Exposing The Flaw In Our Phone System

Поделиться
HTML-код
  • Опубликовано: 20 ноя 2024

Комментарии • 13 тыс.

  • @veritasium
    @veritasium  2 месяца назад +2788

    Become a better thinker. Start your free 30-day trial with Brilliant and get 20% off an annual premium subscription brilliant.org/veritasium

    • @a-manthegeneral
      @a-manthegeneral 2 месяца назад +37

      Bro got the comment from the past

    • @BaronyDuvet84
      @BaronyDuvet84 2 месяца назад +12

      Noted.

    • @HFIAPY
      @HFIAPY 2 месяца назад +8

      No 💵

    • @SocialistNerd
      @SocialistNerd 2 месяца назад +5

      wait how did you commentn

    • @capichow
      @capichow 2 месяца назад +1

      @@HFIAPYid call people with my voice when young in the 80s😂😂😂

  • @LinusTechTips
    @LinusTechTips 2 месяца назад +47550

    With friends like this, who needs enemies :D
    Thanks for including us and getting the word out about this threat. Mind-blowing stuff. - LS

    • @treborsenaj9169
      @treborsenaj9169 2 месяца назад +718

      Your wife was cold blooded with the "I'm with Cindy" shutdown

    • @john_michael_white
      @john_michael_white 2 месяца назад +251

      I'm very disappointed in Derek for working with you, I can see I'm not the only one. Shame on you.

    • @ArthurMetalHead
      @ArthurMetalHead 2 месяца назад +80

      Linus tech man

    • @sharp7171
      @sharp7171 2 месяца назад +161

      Luke Sebastian really taking his time to comment on this video warms my heart. ❤

    • @Stavroization
      @Stavroization 2 месяца назад +1146

      ​@@john_michael_white Lol what is this nonsense

  • @hacksmith
    @hacksmith 2 месяца назад +33400

    Definitely the strangest way to end up in a collab! I can't believe this is a thing -- thanks for.... not hacking me instead! 😂

    • @Izukachan
      @Izukachan 2 месяца назад +261

      Awesome cameo!

    • @mcrenn5350
      @mcrenn5350 2 месяца назад +271

      You can just hack em back ;) 🔪

    • @-DeathNinja
      @-DeathNinja 2 месяца назад +143

      Downgrade back to sticks and stones, it's the only way

    • @mango3520
      @mango3520 2 месяца назад +113

      How could they hack the literal smith of hacking?

    • @paddington1670
      @paddington1670 2 месяца назад +18

      oh dang you guys still make videos?

  • @yasahiroitou1307
    @yasahiroitou1307 2 месяца назад +14683

    Veritasium : Hey Linus, wanna collab?
    Linus : NO
    Veritasium : We'll see about that

  • @vishuuukharde1586
    @vishuuukharde1586 8 дней назад +261

    I was going to college for network security when the Dale valskov happened. I'm glad people like this are still around and stick to their morals and ethics of it. 🤝 So much respect for this man. I'll definitely check out the full episode.

  • @poomplanichaya
    @poomplanichaya 2 месяца назад +18659

    I wish this video was uploaded on Linus’s channel with title “I upload this video without Linus permission”

    • @plutotheplanet5341
      @plutotheplanet5341 2 месяца назад +967

      I think that might have actually been illegal. Maybe just upload it and attach a recording at the end where Linus says he approves it and is held at gunpo... never mind

    • @MohakSumaria
      @MohakSumaria 2 месяца назад +557

      And give away all the ad revenue?

    • @Daft_Ideas
      @Daft_Ideas 2 месяца назад +179

      Pretty sure spoofing an IMSI is illegal anyway. But most courts would factor in "intent".

    • @MaxiMonkU2B
      @MaxiMonkU2B 2 месяца назад +8

      You'd have to be truly dumb to do that. You'd be messing seriously with the platform that pays you....

    • @John-lw7bz
      @John-lw7bz 2 месяца назад +35

      someone get this guy a youtube channel manager position

  • @jack.smith2958
    @jack.smith2958 2 месяца назад +36749

    "Nothing to hide, nothing to fear" is one of the worst arguments for mass surveillance. I absolutely hate it.

    • @karatekid7640
      @karatekid7640 2 месяца назад +1321

      I do remember this quote, wasn't it Google founder Larry Page who said this while question were being raised on Google mass public data collection?

    • @Hakushakuke
      @Hakushakuke 2 месяца назад

      Having your thoughts continuously being observed is equivalent to being raped.

    • @ralfbaechle
      @ralfbaechle 2 месяца назад +1394

      This argument is so simple that many people have independently discovered it by themselves. It's also as flawed as simple.

