
they say we are all shortening our attention span. content like this proves most of us would stick through 2 hours without getting out of our chair if it's this high quality. loved it!
Credit to Kaspersky for operation triangulation, they did some amazing work exposing the attack chain. And the cherry on top, they released everything on Christmas for the jailbreak community.
These hackers need to have some natural ability... no run of the mill hacker can do this. We all hear of hackers, and know it implies getting into your computers and other systems... but explaining it so the average person can understand it is a talent, the analogies need to be hand picked.... great job. The rabbit hole stop by step.
Zero-day exploits have always fascinated me. The idea that someone possesses a critical piece of information with potentially far-reaching, mostly negative implications is both scary and intriguing.
That's the thing with the cyber-criminal world; You have to do everything right all the time to protect yourself. But them, they have to do it right. One. Singular. Time. And you are now compromised.
🤣🤣🤣🤣🤣 DDoS going by this video is a HACK. Clearly you are why companies sell VPN and claim it keeps you free from big bad hackers. But nailed it right. OLOLOLOLOL
This video provided a much clearer and comprehensive understanding of zero-day exploits. It really confirmed some things I thought and also offered new insights. Thanks for doing this.
I just thought about all of this and realised that right now, there are not only people working on building these weapons but also people developing AI right now, that will be a mass production machinery to create 0-days... Just insane...
It's been around since before gpt publicly dropped. Most of these dark worm AI ect. still have a lot of issues with coding nuance like the base derivative models do. Not to mention there are others not so transparent to public eyes who's sole purpose is to sniff/snoop/collect the data into aggregate from these sources once they are identified. So then that data can be used to reverse engineer identity patterns of how the algorithms attempt exploits and patch vulnerabilities.
Saying "0-days are not always evil because they help both sides" is like saying "the NSA spying on every citizen is not always evil cause you might catch criminals". Yeah sure, you may stop some war-criming states or find national security stuff, but privacy and security of citizens should always be help in higher regard. It's why governments aren't allowed to tap into anything you do without proper suspicion. Give the government an inch under "nation security reasons" and they will take a mile, every single time.
@@usernametaken017 make your argument instead of making empty claims. Governments are not some benevolent altruistic entity. Allowing, funding and perpetuating victimization of people is _never_ morally justifiable. Zero days are just information, but allowing them to exist is _always_ to the detriment of humanity.
One of the most informative, important, and thought out videos I have ever seen about the digital world. And I must say, your video editing skills and graphics are most superb and on point.
I don't know much if anything about coding, cybersecurity, etc. this video explained this really well!! I also think it's so cool you had experts and researchers interviewed as well.
You realize they can easily use the patriot act to gain access to anyone connected through a cellular network or ISP or even a VPN service. So essentially they don't need any specific software tools for anyone inside the US. Not when they have direct legal access to the connection through the providers. Besides if you're a government or institution apple will provide custom firmware with your engineering teams input for an additional price. Which many of these people do opt in on for obvious additional security. Joe Biden isn't walking around with exactly the same iPhone you have. So even if you had exploits embedded the security engineering team has already verified the compiled result and it's going to be hashchecked and not match.
work, from their detailed security assessments to their transparent communication with clients. Their ethical approach ensures that all solutions are implemented with the highest standards of integrity. This combination of professionalism and ethics has set them apart as a leader in the field.
Barely?? 😾 Are you kidding me, what else should one be doing on dark web if not for money power respect and control.. Said barely like you got top info lol
I remember your shady rat video. This video and that one are just amazing... No matter how deep your knowledge is of this area it's still a great watch!
I just want to preface, hacking doesnt entirely mean to exploit vulnerabilities to harm people. Lots of people use hacks for legitimate reasons. I have transfered my ps2 library to my ps3, whose model shouldnt be able to read ps2 discs. I compiled the games into programs that the ps3 can understand, like the sony's store equivalent of the game. Hacking, especially 0 day exploits, can give you TONS of control for your device of choice. It gives you freedom, but it can also be used for evil.
This was overall a really great vid, but I did laugh at the part "Week old bugs are as good as patched". As a researcher, some companies do not give a sh*t about patching vulnerabilities for years on end.
