My experience with Amazon in the past as anything but a customer of some one off product was a total nightmare. Like Google, you're dealing with a machine that was constructed with the intention of keeping you from ever accessing a human. :(
...and we were promised a leisure life-style..and jet-packs... Turns out that can only happen if ya can afford the phone company and other utility bills! I was once sold a phone from a close relative to me as said relative had up-graded to the newer, shinier model. Fair enough, I thought and transferred the remaining credit on my old phone to this replacement to the 'new' phone and I registered the 'new' phone with my 'new' number as mine.(relative hadn't bothered). Some time later, said relative phoned me late one New Years Night, quite late, needing to know exactly what my balance was. Obviously I did not give that out. Glad I didn't as, when I phoned the phone provider next day, turns out that said relative was trying to hack and empty my account. I'm disabled, y'see, and no effs were given by said very close relative. It's now a pass-worded account, even to speak to said costly machines to access the humans on the other side of the phone company's internal exchange/server now and they ask it again. Sad when ya can't trust a sibling. (Say No to voice-responding wi-fi/LAN connected speakers and think twice about the ISP access, esp. if you use it for work matters!!) Please excuse the overly-long 'tale of near woe' and inter-necine fraud.
+twodimensionsjhr It's the worst customer service I've ever seen. I have to call them each month for them to "fix" again my "broken" internet connection. They just never repair it.
Can we all be honest here for a moment, Linus is one of the very few owners of a business that not only gets on camera all the time, but also gets a video out about issues, where he is the only person talking about said issues. The amount of transparency he has is miles above most of the world.
I do not think so, from vlogs about doing projects to their old location (whole room water cooling), to great vlogs about their current location being built. He shares a good 80% of what goes on, has even done a video where talks about how they make their money. He has been on camera all the time, and frankly the only things he does not share are personal info and things that might open a hole into their security. Sure other youtubers might do stuff like this, but he is running a company with several people and still does this.
It's not that hes the best at it. He definitely is better than most when it comes to not being so vague and sketchy, but he just looks much better because so many people are just shady and crappy *cough* TmarTn *cough*
While he is quite open and transparant, in this vid he basically shuts down any questions about what the actual security issues are, a private email address for your registrar is a bit dumb to do but it's the other stuff that he says he won't talk about... Security through obscurity is no security, hiding your weaknesses works for the majority of people, not for those searching your weaknesses. On the subject, while they're a large commercial company, Cloudflare has released some pretty detailed posts about leaks in their system, in those of connected parties and on attacks on them and their customers, even Defcon talks discussing their approach, internal communication and even their lawyers take on it. LMG definitely is open, but not on the actual info.
There isn't much to say, really: - Never say more than you need to. (why does your twitter account need to know where you live or where you are right now?). I don't even tell most accounts that I'm a man. - use different passwords for different accounts. A trick I use is: my passwords are sentences in a non-english language with the spaces replaced by different signs. These are long and for a computer unbreakable. - don't store your passwords anywhere on any device that can somehow transmit data. Books are best, but if you have many accounts that you often switch passwords with for safety, it can be a hassle. I use a simless smartphone with all signals off. - don't connect your twitter/youtube/google/twitch/paypal account with other accounts, especially if that account contains your address. Any breach in those, is a breach in all. - Don't click suspicious links, they could be IP or password loggers. - ONLY use phone 2 step authentication if it does NOT replace passwords or password recovery. It needs to be an extra layer of defence, not a different route to take. Don't use it on Gmail - Use a different email for very valuable stuff, like paypal - clean cookies and saved forms periodically. - if you expect that anything could be on your computer, immediately run antivirus. - Have a seperate 'spam' email account for account registration. Never make any of them visible. Some are borderline tin foil hats, though. If you lose anything, it can always get recovered. The important thing with a hack is that it stays contained. Easily the most important accounts are payment accounts (paypal and bank) and email. Generally hackers use exploits on sites (or services, like with the identity theft for 2 step authentication) to get data. Make sure that, if they use this, they only can get into one account. This is the only thing you can do since the site's security isn't in your hands.
don`t save your passwords in browsers instead use app that encrypts them don`t use one password for many sites don`t use simple passwords i.e 123, password, birthday, etc try using numbers and letters beware for suspicious sites wanting your personal data for reasons ...
Their first mistake was trying to hack Linus lmao... Didn't even get past the twitter/website. No server data... No youtube channel information... Blocked hard lol, rip the other channels who didn't have the team and knowledge backing them up.
michael pichardo Even though I hate Leafyishere, breaches of privacy are never a good thing. For every bad person who gets hacked for "justice", there are 3 more good people hacked for no reason, most notably Linus, Boogie, and h3h3.
T-mobile updated their SIM card change policy a couple days ago, requiring a one time PIN to verify a change. I'm assuming other providers will follow suit...
Honestly. I feel like Honest Answers are like the Filler Episodes of Naruto, it's just there to fill a quota. Don't get me wrong, I'm eating potato chips watching this in intrigue.