    • @GeorgeWashingtonLaserMusket
      @GeorgeWashingtonLaserMusket 2 месяца назад +915

      I've got a lot to hide, my lawful activity is 99.95 percent the other 0.05% is a rounding error.

    • @KaiK-s9j
      @KaiK-s9j 2 месяца назад +503

      Fr, I bet the people who say it have the most to hide

  • @Sangrammulik-eb7lw
    @Sangrammulik-eb7lw 8 дней назад +275

    Bravo, Dale valskov -I'm so glad you're out there fighting these scumbags. We must do everything in our power to protect the elderly and the general public from these despicable scammers. You're a true hero, my brother

  • @NeerajNation
    @NeerajNation 8 дней назад +290

    Awesome work, Dale valsko ! It's so satisfying to see you putting in the effort to stop those shady characters. Protecting the public, especially the elderly, from those despicable con artists is crucial. You truly deserve recognition and appreciation for keeping us secure. I'm thrilled for you because you're my sibling. Your accomplishments definitely make you a strong contender for the Nobel Peace Prize. Keep up the outstanding performance!!!!!

  • @sparrowcide
    @sparrowcide Месяц назад +759

    I always thought SMS two factor was safe and wondered why people called it unsafe. This video really opened my eyes.

    • @alexus267
      @alexus267 Месяц назад +48

      There's always an option to bribe a network employee to reissue one's sim card, too.

    • @James_Knott
      @James_Knott Месяц назад

      SMS is not safe, so neither is anything carried over it. Cell phone companies have been warning to stop using SMS.

    • @EarlCo
      @EarlCo Месяц назад +15

      JPMorgan Chase 👀

    • @thetdy1
      @thetdy1 Месяц назад +3

      @@EarlCo for real i might send them this video lol

    • @monkeydog8681
      @monkeydog8681 Месяц назад

      I finally found out why my premium windows account was changed from two-factor verification to a secured app verification.

  • @mhales73
    @mhales73 2 месяца назад +1782

    As a manager in telecom.... this is outstanding stuff. As in a perfect primer for anyone working in the cell industry.

    • @SToXC_.
      @SToXC_. 2 месяца назад +2

      telekom? tim?

    • @Ryanthusar
      @Ryanthusar 2 месяца назад

      @@SToXC_. - Telecom doesnt necessary mean a company, telecom is also short for telecommunications, just as telco is.

    • @TheNameIsFreddy
      @TheNameIsFreddy 2 месяца назад +24

      You don't need to be a fkn manager to find it amazing

    • @Nekudza
      @Nekudza 2 месяца назад +5

      Guys from POST are actually selling really cool soystem that helps to monitor and block most of the SS7 attacks

    • @chrisross1703
      @chrisross1703 2 месяца назад +8

      A few years ago in a meeting with telcos I heard that they want to remove SS7, but they also have a problem with many engineers to understand SS7 retiring.

  • @minhhoang6438
    @minhhoang6438 2 месяца назад +5924

    Veritasium: Shown a big fat security concern
    Me: So what can I do?
    Veritasium: There's not much you can do.
    💀

    • @seekyunbounded9273
      @seekyunbounded9273 2 месяца назад +223

      faraday cage baby, only pull phone out when you rly need to call, or take the sim card out instead if its easy to access. You can also try to change your number often, whoever could track you would have to find what your new numbers is every time.
      Thats at least my understanding, i am just a dog on a internet.

    • @marenjones6665
      @marenjones6665 2 месяца назад +18

      Yeah, it sucks.

    • @sksg4
      @sksg4 2 месяца назад +90

      they just need your number to forward sms auth to their. then can access your bank app. disconect your phone would not do much

    • @FarooqAhmad-ss3vn
      @FarooqAhmad-ss3vn 2 месяца назад +214

      Get two numbers. Use one for authentication other for regular calls. Don't ever tell anyone you have 2nd number or use it for anything else other than auth.

    • @DJ_kefo
      @DJ_kefo 2 месяца назад

      ​@@FarooqAhmad-ss3vnThat is just as horrible as using oAuth with google on everything else you have

  • @RajBahadur-wb1gr
    @RajBahadur-wb1gr 8 дней назад +246

    While the video's demonstration is eye-catching, the ease with which the system is exploited suggests manipulation or pre-prompting of the Dale valskov . Techniques like custom instructions, hardcoded responses, limited scope, and clever editing could create an illusion of vulnerability, but may not reflect real-world LLM security. It's crucial to approach such claims critically and consider the broader context before drawing any conclusions.

