I have used a unique email address per account since 2002 on a dedicated domain-name i own. I am glad to see the practice of using a unique email address per account is finally becoming main stream. But I see companies like Apple and Proton mail, like to use their domain, instead of one you own yourself.
I worked for an ISP that purposly low prioritsed torrent traffic. When I worked night shift I would guide customers on how to increase their torrent speeds. I always had the best customer satisfaction score and my colleagues never connected the dots.
You could easily bypass that with a proxy or VPN since they were most likely using stateful packet filtering. lol The difference in the Korean case, is that the provider had full access to the router their customer must use as their gateway.
Human rights and online freedom, lol. No, this is normal in Korea and this is their law. And you can't even use banks without installing application on your pc (anti-keylogger, antivirus from the banks) Human rights? Walk to the f**king bank, then. You act as if European and American law support freedom 100%, it does not.
"a single quote is all that's needed to send the machine into an unresponsive state" *_Bobby Tables (and a large chunk of Ireland) has entered the chat_*
The O'YOLO isn't fixed everywhere. Another thing about them is that you can make legit reservations through them and even get an invoice at the end. Don't ask me how I know :D
4:14 _"It's only available to law enforcement in the most extreme of circumstances"_ Like activism, journalism, or organizing events for example... And who decides what constitutes an "extreme circumstance"?
Just have part of the passwords on paper and the other in your head (have something reminding you which is for which though, like +++ + !!! or something), with burner passwords for sites you know are likely to have data breaches and you don't care about. Even if a pass gets leaked and the pass fragment on your memory is on multiple passwords, attackers still need the part in paper to get to any other accs, and, if you want to, that gives plenty of time to change those. Plus the part in paper is useless to most people.
Mullvad VPN is better, they do what they preach (raided in 2023 by Swedish Police on behalf of German Police, Swedish Police left empty handed as they had no customer information including logs) and is affordable.
Why would the rest of the world need to care, it only matters to koreans. If only they're affected by their unhelpful laws and submissive people, then the rest of the world should be fine. Too bad if you are someone that recognizes and suffers from the issues living in korea
My last name has an apostrophe in it. It is scary how many website forms refuse to accept it. Heaps do, and its clear the lazy coding that makes the others fail
Re: KT, so, this means people are going to jail, right? I mean they supposedly PURPOSELY infected their customers with malware, that means jail, no? I guess we'll see but I'm guessing 'being big company' means: here's a little fine, please don't do it again...
The thing is, companies don't "go to jail". People do. The company can just continue operation, left for the shareholders to dissect and resurrect the company with new crimin- I mean ... CEO's as head of the company.
Nobody will go to jail. Best case scenario, the government forces KT to stop doing it. Worst case scenario (and probably the most likely one) is that the SK government forces KT to provide all of the technical details on how they did it. Under that scenario, the SK government will almost certainly provide detailed information on the subject to all of it's diplomatic allies.
This makes Chatcontrol in EU look tame. Other videos claim you must install ISP software to connect to internet. This would make it easy to do whatever they want.
It's a bit more nuanced, I believe you need to install software to visit certain websites, the software isn't from the ISP. Look up: VeraPort This is from the same country where you needed IE because it supported Active X
@@Anti-FreedomD.P.R.ofSouthKorea it's because in other cultures/countries this would be irrational what the ISP did and possibly impossible if the file sharing application was build in a modern way.
Lots of wild crap in this one. I don't know what's more crazy, a legitimate cybersecurity company breaking multiple laws or an ISP literally installing malware on their customer's computers.
I can't wait for Certik to claim that tornado cash money laundering was "just a test" like the captain of the Costa Concordia claiming that getting into a taxicab and fleeing the accident was "looking for help"
by far some of the best coverage of these topics ever. im totally dumb but i can still follow these vids which is a huge compliment haha. thanks for your hard work!!
Bell Canada, a major ISP in Québec, used to throttle torrents traffic back in 2005. I was one of their customer at that time and since it's perfectly illegal, and I am part of a class action on that matter. In 2024 it is still not over. I guess that now as the VPN got mainstream, ISP no not lost their time with that. If I would still torrenting, I would surely use my VPN to do so to avoid ISP to see which kind of packets transiting on my isp modem.