The amount of transparency your guys have been having recently it really nice to see, as well as greatly appreciated. It makes me feel good knowing that I'm not being fed false information or being lied to because of corporate greed. Keep up the great work!
I don't understand - what's going on in Canada/USA that basically every smooth talker can call to your phone company and get replacement SIM in your name?? Here in most of europe you must show up in operator's shop with valid ID in person to even request SIM replacement, let alone get it.
Sell phones in Canada: 99% of the time we need photo ID. Every now and then an idiot salesman really wants the sweet commission and bends the rules. These people should be fired, but are generally actually praised by the higher ups because they're more aggressive at selling.
Imagine your [brother/sister/cousin] goes to your phone company's shop with a fake ID in your name, and a self-printed bill (or "I moved house since I changed address. Here is [a fake bill with] my current address". Does your phone company have an up-to-date picture of you? Do they even have your ID on record? Any argument of "your phone is here on the network. Do you want us to call your phone?" can be countered with "my phone was stolen, please deactivate it".
+Adderkleet here in Dubai (even though nobody likes phone providers) they at least have a copy of the ID in their data bases. You can request one by phone but you need to show up and provide valid identification
Cheap fake ID and boom you're done. It doesn't have to actually match your real ID's picture unless the business has it recorded. This is a flaw everywhere, not just US/Canada.
Remember your security at most places is as good as that minimum-wage temp person working in flyover country, or even better yet somebody at a call-center in India. So when you see somebody working an aisle at a big-box store, or flipping burgers, think of their desk-job equivalent handling all your precious account details.
Recent cell phone system attacks (basically, lack of security in SS7) have proven using phone calls and SMS a poor way to add another authentication factor, but is arguably better than nothing. I would recommend activating RFC 6238 TOTP instead (e.g. Google Authenticator et al) where it is allowed to be used. Then protecting the 2nd factor auth becomes keeping the TOTP seed/initial value/whatever it's called protected/secret. (BTW, Google, might be nice to add a passphrase or PIN to your app so that the items stored in your SQLite DB can't be read meaningfully.)
Encrypting the 2nd factor shouldn't be necessary for security. The password is what you know, the authenticator device is what you have - a secret plus a physical thing. ATM bank cards are the same 2FA setup and you don't need to encrypt your physical bank card for the security model to work.
Next Honest Answers: Why socks and sandals are the optimum footwear. You may think I'm joking but I could literally listen to Linus ramble about anything.
Phone carriers should require government issued photo id and a social security number in order to activate a new sim. They have that information already.
Elliot Gluck how the fuck do they have your fucking social? get Google project fi. maybe you won't be stupid enough to give it to them. government ID sure. social security no. might as well let ANOTHER COMPANY full of people know your shit because if you're and adult god knows every other company has it.
It can still be accessed with the right choice of vernacular. Everyone is vulnerable to a social engineering attack. Its just a matter of "when will you crack".
Well done Linus. The fact that you re coming here and explain in as much technical detail as possible, what has happened with your channel goes to show you re actually dedicated to your subscribers. I hope you get to billion you re out the the few that deserve it!
I'm not positive but given some of the vague context and what I've heard before Amazon gets prickly when you say things like "Use this link to get something from Amazon, we get money from it". Basically, from what I've pieced together in the past, you can use affiliate links and you can say you are an Amazon Affiliate, but you can't say Amazon gives you a slice of the sale and how how big or how much that slice is. My guess is that when they did their vid about how they make money and posted what percentage of their funding is from Amazon Affiliate links someone at Amazon got a bee in their bonnet and nuked them.
Most do from what I can see... I find Amazon's rules to be confusing, intentionally vague, and inconsistently enforced. I'm not saying this is why LTT got nuked, this is just my best guess based on what I've read, seen, and experienced.
That ifixit sponsorship spot was actually big help to me! Just ordered an iPhone 5s battery replacement kit since my the battery in my phone is all swollen. Thank you Linus Tech Tips!
I am glad people like Linus are around. Straight up, no bullshit. You don't need it, but good luck with all your future endeavors Linus. I wish the best for you and your team. With love from Russia.... ok, Oregon.
Sorry to hear that this happened to you. This can happen to anyone, and it's great that you shared it to followers to let them know it can happen to even advanced technicians.
As an employee for Bell it's ridiculously easy to spoof being someone. The process we do to verify people is look at their drivers liscence and look at their name then say "Yepp. You're you.". it's 100% down to the employee. So chances are it could have been an employee for Bell who did this to you and not just some random guy who walked into a bell store and asked for your sim.
Yeah sure... then the sponsored builds doens't need advertisements on it, because it is already a income source from intel or others. Just don't watch them. If you were linus instead of a simple guy watching a video you'll think differently.
As someone who does tech support for a "major tablet manufacturer". I can tell you for a fact that social engineering is a MAJOR issue, but we have that drilled into out head that you give out NO info until an account is verified. It's a shame some companies don't drill this into their employees heads.
h3h3 productions have a great video on this too, thanks for being honest Linus. This is a huge security flaw EDIT - You mentioned it later in the video my bad
I was subscribed to channelsuperfun way before LinusTechTips. I've literally binge watched all the videos and it's so strange to see Nick and Linus serious in these videos.