  • @MattyClivingthedream
    @MattyClivingthedream Месяц назад +862

    Australia has shut down the 2G network and is about to close the 3G network. One of the reasons given was to do with security, and it was never fully explained what the security issues were.
    This video has helped a lot and makes me more supportive of the change.

    • @BillAnt
      @BillAnt Месяц назад +32

      No wonder, Australia is like a Nazi state, no drugs, no guns, no SS7. lol

    • @germanguy1219
      @germanguy1219 Месяц назад

      @@BillAntyou dont know what a nazi is

    • @ruealexandriasullivan3084
      @ruealexandriasullivan3084 Месяц назад +111

      ​@@BillAntmate, someone doesn't live in Aussie 🤣

    • @olgalisinska4837
      @olgalisinska4837 Месяц назад +86

      @@BillAntno drugs? HA HA HA HA HA.

    • @BurnerAccount777
      @BurnerAccount777 Месяц назад +52

      @@BillAnt no drugs is absolutely criminal, pretty sure aussies are in the running for biggest noses and strongest lungs

  • @woomba7
    @woomba7 2 месяца назад +3567

    As someone in cybersecurity, just one more thing I get to reference to get people to stop using SMS and phone as their 2nd factor in authentication. Sim swapping is one thing. This is another level

    • @owenwesterhout
      @owenwesterhout 2 месяца назад +154

      What would you suggest?

    • @__Hanasei__Levinus__
      @__Hanasei__Levinus__ 2 месяца назад +18

      Commenting for potential outtakes later, ty op

    • @astacc
      @astacc 2 месяца назад

      @@owenwesterhout pretty much anything else like mentioned in the video.. good authenticator app with TOTP, hardware token with FIDO2

    • @woomba7
      @woomba7 2 месяца назад

      @@owenwesterhout Exactly what V suggested at the end. Hardware tokens (FIDO2) or one time passcodes via an authentication app like Microsoft Authenticator or Google Authenticator. Unfortunately, many banks don't give anything but SMS as an option

    • @FuturisticFolk306
      @FuturisticFolk306 2 месяца назад +461

      The only problem is most financial institutions only support SMS for authentication.

  • @immortal5383
    @immortal5383 2 месяца назад +8767

    "Nothing to hide, nothing to fear" Assumes that the intruders are always on your side, when the intruder could be an evil organization or a government with opposite views.

    • @debrascott8775
      @debrascott8775 2 месяца назад +323

      Or just someone who wants to sell you something...this is the world we live in.

    • @datboib3432
      @datboib3432 2 месяца назад

      @@debrascott8775I’d rather take the person trying to sell me something over an evil organization or government

    • @5Andysalive
      @5Andysalive 2 месяца назад +234

      the big problem that what to hide and to fear depends on the local rules and laws. The judgement of what to hide or fear can just change! Someone can retroactively CHANGE the rules and suddenly something legal you did in the past that is on record, gets you into trouble.
      . A new political side taking over, or something like the McCarthy era in the US.... suddenly having talked to the wrong people in the past (legally) can END your career.

    • @Neptas
      @Neptas 2 месяца назад +124

      Even if the observer is a good friend or family member, or a 100% true neutral party, you still shouldn't accept that. Private life exists for a reason.

    • @zaxtonhong3958
      @zaxtonhong3958 2 месяца назад +39

      Not really. It assumes that breaching your privacy is not useful to the intruder.
      If you live under a government that punishes you for having opposing views, then you have something to hide.

  • @alll-vm5hv
    @alll-vm5hv 8 дней назад +356

    Their move from the Dale valskov to the clear web was a bold step that reflects their commitment to transparency and integrity. Perry Moskva continues to lead the industry with their ethical practices.

  • @mtvkriar91
    @mtvkriar91 Месяц назад +391

    We need more eye-opener videos like this one. Hacking vulnerabilities are all around us, right in front of us. Thanks Veritasium.

    • @0xphk
      @0xphk Месяц назад +5

      There are already loads of it available, either on other YT channels, or directly at the CCC media archive as almost every talk was recorded and shared over the last 10-15years. Lots of content if one is interested in some deep rabbit holes. For big tech channels, it's rather uncommon to address things like this.

  • @starstreakalex7372
    @starstreakalex7372 8 дней назад +254

    This explains perfectly how government security departments (like FBI or MI5 or whatever) can triangulate the location of "suspicious individuals" thorugh phone networks. I never understood how that worked before this video, but now I even know how to do it myself 😂

  • @FidelisG
    @FidelisG Месяц назад +58

    4:52 mind blown, TIL that that was the reason behind the specific dial tones for each number. Amazing.