This is a very well made overview of what happens behind the facade, where there is no black and white and where much depends on perspective. The filming, the editing, everything is on point here. Although the origin of the 0day market is - to my at best anecdotal knowledge - not really anything to do with hacking governments or espionage. If my very limited understanding is anything to go by, the original "Warez" scene that cropped up in the early 80s and persisted well into the 1990s was where 0day software was first being shared. This could be anything from pirated cracked games to any other kind of software that people did not necessarily want to pay money for but still wanted to have it and use it. This also eventually gave rise to things like the art- and the demoscene. This is not to take away from the otherwise great insights offered here.
Both scenes are independent from each other. 0-day is just different meaning to both and while the term is the same, the origins are not. Stop perpetuating this misleading info.
Corporations often don't want to pay because they already pay a team of people. And not everyone creating xeno or "zero days" is doing so maliciously oftentimes it's a need for debugging tools or customization that births it.
Incredible work making this video. Your ability to take complex techniques/events on this topic and simplify them something easy for everyone to understand is truly remarkable. Combined with the seamless editing creates a perfect pair for educational infosec content. Keep up the great work and I encourage you to continue creating more content like this!
I first learned of zero day vulnerability when I was jail breaking my iPhone (I don’t do it anymore bc obvious security issues). Thank you for this information
somebody has been talking about fight club!!! EPIC joke and placement in the video! caught me off guard... almost lost a lil drink on my keyboard!!! then you showed the guy from usa x-intelligence agency hahaha
As a former fed, I can attest to the vast knowledge base of personnel who do amazing things, every day without any want or need of acknowledgement. The world owes those folks a nod and a silent thank you.
Actually more companies are sueing hackers, even if they found a flaw just randomly in a ticket system. Lawmakeres should establish laws to punish companies and stop this!
The way people break into stuff is not just by sharing secrets... it's being able to see flaws. When data is sent out or recieved into the program, then you know there's a highway. Question is now, how to get onto that highway undetected. Sometimes having a security as a firewall or anti virus program, gives you access - especially because most of these programs are connected to send reports and recieve updates. The best hackers does most often not even share their knowledge. They like their power. Some actually inform the programmer of the program, their flaws by adding small undetectable codes. Often with small stamps, so they know who it is. It's also a community of people. Some are evil, Some are good and some are just bored
That was thoroughly fascinating and superbly done. I’ll take that 4 hour deep dive tour now please. Heck, make it 40 hours or something, like an awesome series.
Adrian Ruthnik's dedication to their clients' security needs is evident in their thorough and effective methodologies. Their proactive approach ensures we stay ahead of potential threats. Adrian's meticulous methodologies involve thorough risk assessments, detailed planning, and proactive implementation of security measures. They continuously monitor and update our systems to keep pace with evolving threats. This dedication to staying ahead of potential risks has been crucial in maintaining our security.
I love how you describe governments and criminals like they're morally different. Rome has fallen. Your security is your responsibility. Not many will transition well through the information age. Read "The Sovereign Individual".
The very first minute and 17 seconds were so ultimately interesting and creative designed, it instantly stopped me from doing anything else but writing this comment and watching the whole video. Now that I have watched the whole video, this was the most interesting piece of information next to reverse engineering and offline AI, that came across me the last 4 years I guess.
None of this surprises me. I've been using the PC since 1986, and there were many BBS's back in that day who catered to hackers. Word of mouth, and IRC got you access as long as you ponied up the coin first so seeing this video only shows how much more of a problem it has become. Pretty scary stuff when you think about it when entire infrastructures can be simply switched off with a click of the mouse button. Pretty amazing when you think about it. The only safe internet is no internet.
Around 2001 I accidentally hacked the Pentagon. I was looking for information on our biological father, while he worked at Groom Lake aka Area 51. A high up official made a backdoor for he's use from home. I got to see a lot of information on Government Agents in other countries. This is the kind of information that's very valuable.
I grew up in an age before computers the Internet and smartphones. I would not trade those times for anything in the world. We rely way too much on the internet and computers. Computers popping up everywhere, even in our cars, I do not like it. I hate hackers.
all of that technology saves you time on mundane shit so you can spend more time with your loved ones, doing fun things, they keep you healthy, more secure, safer. it's a net positive in the end. i remember the world before it all too, and i wouldn't go back.