And what do you consider "hacking"? If anything, this is closer to the traditional forms of hacking. Was phone phreaking really any more impressive than this?
***** Why do hackers /have/ to be nice, good people? Why do they /have/ to be white hat? Your definition of hacking is very different from pretty much anyone else's. They found an exploit in the system, and abused it. Whether or not they made money is irrelevant. I understand when people claim E.g., DDoSers aren't "hackers" (even though some very much are) because that is just simple logic of forcing too much down a small pipe, but again, this is social engineering. It does require effort and it does require finding out how to exploit weak points and where the weak points are.
One thing you can do to prevent these sort of social engineering attacks is to use an multi-factor authenticator app. This still uses your phone but isn't bound to your phone number, meaning they need the physical device and then have to break into it. A phones login might not be the best authentication system(in fact they're pretty bad) it makes targeted attacks a lot harder, as someone who was targeting you specifically would need to steal your phone.
Technophobe, and you're wrong. Complex concepts can always be simplified further. If you think social engineering is something obvious you're bullshitting yourself.
hey linus you can also get an virus injection on ur server that mean that if you get hacked the hacker gets a virus thats makes a virtual server then he thinks he is already in the server bit hes not its like a server in a server but then fake
from what i understand, make a fake virtual server that looks real, the hacker will hack the server assuming its real, and have a virus on the fake server so the hacker himself gets messed up XD
after working at a service department of a large mobile network provider I soon realized these text message security checks are extremely vulnerable. It is incredibility easy to get a working simcard with a persons cellphone number with only basic information on that person, such as can be found on facebook over the phone. Also anyone working at a mobile phone provider having access to the basic service IT systems can link any given number to a blank sim easy and practically untraceable (lots of working accounts floating around that belonged to former employee's that where still working perfectly fine at the place I worked at)
My google account was hacked from uzbekistan. Google warned me in email that ur account was opened from there. I changed my password. Then google gave me a list where I shared my google account with. In that list , there was linustechtips. OMG. I unsubscribed :( Sorry !!
I listen to a weekly tech podcast about linux which faced the same problem you had with amazon. Their conclusion is that relying their business model on a huge company like amazon (or others) is not reliable and they changed how they monetise their content with different sources : patreons, sponsors..etc...
In the old videos they said "use our amazon affiliate link" which is where they should have stopped, but then they continued with "It gives us a small kick back when you buy something" In the email linus shows in this video, it says they aren't supposed to tell you how it works (so that people can't abuse the system)
+1MBStudios "so that people can't abuse the system"?! What, by buying lots of things through Amazon? Isn't that the whole point of that referral link anyway? "so people don't know they get a kickback" ...how the fuck else would a referral system work?! Seems like Amazon let a troll write their rules. And enforce them.
"It helps us make more videos like these" -- which implies that the kickback they receive goes towards making videos. It breaks Amazon's rule of disclosing what Amazon referral funds are used for.
when I was watching this video I remembered the reason why I started watching Linus Tech Tips. Thoughtfulness. I feel that, even though Linus and Luke make a TON of jokes in the videos, Linus Tech Tips is a solid channel, and they know what their doing. I also feel sorry because Linus got hacked, but it is good moment learn and to teach to all the viewers something REALLY important. Good Job! LinusMediaGroup.
" Newegg's customer service has gone to shit That doesn't mean jackshit when you're sponsored by them trying to sell products through them. That literally effects NOBODY except those who have issues with their purchases which in my anecdotal experience has literally been never. It does not effect youtubers like linus, try again. Tigerdirect.. dead... LOL. "( think about it. There' s also a valid reason why Steve, Kyle, Paul and others have left the neweggtv channel and it's gone to shit many months ago)" Hmm, I don't remember talking about the NEWEGG RUclips CHANNEL. I think I remember saying being sponsored by the company. Your lack of comprehension skills is painfully obvious. >Preferring amazon for your component purchases. That's a good one lad, you had me at first.
"TigerDirect is a Miami, Florida-based online retailer dealing in electronics, computers, and computer components that caters to business and corporate customers. Previously owned by Systemax, the brand was known for its acquisitions of the intellectual property of the defunct U.S. retail chains Circuit City and CompUSA, and relaunching them as online retailers. The two brands were subsequently shuttered and consolidated into the TigerDirect site. In 2015, TigerDirect phased out brick-and-mortar retail operations, and PCM Inc. acquired Systemax's online North American retail business." They are still operating. Why don't you fucking spend 2 seconds and Google it.
My experience with Amazon in the past as anything but a customer of some one off product was a total nightmare. Like Google, you're dealing with a machine that was constructed with the intention of keeping you from ever accessing a human. :(
no replies? interesting..
btw i love your shitposts
...and we were promised a leisure life-style..and jet-packs... Turns out that can only happen if ya can afford the phone company and other utility bills!