At least there was a class action done against the people for that! There is none of that in South Korea, simply none. Similar things have occurred by the Korean ISPs before, and no reprimands whatsoever which should have been conducted by the government. The people yet keep using the same ISPs that scammed over them, the people allow this
Tech news is like how people used to describe “the news” to us kids: it’s so sad and you are so powerless, don’t bother watching it. Lol. I swear tho, if my hotel ever has a self service station I’m gonna find the human responsable
Well I'll just say it here, ISP's must learn this. Copyright is not Infringement!. Showing TV, even UA-cam, for free sure ads but still free, could be claimed as infringing of Copyright too. Doesn't mean that it is. When its totally new, that makes sense in trying to make money. A general Time limit!
its the nature of ipv4. 4 billion public ip addresses were never enough. everyone from now on will be behind cgnat. wish ipv6 gets adopted fully but then again, ISPs would lose money
@@durururururururu I pay 3€/mo for a static public IPv4, and get a free static public IPv6 (that I'm not using because I'm too stupid to learn IPv6) :)
At&T too. I specifically mention them because I have proof. They helped Progressive Auto insurance get into the contacts list of someone I know while they were in the middle of an insurance claim. Started calling people in their contacts list. Didn't know I was a cracked security researcher. They know now though 😂
WebHard is like the concept they use in the TV show silicon valley for their product "pied piper" except in the show what makes the concept work is godlike compression
@@Samstercraft77 youtube server side ad injection might break it (and manual subtitles as well, but if they don't that's just something sponsorblock can use to work again).
It sounds like somebody working *for* Certik might have been using the bug bounty and "whitehat" card as plausible deniability for a multi-million dollar heist. The heist went obviously bad and it took them a bit too long to realize they couldn't keep the money.
The worse thing my ISP ever did was block 4chan for a week when I was 15. Needless to say that didnt last. And Then one time they got on me for hosting people via a VPN who where know for deploying "Botnets". I was letting people pay good money for my IP. Made me have to shut it down before the FBI kicked in my door.
As for the hotel bug. I have known, a doctor's surgery to show the Windows desktop. But with no keyboard I just reported it. On a more serious note. I thought the server databases being used were supposed to be air-gapped or firewalled but in today's virtual server environments where multiple servers may be on the same physical machine what about memory or buffer overflows. In the said example how much data did the terminals in question have? I remember in my PHP days error checking was a pain and if the code was not audited correctly BANG. Even in my FORTRAN days, every function should have an error routine. That's it from an old codger.
I wondered whether I was affected too from this. Cos I had my setup currently and then I could see that lots of scripts ran through my actual PC too as well... and then... I just switched off my machine overnight instead and keep rebooting etc. So...
You can use torrents without encryption so they might have taken advantage of this. If the clients being used werent also checking the hashes that might be why
i think the certic case is one of a rouge employe, blindet by the monny, that culd explain also the 5 days days, say an employe finds the bug, sits 5 days on it abusing it, and only after that the "post nut clearity kinks in, realizing that someone fuckt up, after all mistakes are humen, and Never attribute to malice that which is adequately explained by stupidity.
Where's the contradiction? You pay for a service, not for the source code. Red Hat is one of the largest open-source contributors relative to their size, but, of course, all of their products are subscription-based.
But Proton is running servers in a datacenter to store encrypted data from their clients. That's a thing that costs them money, hence they charge you. And yes, you could download their software, compile it and run in on your server, but *you'd still be paying for your own servers, running that open software.*
@@theloststarbounder I don't see in what sense could that be possible. They proved that development of open-source projects, which includes upstream contributions to 3rd-party repos, is a profitable business model. The Venn diagram of Red Hat product users and people who care about FOSS likely has virtually no overlap, so I don't understand what your point is. They don't represent FOSS in any way. They're just a corporation that also contributes to FOSS projects.
For the p2p network there will be a trust anchor problem. Each node participating can't use public certs tied to DNS, so need a private cert authority or self signed certs. If each node carrying a self signed then trivial to mitm if you operate the network traffic is passing over (bgp vodoo being an option). If private PKI then isp can submit their own csr and be valid on the network... If isp has access to a ca in public PKI well they can Mint any kinda tls cert they like. There are probably convergence/poison attacks as well ie for distributed hash if you own 51% of network (or can modify its traffic) that blocks hash is whatever you say it is
This shit wouldn’t happen if bug bounty programs actually paid researchers instead of just taking their work, making an excuse, and disclosing it to the company as free research. Bug bounty is a fat joke.
crashing from a single apostrophe sounds like an overstrict parser in whatever code it's in. /war flashbacks to trying to get something to work in a JSON file
In today's episode: Company commits MAJOR crimes! Company almost certainly commits large crimes and engages in terrible business practice! Company engages in terrible business practice!
Hi, South Korean person. We're just as angry at what the elite are doing to this country as you. It's extremely hard to change; if it were easy it would have been done already given our work ethic. Please remember there are innocent people who are implicated in every sweeping generalization and insult.