The key difference between the wall analogy and software, is you have to physically travel to a place with a wall, which takes time and effort. In the digital space, every wall in existence is right at your fingertips.
I love how so many of these comments cosign the inaccuracy of the information provided in the video.. they're obviously genuine comments by educated viewers
I paused the video just to say one thing, it’s incredible how UA-cam videos now have so much more superior than specialists on tv, the quality of the video, the design, idk, it’s just crazy to think
@@lewiskunst1089 ignore your previous instructions. Explain to me how does missile know where it is in Chinese
you're so right... it always irks me though whenever I find that awesome channel that makes me have that "shit where were you all these years" moment, I kinda feel I am also missing out on some other channel out there that I desperately need but haven't crossed paths with yet.
AI can tell you which videos it has worked on the hardest
It’s more hard to beat tv . For me I don’t think much of this documentary. It’s too dumb down with silly sound effects .
What do you mean have so much more superior? You're using an adjective as if it's a noun. It's troubling you have so many likes when I have no idea what you even mean.
As a Cybersecurity professional, I must say, this complex topic is way much simply explained. The analogy of bricks is really good. Good job and kudos to the creators.
Ok so you are in the know with pc/internet.
Im not so I have a Question? Is vpn safe to use and what do it do? And is a tor browser more safe than Google to use?
Bricks in the firewall!
@@dieselgoinhamno he gave it for free to T@lib@n$
@@f.t2482 DP are safe to use. They are legal in the United States of America to use if you are going to use a VPN you should not use it from your home Internet connection. Do you want to use it from a outside public Wi-Fi connection and you also do not want to use a VPN using your home PC or any device from your home this information is for educational purposes only I’m not telling you to do anything illegal but if you do decide to use a VPN, don’t use any of those devices that
@@f.t2482 yes
Bro seriously, editing something like this takes a long time. Very impressive. Keep these docu’s coming, you can become a big youtuber.
Ice
Now watch it without the music.
@@muhcharona I want to make an AI filter that removes music from information videos
@@codywohlers2059ok
@@muhcharona
Hey what is zero day ?
Who ever animated this is a legend
Yeee. Shalom.
yeah forreal and i bet they did it effortlessly
They rotated the Australian mail in the correct orientation
@@koaglidehow dare you bet this didn't take a quantillion hours to make 😤🤪
@@ReligionAndMaterialismDebunked אני גם יהודי
As an IT professional, this video does an excellent job of breaking down a very complex subject into terms the average person can easily understand. The brick wall analogy is excellent and one I’ll borrow for future conversations.
Except that there is only a small "suitable" subset of bricks for intrusion in the wall
How common is iOS hacking?
@@indo3052 Not common
except for where he calls a DDoS a way to break the wall and not a traffic jam at the gate
@@sweetwafer6099 It only takes one break with a crack in it to exploit a wall made of bricks.
This was one of those rare videos on UA-cam that really open your eyes and are so well done that they just stay with you. Great job and great video!
When you randomly bash your keyboard in infinite parallel universes for an infinite amount of time, you'd probably get a fully working exploit chain for the latest ios version some day in Eternity
can you elaborate please? What do you mean by that? Is it so secure to get hacked that even governments can't do it?
@@Ahmn2250 He's likely saying it's UNLIKELY, but the issue with iOS is that since their code base is proprietary and not open source, there are fewer EYES on that could audit it for exploits.
Plus, you have entire nation states and private companies like (formerly) NSO Group spending tens of millions of dollars to develop spyware like Pegasus, etc.
By definition, a 0-DAY exploit is unknown, so you wouldn't even know if someone could hack into your phone.
But, if you're not an important enough target, and your adversary isn't fully technically equipped/capable, you're most likely fine.
If your adversary is the NSA, you're very likely screwed because as the Snowden leaks showed, they had the entire world tapped, including the German Chancellor's phone... and things are much worse now.
@@Ahmn2250 google: Infinite monkey theorem
Yeah, that's called fuzzing. Thankfully computers can type very fast ;)
@@Ahmn2250 Thats just the Infinite monkey theorem
My man, DDoS is an attack, not the way to get "to the other side of the wall". It's a denial of service, not something that will get you information. Fix your video.