I was once sold a phone from a close relative to me as said relative had up-graded to the newer, shinier model. Fair enough, I thought and transferred the remaining credit on my old phone to this replacement to the 'new' phone and I registered the 'new' phone with my 'new' number as mine.(relative hadn't bothered). Some time later, said relative phoned me late one New Years Night, quite late, needing to know exactly what my balance was. Obviously I did not give that out. Glad I didn't as, when I phoned the phone provider next day, turns out that said relative was trying to hack and empty my account. I'm disabled, y'see, and no effs were given by said very close relative. It's now a pass-worded account, even to speak to said costly machines to access the humans on the other side of the phone company's internal exchange/server now and they ask it again. Sad when ya can't trust a sibling. (Say No to voice-responding wi-fi/LAN connected speakers and think twice about the ISP access, esp. if you use it for work matters!!)
Please excuse the overly-long 'tale of near woe' and inter-necine fraud.
hey Louis!
Am I the only one that doesn't know wtf this is supposed to say?
Hey Linus, there has to be a better way to move/scroll the teleprompter than making it look like you keep adjusting your nuts.
+v1d300 no prompter. I'm just adjusting my man acorns.
+LinusTechTips two comments?
circumcised? TMI Linus, TMI.
Damn straight.
+LinusTechTips 😂😂😂😂
I would sue the shit out of that cell provider.
Its Bell Canada
That's why Bell is known for their bad customer service!
+twodimensionsjhr It's the worst customer service I've ever seen. I have to call them each month for them to "fix" again my "broken" internet connection. They just never repair it.
yeah how the fuck do you get tricked like that? Doesn't seem possible to me, unless something else happened
Bell Canada is the Equivalent to AT&T. probably wouldn't go too well for them.
Can we all be honest here for a moment, Linus is one of the very few owners of a business that not only gets on camera all the time, but also gets a video out about issues, where he is the only person talking about said issues. The amount of transparency he has is miles above most of the world.
Hahaha linus is ok but I think you are exaggerating a bit too much
I do not think so, from vlogs about doing projects to their old location (whole room water cooling), to great vlogs about their current location being built. He shares a good 80% of what goes on, has even done a video where talks about how they make their money. He has been on camera all the time, and frankly the only things he does not share are personal info and things that might open a hole into their security.
Sure other youtubers might do stuff like this, but he is running a company with several people and still does this.
It's not that hes the best at it. He definitely is better than most when it comes to not being so vague and sketchy, but he just looks much better because so many people are just shady and crappy *cough* TmarTn *cough*
While he is quite open and transparant, in this vid he basically shuts down any questions about what the actual security issues are, a private email address for your registrar is a bit dumb to do but it's the other stuff that he says he won't talk about... Security through obscurity is no security, hiding your weaknesses works for the majority of people, not for those searching your weaknesses.
On the subject, while they're a large commercial company, Cloudflare has released some pretty detailed posts about leaks in their system, in those of connected parties and on attacks on them and their customers, even Defcon talks discussing their approach, internal communication and even their lawyers take on it.
LMG definitely is open, but not on the actual info.
+Some Guy : you're shaming the messenger imo. comparing apples and oranges
Wow this really got a season 2
Thanks for the details.
Probably the most reasonable and logical top comment I have ever seen. That’s how you know 2021 is gonna be messed up
ok
That comment was from 2016 so your comment is invalid lol
Linus is not Linus without the godly Supernova Intro
o shit waddup
Agreed
+Memorin here come dat boi
Nm
potato no
That ain't fair, I also said "Weeb" and you still got all teh liekz (plays sad violin theme)
Hey Linus, can you make a video on how to secure all of our accounts, personal info, and all that jazz. Thx dude
By the way, whoever uploaded this didn't add it to the honest answers playlist. :P
+Eli Hopf it's probably Taran tbh
That could be on techquickie.. I mean - fast as possible: securing accounts..
There isn't much to say, really:
- Never say more than you need to. (why does your twitter account need to know where you live or where you are right now?). I don't even tell most accounts that I'm a man.
- use different passwords for different accounts. A trick I use is: my passwords are sentences in a non-english language with the spaces replaced by different signs. These are long and for a computer unbreakable.
- don't store your passwords anywhere on any device that can somehow transmit data. Books are best, but if you have many accounts that you often switch passwords with for safety, it can be a hassle. I use a simless smartphone with all signals off.
- don't connect your twitter/youtube/google/twitch/paypal account with other accounts, especially if that account contains your address. Any breach in those, is a breach in all.
- Don't click suspicious links, they could be IP or password loggers.
- ONLY use phone 2 step authentication if it does NOT replace passwords or password recovery. It needs to be an extra layer of defence, not a different route to take. Don't use it on Gmail
- Use a different email for very valuable stuff, like paypal
- clean cookies and saved forms periodically.
- if you expect that anything could be on your computer, immediately run antivirus.
- Have a seperate 'spam' email account for account registration. Never make any of them visible.