Then actually stand up against it...? I swear, if there is one country in this entire world which the elites can freely do whatever they want- be it the large companies or the government- and still get away with it due to no actual retaliation from the people, it is South Korea. Sounds much like the North, but the thing that the South counterpart has in common is that the people are simply so, sooooo submissive to tyranny, when in other developed and so-called democratic countries would have had protests all over the place. And the comparison I made just now, if you were to say this as a Korean yourself on the Korean internet sphere, you will be called an extortionist, traitor, 간첩, 조선족 and etc.- just all kinds of name calling without any effort nor intelligence to even see the point. Which just makes things even better as for people being so suitable to be ruled over. Abuse and torture in military when you have no choice but 98%+ to be consribed just because you are a male, with there being no guaranteed reparations shall you suffer through abuse. One of the least sums of government financial aids given during the COVID pandemic despite the quarantine lasting for the longest in OECD-qualified countries, the ISP literally working as some kind of gangster organization that can do illegal things and scam off the customers while legally being able to sell off your personal data despite actually going through the contract yourself and checking everything. Banning majority of foreign imports you can order as an individual. The list goes on and on... You should notice the one thing that differs South Koreans from the rest of the world that runs on a template of democracy, is that the core notion that people should rule and participate just seems to be totally annihilated and absent in place of submission and allowance of soft-power and governance tyranny. So basically the politicians and any people of power can do whatever they want, or whatever they wish, when there is effectively 0 retaliation from the people or just the response coming from the people either being totally wrongly informed and driven anyways. If you are a citizen of a democratic country that refuses to rule and protest, then expect to be ruled over. Do not complain when the elites rule over you guys furthermore and these just ridiculous new bills and societal phenomenon increases in your country as time goes on.
Then actually stand up against it...? I swear, if there is one country in this entire world which the elites can freely do whatever they want- be it the large companies or the government- and still get away with it due to no actual retaliation from the people, it is South Korea. Sounds much like the north, but the thing that the South counterpart has in common is that the people are simply so, sooooo submissive to tyranny, when in other developed and so-called democratic countries would have had protests all over the place. And the comparison I made just now, if you were to say this as a Korean yourself on the Korean internet sphere, you will be called an extortionist, traitor, and etc.- just all kinds of name calling without any effort nor intelligence to even see the point. Which just makes things even better as for people being suitable of being ruled over. Abuse and torture in military when you have no choice but 98%+ to be consribed just because you are a male, with there being no guaranteed reparations shall you suffer through abuse. One of the least sums of government financial aids given during the pandemic despite the social distancing judristrictions lasting for the longest in OECD-qualified countries, the ISP literally working as some kind of gangster organization that can do illegal things and scam off the customers while legally being able to sell off your personal data despite actually going through the contract yourself and checking everything. Banning majority of foreign imports you can order as an individual. The list goes on and on... You should notice the one thing that differs South Koreans from the rest of the world that runs on a template of democracy, is that the core notion that people should rule and participate just seems to be totally alienated and absent in place of submission and allowance of soft-power and simple governance tyranny. So basically the politicians and any people of power can do whatever they want, or whatever they wish, when there is effectively 0 retaliation from the people or just the response coming from the people either being totally wrongly informed and driven anyways. If you are a citizen of a democratic country that refuses to rule and protest, then expect to be ruled over. Do not complain when the elites rule over you guys furthermore as the time goes on.
As someone said on a other video, theres no point in taking 3 mill. You could have just taken a couple hundred. If you decided to take 3 mill to "really get the point accross" then you should just have taken a ridiculous amount like a couple hundred mills. 3 mill just makes it look like you were half way between trying to be legit and seeing if you could get away with the money.
11:15 Nah. They don't say "thank you" because there is no gratitude. Fixing such issues just costs money, which increases business expenses. Higher mgmt wants none of that. Welcome to metastatic end-stage capitalism.
I heard the "is a crypto mixer service that was sanctioned by the US" and had to do a double take... then remembered sanctioned has 2 meaning that are exactly the opposite. English you know, I sanction it.
@@lussor1that's not really the substance of OP's comment, which is more just a negative generalization of an entire country. I'm also angry at the censorship.