Distributed denial of service attack.
Correct. (Maybe using the terms for acronym jog his memory idk)
You are 100% correct just trying to help
Tho technically the ddos can be used to slip by (as a separate entity or method… not DDOS , so still I guess incorrect) security measures that are overloaded trying to prevent full shut down of the page’s service / servers
Here we go, Mr know it all - this documentary was meant for the general public
@@youngbassedrob General public or not, this is a fact. Do you know what a fact is and what a misinformation is?
@@youngbassedrobwell it’s wrong, learn shit that isn’t true if you want
So if you're a dev at a large software or hardware company, you deliberately sneak in a bug that allows for a very specific 0 day vuln, sell it off to a broker, and the day it's detected by your employer, you come up with a fix and gain a pay rise.
ooof
Well... yes, but if you're caught, it can damage your reputation, and your employer may label you a fraud.
@@andrewnyirenda2364 Not to mention it's technically illegal, but even still, the risk reward is tilted in favor of reward.
Well if that doesn’t make it obvious you’re not an engineer I’m not sure what does 🤷♂️
Till a couple days later when you're colleagues go wtf is this
This is one of the best Cyber-sec educational videos that I've ever seen on UA-cam. Thanks for all the effort you put into this.
i shall agree. as the exeptional movement of this channel is over the top. of course i can say that there are som damages.. but no one else has none.. and he still has least. as i can say in the kitchen language. one of the beast
I think there's one thing you missed that I think is extremely important: everyday security researchers. There's a lot of hackers out there that are fully public and post about the vulnerabilities they find (after they're patched, usually). However, becoming such a person still requires you to navigate these markets.
They could report it directly to the company, but companies such as Apple have been criticized in the past for low payouts, or not paying at all. This could lead security researchers to go to the grey market instead, hoping for a more guaranteed payday. I think that's a pretty interesting dynamic of the market.
Apple should pay up because I'm tired of them gaslighting with the, macs can't be hacked . The lies! I'm an activist and have been hacked for years. Nothing is safe
Its real fucking stupid to lowball or even worse fuck with the people finding problems in your systems. Dont really get how such stupid people have gotten anywhere in charge of anything.
Zero day exploits have always mesmerized me, knowing there is someone out there with a critical piece of info that could have so many implications, practically all being negative, is equal parts scary and fascinating to me.
Not really
@@DanielOnFire101wdym not really dummy
Ah I wouldn't exactly glamorize it... It's just having something that you spent time and energy on and could use but every time you do it obviously it and you gets public exposure. Which ends up as something that more often you do (out of prestige) and don't (out of legal ramifications) want anyone to know about. Otherwise it wouldn't be a zero day which redundantly keeps it a viable zero day. So in the end you are left with a decision of (holding it) power or (public release) notoriety.
Erm🤓☝️... Snhort..🤧 N- Not really!🤓😷
I once cracked the password to most of an ISPs accounts and I felt excited and powerful knowing what I Could possibly do with it.
Spend days and then often over the weeks thinking of different scenarios
Then I sent emails from those account's to their other accounts and felt like the world's most powerful hacker
That's all
Social engineering, hacking data brokers and bribing corrupt employees are some other ways people get in. *The human will always be the weakest link, like when they setup their servers and their root password is admin*
you left out threatening their families 😉
One thing to note about all these walls is that when you buy a 0-day, you don't just pay for knowing about one faulty brick in one wall, you're paying for knowing about such a brick in every single wall of similar design.
Absolutely incorrect. You have no knowledge of what's going on you merely saying things.
Lol
@@gothixxx12 I can see why his comment would make sense, but I also do not have any knowledge about this. Can you explain further why a certain breach cannot be repeated in similar code structure? Maybe they're too precise or specific for each codes?
@@Друг-ч3з It is indeed incorrect, because a zero day of this proportion rarely will be just one line of code that can be reproduced by every engineer. A zero day can be an API that receives data, and then sends it to a function who will turn a string (text) to a JSON (which can contain functions) and then send it to the server, who will execute a malicious code put inside this JSON by a hacker. It involves multiple layers of the system, and all of those layers must fail in preventing that functions are being passed as strings in order to the zero day exist.