Some are borderline tin foil hats, though. If you lose anything, it can always get recovered. The important thing with a hack is that it stays contained. Easily the most important accounts are payment accounts (paypal and bank) and email. Generally hackers use exploits on sites (or services, like with the identity theft for 2 step authentication) to get data. Make sure that, if they use this, they only can get into one account. This is the only thing you can do since the site's security isn't in your hands.
don`t save your passwords in browsers instead use app that encrypts them
don`t use one password for many sites
don`t use simple passwords i.e 123, password, birthday, etc
try using numbers and letters
beware for suspicious sites wanting your personal data for reasons ...
really got a part 2, just 6 years later
quick sub to Linus cat tips make them triple gold
They should do more cat vids at ChannelSuperFun. More Rumble action!
that would make em quadruple gold, ltt, lct, csf, and tq
perhaps
I didn't even know that existed.
I have no words...
and here we go again
Awee shiiiii… here we go again
"I don't cover RUclips drama"
*shouts out h3h3 instead of keem*
LMAO, good step Linus
Do u thinl he even watches those videos
+Aaponton he even said himself that he doesnt really watch youtube all that much
Dukez Venom yea
It's funny cause H3h3 and keem both make drama.
Yet H3h3 is tolerable while Keem is pure cancer.
Their first mistake was trying to hack Linus lmao...
Didn't even get past the twitter/website. No server data... No youtube channel information...
Blocked hard lol, rip the other channels who didn't have the team and knowledge backing them up.
@@MickTShaft who tf are you?
boss lmfao
Micheal Reeves would've hacked them back instead and get their phone number and hold them hostage
💀
Remember when Linus showed his last pass on stream?
Ha, yeah, but he fixed that in less than a mInute.
It was also prerecorded since it was a holiday so it was fixed long before even that. Linus admitted such in the chat.
no.
Whoa, how he managed to do that? lol
lol what was it
"Hackers"
Hackers not like in Watch_Dogs but more like losers wrecking havoc in their mom's basement.
The worst thing is his mom doesnt even know
the stupid thing is that they don't even know how to hack
I do believe the term for that is Script Kiddie.
Didn't think it was possible to be worse than watch dogs
they don't use scripts, they social engineer phone companies to get access to their accounts
who would hack Linus? he does nothing but help ppl :( sorry bro
Idiots want their fifteen minutes of fame. Sadly decent people get caught in the crossfire.
+Pointblankmos yea,only person who deserved it was leafy
I'm not sure. Seems to be poodlecorp.
michael pichardo Even though I hate Leafyishere, breaches of privacy are never a good thing. For every bad person who gets hacked for "justice", there are 3 more good people hacked for no reason, most notably Linus, Boogie, and h3h3.
People want to feel like they mean something in the world. Some are far more desperate than others to do so.
7:09, Make "lemons" out of "lemonade" ?
Am I hearing him right or is he some extreme chemist?
most chemical process can be reversed. you could use said lemonade to grow more lemons
its got electrolytes. its what plants crave
lol that’s what happens when you tubers make improv videos
wwdavis8989 I get it
Nope, it was just an example of a hacking method in action
@@TheHomelessLion It's called a joke
T-mobile updated their SIM card change policy a couple days ago, requiring a one time PIN to verify a change. I'm assuming other providers will follow suit...
This really got a part 2 💀
make lemons outa lemonade
Negitive One You dont know who that nobody is
Sugar is bad for you.
Quenton Millstid
Are you talking about the super mario bros 2
TheSuperMarioBros2 I haven't seen the video, but I like that.
Hold on I'll figure it out...
Honestly. I feel like Honest Answers are like the Filler Episodes of Naruto, it's just there to fill a quota. Don't get me wrong, I'm eating potato chips watching this in intrigue.
+Viet Lee honestly we had another video lined up for today and decided this was important. Definitely not filler imo.
REKT
what the, Viet lee is at jknews and then transferred to LinusTechTips? Whoopie
+LinusTechTips this might be really crazy but can you do a video on a desktop case that looks like a car? kind of like the ship case
The amount of transparency your guys have been having recently it really nice to see, as well as greatly appreciated. It makes me feel good knowing that I'm not being fed false information or being lied to because of corporate greed. Keep up the great work!
Linus: actually gets hacked
RUclips: check this out
Actually came to learn more. Linus does not seem like the same human 6 years later. Very different micro-mannerisms
I don't understand - what's going on in Canada/USA that basically every smooth talker can call to your phone company and get replacement SIM in your name?? Here in most of europe you must show up in operator's shop with valid ID in person to even request SIM replacement, let alone get it.
Sell phones in Canada: 99% of the time we need photo ID. Every now and then an idiot salesman really wants the sweet commission and bends the rules. These people should be fired, but are generally actually praised by the higher ups because they're more aggressive at selling.
Imagine your [brother/sister/cousin] goes to your phone company's shop with a fake ID in your name, and a self-printed bill (or "I moved house since I changed address. Here is [a fake bill with] my current address".
Does your phone company have an up-to-date picture of you? Do they even have your ID on record?
Any argument of "your phone is here on the network. Do you want us to call your phone?" can be countered with "my phone was stolen, please deactivate it".
it's much tougher to do all that and will deter most people.