  • @ArtiDevi-wv1xk
    @ArtiDevi-wv1xk 8 дней назад +345

    Thank you, Dale valskov for consistently being so approachable and open-minded. Your friendly demeanor and willingness to listen and understand serve as a constant source of motivation. Your support and guidance have been especially meaningful to me during the recent account issue I encountered. Your willingness to assist and offer valuable advice speaks volumes about your character and the supportive environment you cultivate. I’m incredibly grateful to have someone like you. Your assistance played a crucial role in resolving the issue and getting my account back.

  • @classicalmechanic8914
    @classicalmechanic8914 2 месяца назад +4327

    Pope:"Hello? Who's calling?"
    Steve Jobs: "It's Henry Kissinger. I want to confess war crimes."

    • @ninadgadre3934
      @ninadgadre3934 2 месяца назад +425

      Pope: “I’m sorry i don’t have 584 hours to listen to you right now.”

    • @davideverling753
      @davideverling753 2 месяца назад +164

      Pope: “Eh no worries I was a Hitlerjugend, say 3 hail Marys”

    • @shazzadhasan4885
      @shazzadhasan4885 2 месяца назад +14

      🤣🤣🤣🤣

    • @UziMusic
      @UziMusic 2 месяца назад

      @@davideverling753 HAHA surprised this hasn't been auto deleted..

    • @zweispurmopped
      @zweispurmopped 2 месяца назад +58

      "His eminence currently isn't available on the phone. He is taking a walk with his dogma."

  • @LoveinDC
    @LoveinDC Месяц назад +1123

    “It’s not that I have something to hide. I have nothing I want you to see.” - Anon (2018)

    • @SaintSaint
      @SaintSaint Месяц назад +20

      Wow. I need to use that quote. It's better that it's just attributed to an Anon in 2018. We have search and seizure laws(4th amendment) for a reason.

    • @sofia.eris.bauhaus
      @sofia.eris.bauhaus Месяц назад +73

      i like the Snowden quote: "saying 'i don't care about privacy because i have nothing to hide' is like saying 'i don't care about free speech because i have nothing to say'" (paraphrased)

    • @flowerofash4439
      @flowerofash4439 Месяц назад +9

      i have nothing to hide from a trustworthy people, however the gov is kinda... a little bit... sus

    • @AkimFur
      @AkimFur Месяц назад +10

      @@SaintSaint it's not from anon, it's from the movie Anon, from 2018 lol

    • @katlis
      @katlis Месяц назад +2

      @@flowerofash4439 Saying "the gov" being sus is quite broad. Which country? The US? If so, which political party? Do both parties finally agree on something (covert mass surveillance of citizens)?

  • @pranjalik4145
    @pranjalik4145 8 дней назад +309

    Thanks to Dale valskov . You're indeed a blessing!.. I live in the west coast and lost my account because of I didn’t have more details on what to do in situation like that. Thank you for your skill, dedication, and the time you invested in resolving this issue. This has me chapped! Thanks once again CW

  • @matt-tq2dp
    @matt-tq2dp 2 месяца назад +10574

    *tech enthusiasts:* "my whole house is smart"
    *tech workers:* "the only technology I have is a printer and I keep a gun next to it so that I can shoot it if it makes a noise I don't recognize"

    • @Jarb2104
      @Jarb2104 2 месяца назад +659

      Or the famous, "tap wire please give me a recipe for chocolate cookies".

    • @mixswist
      @mixswist 2 месяца назад +888

      I wouldn't left a gun next to it, what if it decided to pickup a gun before you do?

    • @butwhytho6522
      @butwhytho6522 2 месяца назад +349

      Jokes on you, printers never do anything

    • @Supremax67
      @Supremax67 2 месяца назад +198

      None of the above. Printer is actually from Skynet and you just gave it a gun.

    • @P-39_Airacobra
      @P-39_Airacobra 2 месяца назад +26

      true, but also reposted many times

  • @HauntSlider
    @HauntSlider Месяц назад +505

    Having been one of those "people" back in the early 80's and taking advantage of loopholes in the system (got out before SS7).
    Still have my original blue box, my red box, my black box and an original Captain Crunch whistle somewhere in my attic.
    Awesome video. So glad that LTT participated in this. Subscribing to you now.

    • @AwesomeBlackDude
      @AwesomeBlackDude Месяц назад

      Do you still know the names of the most popular modem apps that was used for logging in bulletin board services?

    • @AwesomeBlackDude
      @AwesomeBlackDude Месяц назад

      Not AOL, CompuServe, and Prodigy, but 56k modem softwares for BBS, like Exepc.