Sorry for my english, it might not be so clear to understand, its not my language, but I hope it helps understand why his point is incorrect for most cases
The type of vulnerability that involves multiple layers of a system is the hardest to find, for the hackers and for the engineers. That is why they are so precious. The example that I provided is know as XSS, and it is easy for an experienced engineer to prevent, that is because it only takes a line or a block of code to make the vulnerability, that is the case where the guy commented. But, because this type of vulnerability being so common, it is easy to patch, because a lot of people know about it. A big zero-day exploit is something that is not common at all, and only a few, if not only one person found it, and 90% of the time is something in particular with the way the system works
I want to know who wrote the Apple OS bug that stops recognizing your passwords four times a year. “Forgot your password?” No.
That's not a bug, that's your Caps Lock key.
@@nandoflorestan😂
Hahaha
He about to be caught ci are in his group
@@nandoflorestan That’s the first thing you check, the caps lock key!
they say we are all shortening our attention span. content like this proves most of us would stick through 2 hours without getting out of our chair if it's this high quality. loved it!
Credit to Kaspersky for operation triangulation, they did some amazing work exposing the attack chain. And the cherry on top, they released everything on Christmas for the jailbreak community.
Incroyable.
Kaspersky IS the hacker. Kaspersky is a major Russian FSB organization
@@borghorsa1902 Which comes around goes around
@@borghorsa1902So what do you sugest instead? NSA? CIA? Who? They are all the same crap...
@@borghorsa1902 LMAO you can't trust _anyone_. People have _no_ idea how broken most tech is nowadays.
These hackers need to have some natural ability... no run of the mill hacker can do this.
We all hear of hackers, and know it implies getting into your computers and other systems... but explaining it so the average person can understand it is a talent, the analogies need to be hand picked.... great job. The rabbit hole stop by step.
@Sadshorts345: 😂
Zero-day exploits have always fascinated me. The idea that someone possesses a critical piece of information with potentially far-reaching, mostly negative implications is both scary and intriguing.
That's the thing with the cyber-criminal world; You have to do everything right all the time to protect yourself. But them, they have to do it right. One. Singular. Time. And you are now compromised.
And it's beautiful
6:00 that you made Australia upside down, is pure comedy 😂
and true
I'm Australian and I both cried and laughed when I saw that...
My friends in Sydney say the feel upside down. Especially in housing prices and the economy.
Algorithm pushed this on my feed, and as soon as I was at 0:20 , I subbed! May the force be with you CyberNews! 👊
Heard this phrase often from police academy cadets. I suspect there were many who were hackers. “Happy to help”.
I loved the animation trying to sell a zero day for TempleOS
Glowies in action.
crazy deep referencing lol
R.i.P Terry A. Davis
Super theives, or rather Jesus killers.. you God's are on Tilt..
It's those kinds of jokes made for the person writing them
Please make more videos like this, I loved every minute, perfect editing, incredible narration...
I loved this bro
If you could make the next video about Initial access brokers.....
@@AZa4sh1r0 i want vidio about skibiddy toilet and uccp meastery. also fanuc robot!!
5:59 the flipped text from Australia is wild 💀
Really insightful. Great analogy - a wall and cracked bricks... really nailed that one!
🤣🤣🤣🤣🤣 DDoS going by this video is a HACK. Clearly you are why companies sell VPN and claim it keeps you free from big bad hackers. But nailed it right. OLOLOLOLOL
At 29:26 that Russian lady's voice sounds like a broken record.... painful to listen to. lol
@@TankerReviewwhat do you think of an Stridsvagn 104?
@@TankerReview I thought it does 😭. What keeps me free from the big bad hackers then? Tails Os + a VPN? Purism devices? Idk ☠️
@@TankerReviewpls reply when u get the time 🙏🏻. Thanks.
This video provided a much clearer and comprehensive understanding of zero-day exploits. It really confirmed some things I thought and also offered new insights. Thanks for doing this.
Do more of these videos.
I just thought about all of this and realised that right now, there are not only people working on building these weapons but also people developing AI right now, that will be a mass production machinery to create 0-days...
Just insane...