+Adderkleet here in Dubai (even though nobody likes phone providers) they at least have a copy of the ID in their data bases. You can request one by phone but you need to show up and provide valid identification
Cheap fake ID and boom you're done. It doesn't have to actually match your real ID's picture unless the business has it recorded. This is a flaw everywhere, not just US/Canada.
Can't you sue the tel co for having help compromise your account? It's their poor security that did that
Funniest thing is it has nothing to do with security, it's just someone calling them that they work there but need that persons info.
The individual's involved in this are not even in Canada, let alone actually Bell employees... lol
Remember your security at most places is as good as that minimum-wage temp person working in flyover country, or even better yet somebody at a call-center in India.
So when you see somebody working an aisle at a big-box store, or flipping burgers, think of their desk-job equivalent handling all your precious account details.
History repeats itself I guess
why are there 720 dislikes? what is there to honestly dislike?
Double noscope
Probably because it's not about new and shiny tech, people are dumb that way
Because they urinate into their own mouths and hate life
People dislike for the tiniest of reasons.
I guess because of the commentary about h3h3.
Time for the Part 2 video!
Well that aged perfectly
im proud of you linus and crew! handled the situation calmly and orderly without extra hastle and without a big fuss. great job guys!!
I have been waiting for this!
Mayo?
ja
Bad day?
YT drama love
4 years later - ChannelSuperFun still below 1 mil.
This aged well
Who's back after the latest incident? Just watched the update on the March 23 2023 incident
Men, went back because they recommended it in the most recent "we got hacked" video. What a throwback.
This video is ironic now he ACTUALLY just got hacked
4:53 One of the very exact reasons I do NOT have a cell phone number (or any number for that case) as a lost password thing.
And we're back
Recent cell phone system attacks (basically, lack of security in SS7) have proven using phone calls and SMS a poor way to add another authentication factor, but is arguably better than nothing. I would recommend activating RFC 6238 TOTP instead (e.g. Google Authenticator et al) where it is allowed to be used. Then protecting the 2nd factor auth becomes keeping the TOTP seed/initial value/whatever it's called protected/secret. (BTW, Google, might be nice to add a passphrase or PIN to your app so that the items stored in your SQLite DB can't be read meaningfully.)
I don't even understand what I just read
It simply means to use a 'mobile OTP app' for 2FA instead of using SMS since carrier systems suck balls.
Ken Choo Oh ok. Thanks
I agree, Google Authenticator needs some data encryption
Encrypting the 2nd factor shouldn't be necessary for security. The password is what you know, the authenticator device is what you have - a secret plus a physical thing. ATM bank cards are the same 2FA setup and you don't need to encrypt your physical bank card for the security model to work.
Next Honest Answers: Why socks and sandals are the optimum footwear.
You may think I'm joking but I could literally listen to Linus ramble about anything.
Need a 2023 Hackining update.
Phone carriers should require government issued photo id and a social security number in order to activate a new sim. They have that information already.
Elliot Gluck how the fuck do they have your fucking social? get Google project fi. maybe you won't be stupid enough to give it to them. government ID sure. social security no. might as well let ANOTHER COMPANY full of people know your shit because if you're and adult god knows every other company has it.
It can still be accessed with the right choice of vernacular. Everyone is vulnerable to a social engineering attack. Its just a matter of "when will you crack".
Not every phone carrier does. I would assume prepay carriers in the US don't, like prepay carriers here in NZ don't
Horrible idea? What if someone lost their card or something and didn’t get a new one!?
You do need Drivers License or passport in Australia to activate SIM
H3H3 dosen't create drama. Leafy does ;)
no he doesn't drama alert does that
Saber King of Knights pretty much anyone reporting on drama creates drama by blowing it out of proportion >.>
AllDarkness1, Freelancer Assassin i agree
Keemstar. Yes.
Leafy's jokes are shit. Also he's making the same content all over again also using "THE CRINGIEST KID" In like 40 videos...
@4:20 Aw, bless her heart. At least she cares, even if she doesn't understand what exactly it is she should be worried about.
Ah well, it happened again
Here after LTT got hacked and he got it back
Well done Linus. The fact that you re coming here and explain in as much technical detail as possible, what has happened with your channel goes to show you re actually dedicated to your subscribers.
I hope you get to billion you re out the the few that deserve it!
Linus, you did not state specifically what Amazon cited you on. Please tell us so that we don't make the same mistake.
I'm not positive but given some of the vague context and what I've heard before Amazon gets prickly when you say things like "Use this link to get something from Amazon, we get money from it".
Basically, from what I've pieced together in the past, you can use affiliate links and you can say you are an Amazon Affiliate, but you can't say Amazon gives you a slice of the sale and how how big or how much that slice is.
My guess is that when they did their vid about how they make money and posted what percentage of their funding is from Amazon Affiliate links someone at Amazon got a bee in their bonnet and nuked them.
Most do from what I can see... I find Amazon's rules to be confusing, intentionally vague, and inconsistently enforced. I'm not saying this is why LTT got nuked, this is just my best guess based on what I've read, seen, and experienced.
It's against amazon's rules for affiliates to tell their viewers to change their bookmark to one with their link.