    • @douglasgoodall3612
      @douglasgoodall3612 Месяц назад +1

      @@AwesomeBlackDude xmodem, move-it

    • @StingrayOfficial
      @StingrayOfficial Месяц назад +7

      Phreak!

    • @stevesteve8098
      @stevesteve8098 Месяц назад

      I was unfortunate enough to work in education back in the 90's we taught electronics to retards & ex cons
      We had a contract with Plessy, evey month the reps of our company used to bring shedloadds of "trash" and internal datasheets for plessy chips...
      for the retards to desolder to practice the soldering skills..
      We then supplied their work force with said excons.
      at that time plessy made all the signalling equipment for British telicom, and that scrap was the inertial routing tone control boards for the systems.
      After the US phreaking fiasco.. they split they trunk signalling & public signalling into two separate chipsets..
      our training company decided the unused tubes of chips & datasheets were not really useful & binned tehm .. into the back of my car.

  • @panther105
    @panther105 Месяц назад +123

    Back in the two tin cans on a string days (1970s - 80s), you could dial up a number with a recorded message, start the message and hang up, then call back and get a busy signal as the recording tape was still playing. If someone else called the number and got the same busy signal, you could cross talk to each other over the busy signal. You could talk as long as you liked. The more people, up to 9, I think, the quieter the busy signal became. We later found out that our local phone company used any number ending in 99 as technician's test number which generated the same busy signal. The beauty of this game was you could call from any location in the world and because it was a busy signal you wouldn't get charged for the call. It was also possible to listen in and hear feint voices trying to connect but you were on a different 99 number. If you were on XXX-1299 but someone else was on XXX-1599, you could talk loud enough to tell them which exact number you were on and they could redial and connect to you "directly" Fun times....

    • @UserName_no1
      @UserName_no1 Месяц назад +8

      Seventies technology did have some rather peculiar quirk's. One night I snuck into the family car, the kind with the ignition in the steering wheel column with a lock and found that I could press in the emergency flasher button while stepping on the brake and turn the ignition and unlock it and put it in the on position and turn on the radio. Turn the flashers off, let my foot off the brake (thus turning off the tail lights) and run pop's battery down. All without the key. Go figure. Mind you I discovered this convoluted process while my "states" were altered.

    • @DusanPavlicek78
      @DusanPavlicek78 Месяц назад +1

      That's quite fascinating. Thanks for sharing 😊

    • @Google_Does_Evil_Now
      @Google_Does_Evil_Now Месяц назад

      ​@@UserName_no1how did you turn the ignition barrel without a key?

    • @UserName_no1
      @UserName_no1 Месяц назад

      @@Google_Does_Evil_Now You mean the cylinder? I may have simultaneously giggled the steering wheel itself, I don't recall. I just remember being able to engage the radio without having the key, because in those days there was no key faub or push button ignition. If I remember correctly it was a 70s model Mercury Monterey, but I could be wrong. 😏

    • @doggSMK
      @doggSMK 22 дня назад +4

      Dude, this happened to me when I was a kid. I was on the phone with a friend, idk what happened, but two grannies joined the call. We trash talked and hung up, and when we picked up the phones again we could still hear the grannies 😂

  • @chandragiriganesh7821
    @chandragiriganesh7821 8 дней назад +294

    Big thanks Dale valskov for helping me out. God bless you brotha… I’ve tried following these steps from the device and location where the account was always logged into and I got a page that says we don't recognize your device. The tutorial video was very helpful tho but Big Ups

  • @JonValtandtheEvilRobots
    @JonValtandtheEvilRobots Месяц назад +189

    As a cybersecurity dude who originally got started through “phreaking,” I really appreciate the way you’re giving all the background on blue boxes, etc. 🥰🥰🥰

    • @Techguyericd
      @Techguyericd Месяц назад +5

      I was born in 1980 and didn't really get into computers until 1990 (but I did take apart my NES at 5 cause i was curious what was inside), I'm a little sad I was too young for phreaking. I wish I could have been part of the Home Brew Computer Club scene that would have been just an amazing experience being in the primordial ooze of the computer revolution

    • @philotomybaar
      @philotomybaar Месяц назад +1

      I was hoping he’d also cover the chinger. Fun times!😂

    • @Salah.Ad-Din
      @Salah.Ad-Din Месяц назад +2

      𝓹𝓱𝓻𝓮𝓪𝓴𝔂

    • @legendofman12
      @legendofman12 Месяц назад

      U aint sh

    • @Dwigt_Rortugal
      @Dwigt_Rortugal Месяц назад

      I'm glad they implicitly mentioned John Draper (Cap'n Crunch)

  • @RobertKirkpatrick84
    @RobertKirkpatrick84 Месяц назад +305

    When I was a kid, I had a really old radio that belong to my grandparents. It let you switch between am, fm, UHF, etc. if I turned the switch between two types of radio and then fiddled with the dial I started hearing people cell phone calls. A mechanical man's voice would read out a number then I would hear the ringing and then the phone conversation. It was seriously weird. I was 8 years old and figured out how to listen to people's cell phone calls. I'm sure there were people all over listening to them and recording them all the time.