About the kraken thing , yeah, its extortion. Please don't do this people, it makes things harder for the rest of us. On the other hand, I do understand where they're coming from, since this bug is worth a hefty price and it's likely judging by krakens accusations that they may try to rip the researcher off. Which is well within their rights, but I won't sit here and pretend that I have no clue why these guys would do such a thing.
they tryed to make it look like it. the thing about cracen is they do refuse to pay for critical and downgraded it to lower priority, So in this case you have to demonstrate it is indeed a critical bug. Problem with critical bugs is not a $ that have to be payeed it is someone has to be fired. They tried to cover it but as it get publicity its been resolved as it supposed to be.
you dont understand how things need to be done in business, you cant just ask for money then give it to someone, it has to go thought several people with at lest 3 different higher up signing off on it, or there WHOLE board signing off, and fuck ton of paper work in order for them to keep them self legally safe and everyone covered if something goes wrong. there not just a ONE person, giving an other person money, no where neer as simple as that, not matter the transaction.
Proton Pass 👉 proton.me/pass/seytonic
I have used a unique email address per account since 2002 on a dedicated domain-name i own. I am glad to see the practice of using a unique email address per account is finally becoming main stream. But I see companies like Apple and Proton mail, like to use their domain, instead of one you own yourself.
I'd subscribe if Proton would let me pick any available/unused email address as an temporary one. The ones they generate look kind of silly. imo
Self host vaultwarden ftw
Nah vaultwarden > bitwarden >> proton
@@SlitheringDemon agreed honeybooboo
I worked for an ISP that purposly low prioritsed torrent traffic. When I worked night shift I would guide customers on how to increase their torrent speeds. I always had the best customer satisfaction score and my colleagues never connected the dots.
I suspect it was windstream, do tell…
My isp always slows down when i use torrents & access twitch lol. Luckily it can easily be fixed by using vpn
wich country ? Is it a legal thing to reduce speeds purposefully ?
@@UltraPatatenot in the US i think
You could easily bypass that with a proxy or VPN since they were most likely using stateful packet filtering. lol The difference in the Korean case, is that the provider had full access to the router their customer must use as their gateway.
Black Hats just got a brand new target to play with...
It's attack on human rights and online freedom. Unbelievable.
Human rights and online freedom, lol. No, this is normal in Korea and this is their law. And you can't even use banks without installing application on your pc (anti-keylogger, antivirus from the banks) Human rights? Walk to the f**king bank, then. You act as if European and American law support freedom 100%, it does not.
Agreed. I'm South Korean and furious at this. Wish us luck in trying to take down the elites, it's been a hard battle that we're still losing
IF it is correct.
Should this be true, I hope they get sued into the ground.
i agree this wrong, but "human rights"?
thinking that the internet is a human right is peak judeo-commie talk
but you support it when your gov does it to other countries.
"a single quote is all that's needed to send the machine into an unresponsive state"
*_Bobby Tables (and a large chunk of Ireland) has entered the chat_*
came here to comment on the sqli, seems like a better one already existed
The O'YOLO isn't fixed everywhere. Another thing about them is that you can make legit reservations through them and even get an invoice at the end. Don't ask me how I know :D
They just created about 5 million Irish hackers by simply entering their name. lmao
4:14 _"It's only available to law enforcement in the most extreme of circumstances"_
Like activism, journalism, or organizing events for example...
And who decides what constitutes an "extreme circumstance"?
feminist Agency. familly Agency is lie. korean word say that is woman Agency. everything is lie
Just have part of the passwords on paper and the other in your head (have something reminding you which is for which though, like +++ + !!! or something), with burner passwords for sites you know are likely to have data breaches and you don't care about. Even if a pass gets leaked and the pass fragment on your memory is on multiple passwords, attackers still need the part in paper to get to any other accs, and, if you want to, that gives plenty of time to change those. Plus the part in paper is useless to most people.
Mullvad VPN is better, they do what they preach (raided in 2023 by Swedish Police on behalf of German Police, Swedish Police left empty handed as they had no customer information including logs) and is affordable.
If this ISP doesn't get shutdown, then they've just declared war against all Internet users globally.
Waiting for 4chan to find out about this
A nation of lies filled with extreme bubbles. not only this one. this similar country is everything ruined - korean normal people
Why would the rest of the world need to care, it only matters to koreans. If only they're affected by their unhelpful laws and submissive people, then the rest of the world should be fine. Too bad if you are someone that recognizes and suffers from the issues living in korea
😆
@@RonKan69 4chan isn't some secret hacking society, and it's not 2012 anymore. It's literally just a forum.
My last name has an apostrophe in it. It is scary how many website forms refuse to accept it. Heaps do, and its clear the lazy coding that makes the others fail
Re: KT, so, this means people are going to jail, right? I mean they supposedly PURPOSELY infected their customers with malware, that means jail, no? I guess we'll see but I'm guessing 'being big company' means: here's a little fine, please don't do it again...
Korea is a cyberpunk dystopia with how much big companies get away with
The thing is, companies don't "go to jail". People do.