He got in trouble for suggesting people use his affiliate url as an Amazon bookmark rather than advertising/linking specific items.
so he was punished for being transparent?
Well it's ironic
At 4:41 this kids is why I have two phones
"Make lemons out of lemonade right?"
Yes, Linus. Precisely.
Go to the beginning, play the video, and spam the left arrow key.
That ifixit sponsorship spot was actually big help to me! Just ordered an iPhone 5s battery replacement kit since my the battery in my phone is all swollen. Thank you Linus Tech Tips!
7:50, Hmmm. I do love Dennis...
7:07 NOOOO!, "Make life take the lemons back! DEMAND to see life's manager!" - Cave Jhonson
Lol
#portal
I am glad people like Linus are around. Straight up, no bullshit. You don't need it, but good luck with all your future endeavors Linus.
I wish the best for you and your team. With love from Russia.... ok, Oregon.
7:08 make lemons out of lemonades wtf?!
no linus, dont make lemonade, make them take the lemons back, get mad, burn their house down
Sorry to hear that this happened to you. This can happen to anyone, and it's great that you shared it to followers to let them know it can happen to even advanced technicians.
wait... there are places on youtube with drama-less honesty? how did i just find this channel 2 weeks ago? D:
Penguinz0 is another
RalphArwen ok, thanks :)
Sir Zoidberg no problem
5:13 Linus called out h3h3 xD
As an employee for Bell it's ridiculously easy to spoof being someone. The process we do to verify people is look at their drivers liscence and look at their name then say "Yepp. You're you.". it's 100% down to the employee. So chances are it could have been an employee for Bell who did this to you and not just some random guy who walked into a bell store and asked for your sim.
we just broke a million subs 7:40 u mean we just broke almost 3 milion subs m8
+MGamingIL our 2ne channel just broke 1M
2nd* :)
+LinusTechTips Is it possible to build a PC then install a PS4 OS on it? If it is, please make a video on it. Thanks! Keep up the good work!
+LinusTechTips good job linus group :)
Holy...20 channels? Ya kidding me?
Link for that twentieth channel pls?
I feel like this video doesn't need advertisements in it. You're a dressing some pretty serious stuff in it.
they need more money
Yeah sure... then the sponsored builds doens't need advertisements on it, because it is already a income source from intel or others. Just don't watch them. If you were linus instead of a simple guy watching a video you'll think differently.
Serious topic? Well then, that means they should take a financial hit for the video!
Ah **** here we go again
Jesus, this video didn't age well.
This is why I love Linus and LTT. Transparency and honesty is the foundation for any trustworthy and reliable company, at least in my opinion.
As someone who does tech support for a "major tablet manufacturer". I can tell you for a fact that social engineering is a MAJOR issue, but we have that drilled into out head that you give out NO info until an account is verified. It's a shame some companies don't drill this into their employees heads.
h3h3 productions have a great video on this too, thanks for being honest Linus. This is a huge security flaw
EDIT - You mentioned it later in the video my bad
Linus is explaining how to hack. Nice.
I appreciate this video. The information was good to hear and the tone was dead-on. Glad to hear you're back on your feet.
Boo-gee? Odd pronunciation.
Haha I thought the same =P
lol my Canadian friend says it the same way. Must be a Canadian thing.
UK English speaker here, sounds natural to me.
+Charlie Bruce
But it doesn't sound the same as how boogie says it. And it's his name =P
Wow 117
HAHA touche =P
8:09 Still waiting Linus ;)
8:14
I was subscribed to channelsuperfun way before LinusTechTips. I've literally binge watched all the videos and it's so strange to see Nick and Linus serious in these videos.
Didn't this happen to h3h3?
yeap
VAPE NAYSH YALL
He managed to stop it right before they got access to his YT tho
And what do you consider "hacking"? If anything, this is closer to the traditional forms of hacking. Was phone phreaking really any more impressive than this?
***** Why do hackers /have/ to be nice, good people? Why do they /have/ to be white hat?
Your definition of hacking is very different from pretty much anyone else's.
They found an exploit in the system, and abused it. Whether or not they made money is irrelevant.
I understand when people claim E.g., DDoSers aren't "hackers" (even though some very much are) because that is just simple logic of forcing too much down a small pipe, but again, this is social engineering. It does require effort and it does require finding out how to exploit weak points and where the weak points are.
5$ is alot, could we get a discount? I feel like 5$ less would be good.
I love all the transparency, you guys are like the overwatch dev team haha. Glad you're safe Linus, keep up the great content as always!
3:32
Lol I knew that post from before ;D
Social engineering at its best
One thing you can do to prevent these sort of social engineering attacks is to use an multi-factor authenticator app. This still uses your phone but isn't bound to your phone number, meaning they need the physical device and then have to break into it. A phones login might not be the best authentication system(in fact they're pretty bad) it makes targeted attacks a lot harder, as someone who was targeting you specifically would need to steal your phone.
you Need to write a book on how to run a successful business
make lemons out of lemonade?
Life never gave me lemons.