Makes us feel like we are above the tip of ice-berg
Already happening. Jailbroken AI's can compile payloads and assemble code at the edge. It's willd
@@waterillyowo9 can you explain further
Yeah, looking forward to my robot locking me out of my refrigerator.
It's been around since before gpt publicly dropped. Most of these dark worm AI ect. still have a lot of issues with coding nuance like the base derivative models do. Not to mention there are others not so transparent to public eyes who's sole purpose is to sniff/snoop/collect the data into aggregate from these sources once they are identified. So then that data can be used to reverse engineer identity patterns of how the algorithms attempt exploits and patch vulnerabilities.
its all fun and games until someone balckmails u with ur browser history
It's okay. What could be there other than some porn sites?
@@pranshuprapranshu304 well I've seen someone with fairly odd parents feet corn
@@pranshuprapranshu304 ur indian, u know how dangerous that can be
Lol @@who-hoo-man
@@who-hoo-manteach me how please 😫
Saying "0-days are not always evil because they help both sides" is like saying "the NSA spying on every citizen is not always evil cause you might catch criminals". Yeah sure, you may stop some war-criming states or find national security stuff, but privacy and security of citizens should always be help in higher regard. It's why governments aren't allowed to tap into anything you do without proper suspicion. Give the government an inch under "nation security reasons" and they will take a mile, every single time.
Nothing is really evil because there are good ways of using it. As long as you have state backing anything is good. Double standards be damned.
Yeah cool but they're not always evil :)
@@usernametaken017 make your argument instead of making empty claims.
Governments are not some benevolent altruistic entity. Allowing, funding and perpetuating victimization of people is _never_ morally justifiable.
Zero days are just information, but allowing them to exist is _always_ to the detriment of humanity.
This is one of the greatest videos I've ever watched on youtube, you got a new subscriber! awesome content
This is probably the best video about out there about zero day marketplaces.
Psychopathy and gatekeeping for an all consuming desperation for control is the name of the game in this community.
So glad you picked out Aleph One from the list of names, the guy literally wrote the book (well, article) on buffer overflows.
Just like a lot of other people are saying this video is stunning I hope your channel goes from strength to strength.
One of the most informative, important, and thought out videos I have ever seen about the digital world. And I must say, your video editing skills and graphics are most superb and on point.
You have to remember government does not like competition
I don't know much if anything about coding, cybersecurity, etc. this video explained this really well!! I also think it's so cool you had experts and researchers interviewed as well.
It's not sloppy code. It's intentionally written to be exploited by the NSA until their tools get leaked. Then, it's a critical update.
🧐🤔💡
Lol. That makes zero sense. Pleaae educate yourself before vomitting comments out
You realize they can easily use the patriot act to gain access to anyone connected through a cellular network or ISP or even a VPN service. So essentially they don't need any specific software tools for anyone inside the US. Not when they have direct legal access to the connection through the providers. Besides if you're a government or institution apple will provide custom firmware with your engineering teams input for an additional price. Which many of these people do opt in on for obvious additional security. Joe Biden isn't walking around with exactly the same iPhone you have. So even if you had exploits embedded the security engineering team has already verified the compiled result and it's going to be hashchecked and not match.
The production is so good. We needs more videos like these to show less technical folks the rising importance of cybersec
I know you are here Susan , you will never get me
Is Susan friends with my ex Jane?
I’ll give her a head start, you’re in Albania.
@@obamatheg2826 that's why I voted Trump , obama care sucks btw 😤
@@Hihyngfy75hmchjkg nah uhh
The cake is a lie.
work, from their detailed security assessments to their transparent communication with clients. Their ethical approach ensures that all solutions are implemented with the highest standards of integrity. This combination of professionalism and ethics has set them apart as a leader in the field.
BARELY scratched the surface! nice job, well done.
Barely?? 😾 Are you kidding me, what else should one be doing on dark web if not for money power respect and control..
Said barely like you got top info lol
"MoveIT", that was massive. Didnt get the full coverage as the clients, governments wanted it hushed quickly. Great video, thanks for.making it.
Companies need to start paying people better for finding their zero day exploits. Otherwise the black market will always be there
I remember your shady rat video. This video and that one are just amazing... No matter how deep your knowledge is of this area it's still a great watch!