The company can just continue operation, left for the shareholders to dissect and resurrect the company with new crimin- I mean ... CEO's as head of the company.
@@kv4648 companies literally control everything. Most KTs gonna have to do is let this pass and be forgotten again.
Nobody will go to jail. Best case scenario, the government forces KT to stop doing it. Worst case scenario (and probably the most likely one) is that the SK government forces KT to provide all of the technical details on how they did it. Under that scenario, the SK government will almost certainly provide detailed information on the subject to all of it's diplomatic allies.
@@kv4648Well still better than north korea
This makes Chatcontrol in EU look tame.
Other videos claim you must install ISP software to connect to internet. This would make it easy to do whatever they want.
It's a bit more nuanced, I believe you need to install software to visit certain websites, the software isn't from the ISP.
Look up: VeraPort
This is from the same country where you needed IE because it supported Active X
They took over the entire broadband, the ISP software you install in your pc is just a tip of the iceberg really
Seems like the news only partially went overseas but honestly I'm even surprised at how foreign media is even responding to this at all
@@Anti-FreedomD.P.R.ofSouthKorea it's because in other cultures/countries this would be irrational what the ISP did and possibly impossible if the file sharing application was build in a modern way.
Lots of wild crap in this one. I don't know what's more crazy, a legitimate cybersecurity company breaking multiple laws or an ISP literally installing malware on their customer's computers.
You know it's a good day when a Seytonic video drops!
I can't wait for Certik to claim that tornado cash money laundering was "just a test" like the captain of the Costa Concordia claiming that getting into a taxicab and fleeing the accident was "looking for help"
3:00 sounds like a hell of a lot of lawsuits heading KTs way or it should be getting them.
by far some of the best coverage of these topics ever. im totally dumb but i can still follow these vids which is a huge compliment haha. thanks for your hard work!!
A company operating a Ponzi scheme running to the police to report extortion is hilarious to me.
Crazy! Thank you for sharing all this information
Bell Canada, a major ISP in Québec, used to throttle torrents traffic back in 2005. I was one of their customer at that time and since it's perfectly illegal, and I am part of a class action on that matter. In 2024 it is still not over. I guess that now as the VPN got mainstream, ISP no not lost their time with that. If I would still torrenting, I would surely use my VPN to do so to avoid ISP to see which kind of packets transiting on my isp modem.
At least there was a class action done against the people for that! There is none of that in South Korea, simply none. Similar things have occurred by the Korean ISPs before, and no reprimands whatsoever which should have been conducted by the government. The people yet keep using the same ISPs that scammed over them, the people allow this
Its like in Switzerland... corrupt ISP and VPNs
Tech news is like how people used to describe “the news” to us kids: it’s so sad and you are so powerless, don’t bother watching it. Lol. I swear tho, if my hotel ever has a self service station I’m gonna find the human responsable
ISP's injecting malware into customers is criminal to say the least.....
People paying high Mbps/Bandwidth Wi-Fi.
Yet this ISP in Korea Hates it.
The sad thing is that people are still gonna consume their product.
Seems like Little Bobby Tables or 1 of his classmates strikes again...
thank you for posting
Well I'll just say it here, ISP's must learn this. Copyright is not Infringement!. Showing TV, even UA-cam, for free sure ads but still free, could be claimed as infringing of Copyright too. Doesn't mean that it is. When its totally new, that makes sense in trying to make money. A general Time limit!
10:32 immagine installing ransomware through that :D
Fun fact: Xfinity still isn’t giving access to port forwarding.
Bridge your modem?
Tunnel it through a proxy or VPN, there's nothing they can do. ;)
You can port forward with xfinity, you just have to do it through their app.
its the nature of ipv4. 4 billion public ip addresses were never enough. everyone from now on will be behind cgnat. wish ipv6 gets adopted fully but then again, ISPs would lose money
@@durururururururu I pay 3€/mo for a static public IPv4, and get a free static public IPv6 (that I'm not using because I'm too stupid to learn IPv6) :)
I wouldn't be surprised if the encryption was bypassed bc of how tls tends to be done in korea
How is it done?
I think it's useful to mention the program VeraPort
@@RonKan69tls isn't a lawful mandate for many webservices in korea
@@RonKan69 adding random ass cert authorities is a way more common practice for one thing
I think Mental Outlaw did a vid on this, too.
Still the best channel on YT
My reaction to story 1: wtf
My reaction to story 2: wtf
My reaction to story 3: wtf
Hey Seytonic, You should talk about the recent incident about Indonesian Data Center. Love your content
Hoping the grey hats watching this look into kt.