Quick update: Life just got back to me. It gave me durian instead.
Zimba's Doom Corner aren’t you supposed to make them out of that yellow powder that comes from a canister??
7:08 "Anyway, make Lemons out of a Lemonade, right?"
No, Linus, Wrong.
can someone explain these hacks in simple terms so everyone can understand?
needanit Linus did, you have to be an utter techno fobe to not understand
Technophobe, and you're wrong. Complex concepts can always be simplified further. If you think social engineering is something obvious you're bullshitting yourself.
hey linus you can also get an virus injection on ur server that mean that if you get hacked the hacker gets a virus thats makes a virtual server then he thinks he is already in the server bit hes not its like a server in a server but then fake
from what i understand, make a fake virtual server that looks real, the hacker will hack the server assuming its real, and have a virus on the fake server so the hacker himself gets messed up XD
Do you English?
that is called honeypot, I guess
after working at a service department of a large mobile network provider I soon realized these text message security checks are extremely vulnerable. It is incredibility easy to get a working simcard with a persons cellphone number with only basic information on that person, such as can be found on facebook over the phone. Also anyone working at a mobile phone provider having access to the basic service IT systems can link any given number to a blank sim easy and practically untraceable (lots of working accounts floating around that belonged to former employee's that where still working perfectly fine at the place I worked at)
My google account was hacked from uzbekistan. Google warned me in email that ur account was opened from there. I changed my password. Then google gave me a list where I shared my google account with. In that list , there was linustechtips. OMG. I unsubscribed :( Sorry !!
Lololol
Hopefully Linus can provide some insight.
Ha I don't have a data plan
I listen to a weekly tech podcast about linux which faced the same problem you had with amazon.
Their conclusion is that relying their business model on a huge company like amazon (or others) is not reliable and they changed how they monetise their content with different sources : patreons, sponsors..etc...
can someone explain the amazon referral link problem? i dont get what the operating agreement rule he broke
In the old videos they said "use our amazon affiliate link" which is where they should have stopped, but then they continued with "It gives us a small kick back when you buy something"
In the email linus shows in this video, it says they aren't supposed to tell you how it works (so that people can't abuse the system)
Test
+Xkuq Gaming it didn't work
+1MBStudios "so that people can't abuse the system"?! What, by buying lots of things through Amazon? Isn't that the whole point of that referral link anyway? "so people don't know they get a kickback" ...how the fuck else would a referral system work?! Seems like Amazon let a troll write their rules. And enforce them.
"It helps us make more videos like these" -- which implies that the kickback they receive goes towards making videos. It breaks Amazon's rule of disclosing what Amazon referral funds are used for.
why is h3h3 in to drama?
isn't canceralert doing that?
when I was watching this video I remembered the reason why I started watching Linus Tech Tips. Thoughtfulness.
I feel that, even though Linus and Luke make a TON of jokes in the videos, Linus Tech Tips is a solid channel, and they know what their doing.
I also feel sorry because Linus got hacked, but it is good moment learn and to teach to all the viewers something REALLY important.
Good Job! LinusMediaGroup.
Where can I get that awesome NES cartridge pillow?
Freezerbomb that thing is so amazing
wait a minute
h3h3 almost got hacked the same way
O_O
im stupids
okz
That's how everybody is getting hacked dude
it's almost like he brought up h3h3 for a reason.
7:09 yes, make lemons out of lemonade
my name linus :d
Who cares, it's fucking amazon. Get sponsored by Newegg or Tigerdirect... or NCIX?!
tpcs Hmm, I've been using all of these for years, NCIX you have point, the other two you're wrong to some extent. No question.
" Newegg's customer service has gone to shit That doesn't mean jackshit when you're sponsored by them trying to sell products through them. That literally effects NOBODY except those who have issues with their purchases which in my anecdotal experience has literally been never. It does not effect youtubers like linus, try again. Tigerdirect.. dead... LOL.
"( think about it. There' s also a valid reason why Steve, Kyle, Paul and others have left the neweggtv channel and it's gone to shit many months ago)"
Hmm, I don't remember talking about the NEWEGG RUclips CHANNEL. I think I remember saying being sponsored by the company. Your lack of comprehension skills is painfully obvious.
>Preferring amazon for your component purchases.
That's a good one lad, you had me at first.
TigerDirect isn't dead, they simply closed down all their physical retail stores to go 100% online marketplace.
+Anthony Flagg (Asami Watanabe) exactly.
>buying computer components from a retail store.
"TigerDirect is a Miami, Florida-based online retailer dealing in electronics, computers, and computer components that caters to business and corporate customers.
Previously owned by Systemax, the brand was known for its acquisitions of the intellectual property of the defunct U.S. retail chains Circuit City and CompUSA, and relaunching them as online retailers. The two brands were subsequently shuttered and consolidated into the TigerDirect site.
In 2015, TigerDirect phased out brick-and-mortar retail operations, and PCM Inc. acquired Systemax's online North American retail business."
They are still operating. Why don't you fucking spend 2 seconds and Google it.
RECOMMENDED GANG
H3h3 is awesome