    • @dan_in_sd
      @dan_in_sd Месяц назад +46

      I had a VCR that did this. If you went to channel 83 and 84, and fiddle with fine tuning you could hear all kinds of AMPS Cellular calls in the neighborhood. (AMPS= 1st gen cellular systems)

    • @Basedgwad
      @Basedgwad Месяц назад +5

      menace

    • @Techguyericd
      @Techguyericd Месяц назад +20

      the good ol' days of unencrypted analog communication. I am 44 and remember hearing stories about Party Lines that the telco's used to provide, it was just an open circuit going to multiple houses, and if someone picked up the phone they could hear your conversation and only 1 call could be made at a time. It was ridiculously cheap compared to a private connection to the switch board.

    • @ericwhittaker3570
      @ericwhittaker3570 Месяц назад +2

      Same. Mine was with a Ham radio. I could pick up wireless home phones too. Sort of voyeuristic for a 14 year old, looking back now... ha ha!

    • @GodOfDoubt
      @GodOfDoubt Месяц назад

      Similar , one of our random tv channel vs our neighbor's Atari and vcd player. I had free xxx channel for years 😅

  • @GUNOOGAMER
    @GUNOOGAMER 8 дней назад +236

    Hey ppl, I'm a retired computer/IT person, Yet I still find Dale valskov so informative and straight forward. Thanks for your advise and helping the people...........Great work and love watching.

  • @Aarav.999-x1v
    @Aarav.999-x1v 8 дней назад +199

    There is no doubt that you will rise fast at the apex of your career Perry Moskva . Because you are a very intelligent, smart, hard worker and your work ethic par excellence. Keep going People like you take the IM out of Impossible by becoming PRO at tackling Problems. You Rock!

  • @GrebnevNikita
    @GrebnevNikita 2 месяца назад +4094

    Veritasium uses your phone to find you and then sends Vsauce the location.
    "Hey Vsauce, Michael here, your home security is pretty good. Or is it?"
    Lockpicking Lawyer walks into the frame. "Click on one, nothing on two...".
    After a few seconds, the door opens. "Now... How many holes do you have?"

    • @lck0ut348
      @lck0ut348 2 месяца назад +405

      "Three is binding, four is loose, nice click out of five ... let me do it again to prove it's not a fluke ..."

    • @jnzooger
      @jnzooger 2 месяца назад +485

      And then electroBOOM comes in and checks your gfci.

    • @nanya6148
      @nanya6148 2 месяца назад +181

      *lockpicking lawyer's hands walk into frame

    • @skuzzyj
      @skuzzyj 2 месяца назад +134

      The next morning you review your surveillance archive and see the shadowy outline of a McNally decapitating a mannequin with a t-square in the basement

    • @rehenaziasmen4603
      @rehenaziasmen4603 2 месяца назад +118

      This thread is terrifying

  • @hwertz10
    @hwertz10 Месяц назад +63

    As an FYI, since it's not mentioned by name in the video, the replacement for SS7 (and "voice circuits" for voice) is Diameter for the authentication and IMS (IP Multimedia System) for call setup.
    Diameter is a play on words, RADIUS was developed in the early 1990s for authentication and Diameter is an updated and modernized version of RADIUS. IMS does the actual call setup and carrying the calls. (SIP -- Session Initiation Protocol -- is often used by VOIP type services and IP-PBXes etc., and is used in IMS as well.) Some hoohah at the 4G and 5G MAC layer gives the IMS traffic priority to make sure voice calls don't get all choppy even if the site's congested enough for data speeds to totally tank.
    If anything spicy is found in these specs it'll probably be in IMS. But as opposed to SS7 (which was designed by Bell etc. for use among chums) Diameter and IMS were designed with security in mind.

    • @jorgealbertogarridogallard3622
      @jorgealbertogarridogallard3622 Месяц назад +9

      Also, the replacement depends a lot on national interconnection rules. My country has just approved SIP as a signaling method between network operators. They can still use SS7 and, for international signaling with 'less developed' countries, older systems.
      Now, IMS is still blocked for some cellphones in some networks, for some reasons that I haven't find yet.
      Anyways, we'll still have SS7 for a while.
      And for privacy, use other authentication method than SMS.