Money does weird things to people.
Spectrum and Verizon also MITM their customers lol
At&T too. I specifically mention them because I have proof. They helped Progressive Auto insurance get into the contacts list of someone I know while they were in the middle of an insurance claim. Started calling people in their contacts list. Didn't know I was a cracked security researcher. They know now though 😂
PITM, man is not inclusive, we use person now sweaty
@@joeri5678 sorry I’ll be more inclusive when I describe who’s invading my privacy 😘
do you have a source for this? a quick search didn't turn up anything for me
@@bombus_ my guess is there is a clear and obvious reason you won't find that info on the internet easily
why would you need high speed internet if not for torrenting ?
WebHard is like the concept they use in the TV show silicon valley for their product "pied piper" except in the show what makes the concept work is godlike compression
Lol I always watch your videos even though sometimes I can barely comprehend what's being said
On Krahen,and Certik, they wanted to assure reward price scale.
Someone has to say it: When the ad slot is more than 10% of the video, you're doing it wrong.
just get sponsorblock instead of complaining
@@Samstercraft77 youtube server side ad injection might break it (and manual subtitles as well, but if they don't that's just something sponsorblock can use to work again).
accepting a proton slot is bad in it's own.
@@germanelkapo1 ublock fixes that
Petition to bring back hello world intro
How the ISP doing MIM is - by deploying their own Certificate on clients computer, so fhey can do packet decryption by acting as proxy.
I wonder what shenanigans ISPs in the US will start doing once net neutrality is abolished. It gives me shivers down my spine.
한국인이지만 정말 어이가 없습니다...
당해도 싸!!!!!! 당해라!!!!!!!!!!! 더 당하고 그냥 더 당해버려라!!!!!!!!!!!!!!!!!
It sounds like somebody working *for* Certik might have been using the bug bounty and "whitehat" card as plausible deniability for a multi-million dollar heist. The heist went obviously bad and it took them a bit too long to realize they couldn't keep the money.
That kiosk company really messed up my god
Just so you're aware, on the Kraken story, they actually completed it in one hour and 40-something minutes, it says in the tweet
6:23 100% Black Marketing.
And it feels like they wanted more credit and recognition:)
Look at guys thumbs holding the CERTIK tablet 😂
yes proton sponcerd someone lets go
03:35 is webhard a bittorrent client? if no then where torrenting?
10:10 how it passed testing? Well, there was no testing lmao
The worse thing my ISP ever did was block 4chan for a week when I was 15. Needless to say that didnt last. And Then one time they got on me for hosting people via a VPN who where know for deploying "Botnets". I was letting people pay good money for my IP. Made me have to shut it down before the FBI kicked in my door.
As for the hotel bug. I have known, a doctor's surgery to show the Windows desktop. But with no keyboard I just reported it.
On a more serious note. I thought the server databases being used were supposed to be air-gapped or firewalled but in today's virtual server environments where multiple servers may be on the same physical machine what about memory or buffer overflows. In the said example how much data did the terminals in question have? I remember in my PHP days error checking was a pain and if the code was not audited correctly BANG. Even in my FORTRAN days, every function should have an error routine. That's it from an old codger.
I wondered whether I was affected too from this. Cos I had my setup currently and then I could see that lots of scripts ran through my actual PC too as well... and then... I just switched off my machine overnight instead and keep rebooting etc. So...
You can use torrents without encryption so they might have taken advantage of this. If the clients being used werent also checking the hashes that might be why
So how werethey able to get through the encryption and hash verification that's practically used everywhere, by everyone?
i think the certic case is one of a rouge employe, blindet by the monny, that culd explain also the 5 days days, say an employe finds the bug, sits 5 days on it abusing it, and only after that the "post nut clearity kinks in, realizing that someone fuckt up, after all mistakes are humen, and Never attribute to malice that which is adequately explained by stupidity.
They doubled down tho, and then afterwards decided to send the funds back.
6:35 is that possible a reference to the popular game Among Us
why is there static noise in the background?
An XLR cable gone bad... Only realised after everything was edited 🤦♂ Though I have a new one now : )
Certik is hilarious they literally stole 3M using their bug to try to guarantee the get the high end of the bug bounty.
Great video! But please fix your mic/audio. The humming noice is annoying
I don't remember any videos you are talking about certik
that is so awesome. (wrt isp story)
>open source
>"you need to pay monthly"
Where's the contradiction? You pay for a service, not for the source code. Red Hat is one of the largest open-source contributors relative to their size, but, of course, all of their products are subscription-based.
yeah, somehow you're allowed to compile from source...
but just dont do that
@@NatiiixLP Red Hat does the most discrimination too, they painted FOSS in the worst way
But Proton is running servers in a datacenter to store encrypted data from their clients. That's a thing that costs them money, hence they charge you.