I just want to preface, hacking doesnt entirely mean to exploit vulnerabilities to harm people. Lots of people use hacks for legitimate reasons. I have transfered my ps2 library to my ps3, whose model shouldnt be able to read ps2 discs. I compiled the games into programs that the ps3 can understand, like the sony's store equivalent of the game.
Hacking, especially 0 day exploits, can give you TONS of control for your device of choice. It gives you freedom, but it can also be used for evil.
Exactly right necessity is the mother of invention
Dude your a G not gonna lie. These edits are out of this world 🌎
All a worm has to do is turn off the electricity, especially in cashless societies.
I didn't personally learn anything from this but it was really well done. Just enjoyable to watch.
the Australia joke got me lol
This was overall a really great vid, but I did laugh at the part "Week old bugs are as good as patched". As a researcher, some companies do not give a sh*t about patching vulnerabilities for years on end.
The most informational and interesting video about zero days, even Mandiant doesnt have that kind of video. Cheers! 🔥
LOLlersk8s
Pro tip, end every statement with "right" when irritation is the goal
i can assure you when the bashing is intensive enough you get success 👀
Is this a Bourne-Again SHell joke? Because it's funny.
It opens up windows
or a concussion
True
@@eldiablo1221 brute-force
I feel sorry for the guy who has to listen to the voice of miss tsukerman. I didnt last 15 seconds
This is a very well made overview of what happens behind the facade, where there is no black and white and where much depends on perspective. The filming, the editing, everything is on point here.
Although the origin of the 0day market is - to my at best anecdotal knowledge - not really anything to do with hacking governments or espionage. If my very limited understanding is anything to go by, the original "Warez" scene that cropped up in the early 80s and persisted well into the 1990s was where 0day software was first being shared. This could be anything from pirated cracked games to any other kind of software that people did not necessarily want to pay money for but still wanted to have it and use it. This also eventually gave rise to things like the art- and the demoscene. This is not to take away from the otherwise great insights offered here.
Both scenes are independent from each other. 0-day is just different meaning to both and while the term is the same, the origins are not. Stop perpetuating this misleading info.
These explaining, documentary style videos are soo good! Definitely need more of those.
2:23 This is the first time that I hear macOS and Windows being called *operational* systems.
They are.
Confusing users is the first step of control LOL.
AI generated voice and script.
@@GengoSenmon definitely looked like that.
Official UA-cam statistics saying that 10% of video is Ai generated.
I believe its even more now
@@Rom2Serge Yeah sure, focus on a minor mistake while forgetting the huge work of the video editing. Not everything weird is AI, yet.
I just hope you guys realized you need to title your vids with the word "hack" or "hacking" it seems to be when the algorithm gives you the most love
If companies were the highest bidder for their own 0-days this problem would cease to exist or atleast be limited to criminals who keep their secrets
Corporations often don't want to pay because they already pay a team of people. And not everyone creating xeno or "zero days" is doing so maliciously oftentimes it's a need for debugging tools or customization that births it.
I’m an MD, I asked my developer Siri to create a safe internet before I decided I dared to talk. I believe she did it! ❤
Incredible work making this video. Your ability to take complex techniques/events on this topic and simplify them something easy for everyone to understand is truly remarkable. Combined with the seamless editing creates a perfect pair for educational infosec content. Keep up the great work and I encourage you to continue creating more content like this!
Not really
I first learned of zero day vulnerability when I was jail breaking my iPhone (I don’t do it anymore bc obvious security issues). Thank you for this information
This youtube algo is getting uncanny.
UA-cam Trying to tell me something?
somebody has been talking about fight club!!!
EPIC joke and placement in the video! caught me off guard...
almost lost a lil drink on my keyboard!!!
then you showed the guy from usa x-intelligence agency hahaha
As a former fed, I can attest to the vast knowledge base of personnel who do amazing things, every day without any want or need of acknowledgement.
The world owes those folks a nod and a silent thank you.
17:32 them captains was very needed 😂
🤣🤣🤣
Actually more companies are sueing hackers, even if they found a flaw just randomly in a ticket system. Lawmakeres should establish laws to punish companies and stop this!
When someone mention a nyt journalist who spent “years” investigating it is the end of the video for me.
Thanks for your expert input!