    • @MindfulRise6IX
      @MindfulRise6IX Месяц назад

      Also Samsung uses their own IMS implementation for 4G Volte which is a pain in the ass for modders to develop custom roms for Samsung devices with native 4G Volte support

    • @jorgealbertogarridogallard3622
      @jorgealbertogarridogallard3622 Месяц назад +2

      @@MindfulRise6IX that's nothing compared to being blocked in the network by the MNO, by IMEI. You really can't bypass that without committing and actual prison time deserving crime

    • @Freyja-f7m
      @Freyja-f7m 23 дня назад

      ​@@jorgealbertogarridogallard3622 True, but hackers don't care if they are stalking you it's already a prison time crime.

  • @gbraadnl
    @gbraadnl 2 месяца назад +135

    Karsten Nohl is the real hero in this story. have been following him and his work for years. glad to see this gets attention.

    • @Hukkinen
      @Hukkinen Месяц назад +1

      Yeah, I'm big fan of CCC and their annual conference. I watched their 2014 presentation and it was awesome.

    • @eey8909
      @eey8909 Месяц назад

      He looks like Mr.Robot But older 😅

  • @Whiskey_Wisdom
    @Whiskey_Wisdom Месяц назад +1132

    "Nothing to hide, nothing to fear" insinuates that only criminals desire privacy.

    • @Yj-Fj
      @Yj-Fj Месяц назад +25

      ding 🛎️! Ding 🛎️!! DING 🛎️!!!

    • @lachlanchester8142
      @lachlanchester8142 Месяц назад

      Well what other data do you need to hide? Sounds like you’re hiding something sus

    • @user-nj1qc7uc9c
      @user-nj1qc7uc9c Месяц назад

      @@lachlanchester8142 oh you have nothing to hide?
      you don't want to hide your your passwords, banking information, where you live, etc?
      everyone has things to hide, criminals just have additional things to hide

    • @yourlocalit1701
      @yourlocalit1701 Месяц назад

      ​@@lachlanchester8142sounds like a dumb idiot, it just helps criminals get access to your stuff

    • @lilwyvern4
      @lilwyvern4 Месяц назад +47

      Everyone has something to hide. No matter how pure you think you are, everyone has a shadow, something they think, like, or do that would utterly ruin them if it became public knowledge. I frankly wouldn't believe you if you told me otherwise.

  • @KenSilverman1
    @KenSilverman1 Месяц назад +182

    Finally Veritasium did a nice video about this. I hope they interview me. I corresponded with Steve Wozniak via Tap underground magazine and created the first digital Red box similar to a blue box except it makes free phone calls from payphones at the time using 2,200 Hertz and 1700 Hertz time together over short pulses 5 pulses emulating that of the quarter going into the phone for long-distance phone calls. These frequencies were made public in the June 1963 Bell technical journal. I used the university EE laboratory to program ROM chips with the two frequencies using the fast Fourier transform to create the waveform. Steve Wozniak built an analog version that wasn't stable and would often signal the FBI to get on the line immediately. Mine did not do that. So I actually built the very first digital one back in 1986. I did receive a visit from the FBI that year but on a totally different matter lol. Now the way the blue box works is first you have to have a disconnect tone of 2600 hz popularized in Pink Floyd The Wall "Mr Floyd calling Mrs Floyd, are we reaching". And the phone on the other end has to be in the mechanical switching system which pretty much doesn't exist today.

    • @bonobo3748
      @bonobo3748 Месяц назад +8

      So you can help cut back on my phone bill?

    • @guestguest9603
      @guestguest9603 Месяц назад

      ​@@bonobo3748 😂😂😂

    • @Deneteus
      @Deneteus Месяц назад +1

      In the old days certain people had the FBI on speed dial.

    • @DKSprocket
      @DKSprocket 5 дней назад

      So much fun history referenced in this video. I remember going to Chaos Computer Club at Christmas in 1989 and running into Cap'n'Crunch there and met some of the other crazy characters.
      We didn't believe blue boxing was still possible in Europe around that time, but a few years later it became all the rage in the Danish computer underground when people found out that toll-free numbers connecting to Japan were still using in-band signaling. That fun ended some months later when the Danish telephone network disabled all calls in and out of the country for an entire Sunday afternoon for 'hardware upgrades'.

  • @d7mtg
    @d7mtg Месяц назад +339

    I like how he’s holding an SD card at 12:27 instead of a SIM card

    • @skaramicke
      @skaramicke Месяц назад +30

      I came here to write this.