And yes, you could download their software, compile it and run in on your server, but *you'd still be paying for your own servers, running that open software.*
@@theloststarbounder I don't see in what sense could that be possible. They proved that development of open-source projects, which includes upstream contributions to 3rd-party repos, is a profitable business model. The Venn diagram of Red Hat product users and people who care about FOSS likely has virtually no overlap, so I don't understand what your point is. They don't represent FOSS in any way. They're just a corporation that also contributes to FOSS projects.
guy who was just downloading linux mint:
For the p2p network there will be a trust anchor problem. Each node participating can't use public certs tied to DNS, so need a private cert authority or self signed certs. If each node carrying a self signed then trivial to mitm if you operate the network traffic is passing over (bgp vodoo being an option). If private PKI then isp can submit their own csr and be valid on the network... If isp has access to a ca in public PKI well they can Mint any kinda tls cert they like. There are probably convergence/poison attacks as well ie for distributed hash if you own 51% of network (or can modify its traffic) that blocks hash is whatever you say it is
This shit wouldn’t happen if bug bounty programs actually paid researchers instead of just taking their work, making an excuse, and disclosing it to the company as free research. Bug bounty is a fat joke.
Uh oh, if they are crashing from a simple apostrophe I'm willing to bet there are other vulnerabilities. Possibly code injection of some sort?
crashing from a single apostrophe sounds like an overstrict parser in whatever code it's in. /war flashbacks to trying to get something to work in a JSON file
But seriously how did they miss that, there are names with apostrophes in them like O'Briain
Sounds like someone wanted to make a statement. Kraken is certainly not a Saint.
Kitboga has deep ties with them idk
@@Blitzbogen I know, but anyway it's a statement, who also has deep ties. A warning of the type: don't play stupid with us.
OFAC sanctions only affect overseas transactions. That's its jurisdiction.
Tornado Cash does seem like an international... uh... entity, or whatever it is legally.
bro forgot to turn of the viberator 💀
In today's episode:
Company commits MAJOR crimes!
Company almost certainly commits large crimes and engages in terrible business practice!
Company engages in terrible business practice!
hacking someone torrenting is fucking insane
what are your thoughts on the Helsinki market place situation? 🤔
Hi, South Korean person. We're just as angry at what the elite are doing to this country as you. It's extremely hard to change; if it were easy it would have been done already given our work ethic. Please remember there are innocent people who are implicated in every sweeping generalization and insult.
Being angry does not mean shit unless you are going to do anything about it...
Then actually stand up against it...?
I swear, if there is one country in this entire world which the elites can freely do whatever they want- be it the large companies or the government- and still get away with it due to no actual retaliation from the people, it is South Korea.
Sounds much like the North, but the thing that the South counterpart has in common is that the people are simply so, sooooo submissive to tyranny, when in other developed and so-called democratic countries would have had protests all over the place. And the comparison I made just now, if you were to say this as a Korean yourself on the Korean internet sphere, you will be called an extortionist, traitor, 간첩, 조선족 and etc.- just all kinds of name calling without any effort nor intelligence to even see the point. Which just makes things even better as for people being so suitable to be ruled over.
Abuse and torture in military when you have no choice but 98%+ to be consribed just because you are a male, with there being no guaranteed reparations shall you suffer through abuse. One of the least sums of government financial aids given during the COVID pandemic despite the quarantine lasting for the longest in OECD-qualified countries, the ISP literally working as some kind of gangster organization that can do illegal things and scam off the customers while legally being able to sell off your personal data despite actually going through the contract yourself and checking everything. Banning majority of foreign imports you can order as an individual. The list goes on and on...
You should notice the one thing that differs South Koreans from the rest of the world that runs on a template of democracy, is that the core notion that people should rule and participate just seems to be totally annihilated and absent in place of submission and allowance of soft-power and governance tyranny.
So basically the politicians and any people of power can do whatever they want, or whatever they wish, when there is effectively 0 retaliation from the people or just the response coming from the people either being totally wrongly informed and driven anyways.
If you are a citizen of a democratic country that refuses to rule and protest, then expect to be ruled over. Do not complain when the elites rule over you guys furthermore and these just ridiculous new bills and societal phenomenon increases in your country as time goes on.
@@pyrysaarinen4954^
@@pyrysaarinen4954I just said it's easier said than done. What's your idea for solving the issue if it's so clearly doable?
Then actually stand up against it...?