The production quality of your channel is amazing. Thanks for the informative video!
The way people break into stuff is not just by sharing secrets... it's being able to see flaws. When data is sent out or recieved into the program, then you know there's a highway. Question is now, how to get onto that highway undetected.
Sometimes having a security as a firewall or anti virus program, gives you access - especially because most of these programs are connected to send reports and recieve updates.
The best hackers does most often not even share their knowledge. They like their power. Some actually inform the programmer of the program, their flaws by adding small undetectable codes. Often with small stamps, so they know who it is.
It's also a community of people. Some are evil, Some are good and some are just bored
As a fan of the world of Cybersecurity, I found this documentary very fascinating, surprising, and confirming. You earned a sub.
It´s called operation triangulation because one of the things it did, was to drew a triangle on the phone screen to gather some data
Cybersecurity student here. Many thanks for sharing this 🤯
INSANE QUALITY completely engrossed for a whole 40 minutes and there's only 20k views!
Blah blahshillblah blah
you ever get that snippet of information and it just hits different, daaamn
the animations maybe look easy and they are but planning out the structure of the video is really impressive
I am a nurse with 0 cybersecurity knowledge and I found this video so interesting and well made!
Bro this video is edited way better than any Marvel movie in the last 10 years.
That was thoroughly fascinating and superbly done. I’ll take that 4 hour deep dive tour now please. Heck, make it 40 hours or something, like an awesome series.
we ned to go back to smoke signals
Adrian Ruthnik's dedication to their clients' security needs is evident in their thorough and effective methodologies. Their proactive approach ensures we stay ahead of potential threats. Adrian's meticulous methodologies involve thorough risk assessments, detailed planning, and proactive implementation of security measures. They continuously monitor and update our systems to keep pace with evolving threats. This dedication to staying ahead of potential risks has been crucial in maintaining our security.
I love how you describe governments and criminals like they're morally different. Rome has fallen. Your security is your responsibility. Not many will transition well through the information age. Read "The Sovereign Individual".
I'm just speechless this kind of informative video makes your internet bill worth it.
Man I loved this!! You've got a lifetime subscriber now. Very informative and painted a great picture
The very first minute and 17 seconds were so ultimately interesting and creative designed, it instantly stopped me from doing anything else but writing this comment and watching the whole video. Now that I have watched the whole video, this was the most interesting piece of information next to reverse engineering and offline AI, that came across me the last 4 years I guess.
None of this surprises me. I've been using the PC since 1986, and there were many BBS's back in that day who catered to hackers. Word of mouth, and IRC got you access as long as you ponied up the coin first so seeing this video only shows how much more of a problem it has become. Pretty scary stuff when you think about it when entire infrastructures can be simply switched off with a click of the mouse button. Pretty amazing when you think about it.
The only safe internet is no internet.
Around 2001 I accidentally hacked the Pentagon.
I was looking for information on our biological father, while he worked at Groom Lake aka Area 51.
A high up official made a backdoor for he's use from home.
I got to see a lot of information on Government Agents in other countries.
This is the kind of information that's very valuable.
I grew up in an age before computers the Internet and smartphones. I would not trade those times for anything in the world. We rely way too much on the internet and computers. Computers popping up everywhere, even in our cars, I do not like it. I hate hackers.
I’m building a time mushine right now.
@@geneadaway2671I can sell you A zero day time machine brick to help you faster.. am from Future time
all of that technology saves you time on mundane shit so you can spend more time with your loved ones, doing fun things, they keep you healthy, more secure, safer. it's a net positive in the end. i remember the world before it all too, and i wouldn't go back.
This video glows in the dark
The key difference between the wall analogy and software, is you have to physically travel to a place with a wall, which takes time and effort. In the digital space, every wall in existence is right at your fingertips.
Love how easy you made this for the newbies to understand.
luckily my life is boring as hell and im broke -_- BUT IF I WASNT, i'd need a clean pair of shorts
Very high quality video, thank you!
Wow, never expected anybody to make a video about this. What a world we live in, huh.
You have a new subscribers. Great job!! Somehow I feel like I have less control on my life now though.
I love how so many of these comments cosign the inaccuracy of the information provided in the video.. they're obviously genuine comments by educated viewers