I swear, if there is one country in this entire world which the elites can freely do whatever they want- be it the large companies or the government- and still get away with it due to no actual retaliation from the people, it is South Korea.
Sounds much like the north, but the thing that the South counterpart has in common is that the people are simply so, sooooo submissive to tyranny, when in other developed and so-called democratic countries would have had protests all over the place. And the comparison I made just now, if you were to say this as a Korean yourself on the Korean internet sphere, you will be called an extortionist, traitor, and etc.- just all kinds of name calling without any effort nor intelligence to even see the point. Which just makes things even better as for people being suitable of being ruled over.
Abuse and torture in military when you have no choice but 98%+ to be consribed just because you are a male, with there being no guaranteed reparations shall you suffer through abuse. One of the least sums of government financial aids given during the pandemic despite the social distancing judristrictions lasting for the longest in OECD-qualified countries, the ISP literally working as some kind of gangster organization that can do illegal things and scam off the customers while legally being able to sell off your personal data despite actually going through the contract yourself and checking everything. Banning majority of foreign imports you can order as an individual.
The list goes on and on...
You should notice the one thing that differs South Koreans from the rest of the world that runs on a template of democracy, is that the core notion that people should rule and participate just seems to be totally alienated and absent in place of submission and allowance of soft-power and simple governance tyranny. So basically the politicians and any people of power can do whatever they want, or whatever they wish, when there is effectively 0 retaliation from the people or just the response coming from the people either being totally wrongly informed and driven anyways.
If you are a citizen of a democratic country that refuses to rule and protest, then expect to be ruled over. Do not complain when the elites rule over you guys furthermore as the time goes on.
certic is in the right
5:44 it was 1 hr and 47 minutes not 47 minutes
Can my ISP see that ive been gooning
As someone said on a other video, theres no point in taking 3 mill. You could have just taken a couple hundred.
If you decided to take 3 mill to "really get the point accross" then you should just have taken a ridiculous amount like a couple hundred mills. 3 mill just makes it look like you were half way between trying to be legit and seeing if you could get away with the money.
11:15 Nah. They don't say "thank you" because there is no gratitude. Fixing such issues just costs money, which increases business expenses. Higher mgmt wants none of that. Welcome to metastatic end-stage capitalism.
Correct, this is a disruption of doing regular business as they see it
@@autohmae It's why we need much stricter laws for coorporate accountability IMO.
They pulled a Sony.
torrent? never heard of ‘er
@@C0bblers No, but I'd gladly download one.
10:30 LOL
Korean Isps are wild !
I heard the "is a crypto mixer service that was sanctioned by the US" and had to do a double take... then remembered sanctioned has 2 meaning that are exactly the opposite. English you know, I sanction it.
Just Korea being Korea
I'm Korean, what's meant by this? Does the average Korean who's also angry at the elite really deserve to be lumped in with your insult?
The country is similar to china for tracking and censoring everything@@stereomachine
@@lussor1that's not really the substance of OP's comment, which is more just a negative generalization of an entire country. I'm also angry at the censorship.
same dna
@@sma2981 demonstrating a poor understanding of genetics isn't the burn you think it is
There are too many ads in your videos
About the kraken thing , yeah, its extortion. Please don't do this people, it makes things harder for the rest of us. On the other hand, I do understand where they're coming from, since this bug is worth a hefty price and it's likely judging by krakens accusations that they may try to rip the researcher off. Which is well within their rights, but I won't sit here and pretend that I have no clue why these guys would do such a thing.
they tryed to make it look like it. the thing about cracen is they do refuse to pay for critical and downgraded it to lower priority, So in this case you have to demonstrate it is indeed a critical bug. Problem with critical bugs is not a $ that have to be payeed it is someone has to be fired. They tried to cover it but as it get publicity its been resolved as it supposed to be.
I torrent files from the Internet Archive all the time! This is evil!
Seytonic’s here to show the way,
In hacking realms, where secrets stay.
With tips and tricks, he’ll save your day,
Learn with him, and tech will obey.
Hello world!
you dont understand how things need to be done in business, you cant just ask for money then give it to someone, it has to go thought several people with at lest 3 different higher up signing off on it, or there WHOLE board signing off, and fuck ton of paper work in order for them to keep them self legally safe and everyone covered if something goes wrong.
there not just a ONE person, giving an other person money, no where neer as simple as that, not matter the transaction.
KeePassXC!
Tay is not just "someone" 🤦🏽♂️
The click bait thumbnail is crazy tho
Don't buy mcdonalds. Stand on the humane side
I wish I became a hacker instead of an sde, I could've been rich asf man