    • @ThomasBethellB
      @ThomasBethellB Месяц назад +19

      @@skaramicke i came here to look for someone who had 😅

    • @trif55
      @trif55 Месяц назад +3

      also me

    • @anthonyhoffmann
      @anthonyhoffmann Месяц назад +6

      @@ThomasBethellB I waited 10 hours to look for someone who looked for someone who had 😁

    • @stever7596
      @stever7596 Месяц назад +7

      I can't believe you don't understand the concept of a prop. If this is your takeaway, you're missing the bigger picture.

  • @99fulgur
    @99fulgur 2 месяца назад +1755

    This crossover is crazy

    • @JScott-lg4jb
      @JScott-lg4jb 2 месяца назад +41

      It’s like one of those things that makes sense but you’d never ever think it would happen.

    • @bedro_0
      @bedro_0 2 месяца назад +4

      THAT IS WHAT I SAID

    • @Tryh4rd3rr
      @Tryh4rd3rr 2 месяца назад +5

      I would’ve never expected this.

    • @ssserotonin1373
      @ssserotonin1373 2 месяца назад +7

      RUclips used to glitch and show the wrong channel for the video lmao I thought it was happening again

    • @Lunatic5306
      @Lunatic5306 2 месяца назад +9

      IM 12 aNd eVerYtHinG is cRaZy aNd wiLD aNd hAvE nO oTHeR oPinION 🤡

  • @devnol
    @devnol 2 месяца назад +465

    Derek: does a high production value, animated, musiced and scripted documentary on the phone system
    Also Derek: (12:32) You need a sim card _shows microSD_

    • @SDRIFTERAbdlmounaim
      @SDRIFTERAbdlmounaim 2 месяца назад +9

      nobody's buying anymore of those anymore sadly, it comes inside many phones in the usa.

    • @devnol
      @devnol 2 месяца назад

      @@SDRIFTERAbdlmounaim Oh right lmao everyone uses esim there. (Wait isn't veritasium australian?) Regardless I have a literal handful of old sims around the house I actually find it funny how they couldn't find one in time for the shoot.

    • @LuxFerre4242
      @LuxFerre4242 2 месяца назад +76

      ​@@SDRIFTERAbdlmounaimThat's a very USA centric issue. SIM cards are still standard everywhere else.

    • @vinstonsalim9025
      @vinstonsalim9025 2 месяца назад +8

      AHAHAHA the most underrated comment

    • @andrewlalis
      @andrewlalis 2 месяца назад

      ​@@LuxFerre4242 in the EU they use eSIM now too for new phones

  • @All_Attitude_video_
    @All_Attitude_video_ 8 дней назад +260

    Having someone like you who’s not only a great innovator but also pulls his best to get the work done so beautifully needs nothing but appreciation. Dale valskov Thanks for the well off work you consistently bring your all and I truly appreciate that. Thank you for making corporate life so smooth. Proud to have you on our team. Great work as always.

  • @spiner956
    @spiner956 Месяц назад +412

    SO THAT PARTICULAR DIAL TONE IS ACTUALLY PART OF THE CALLING PROCESS??
    Man, you never stop learning something new everyday.

    • @idontwantahandlethough
      @idontwantahandlethough Месяц назад +59

      if you think about it, it's the same reason that early internet went "beep boop bop SHEEEEEPEPPPEEE" when you were connecting. Those beeps and boops _also_ meant somethings :D

    • @zyeborm
      @zyeborm Месяц назад +15

      Heh back in the day I once needed to call home from a pay phone but had no coins.
      If you hit the hook just right you could emulate the rotary dial process and place a call.
      Worked better when the exchanges had the mechanical relays, the timing wasn't as tight, but you could still get it later on.
      The coins then just unlocked the DTMF tones on the keypad.

    • @mikmorpheus
      @mikmorpheus Месяц назад +1

      There are even movies from the 90s that include this 😂 I think it's called hacker 🤔 they use alu foil to create a tone and than use the telephone to hack the system without monitor 😂

    • @lakonoki9189
      @lakonoki9189 Месяц назад

      Papa Linus got Hacked again..😢

    • @BillAnt
      @BillAnt Месяц назад

      @@zyeborm - Well prior to payphones going out of fashion, you could use a RED Box to simulate coins being dropped via inband signalling. SS7 took that out of the equation in modern phone systems.

  • @TheBooker66
    @TheBooker66 2 месяца назад +237

    This is actually insane. I didn't realise regular old cell networks were so highly compromised. I knew they were much worse than any form of communication which uses E2EE, but this is on a whole other level.

    • @rightwingsafetysquad9872
      @rightwingsafetysquad9872 2 месяца назад +9

      It doesn't even matter if you're using E2EE if it's compromised early enough.

    • @samholdsworth420
      @samholdsworth420 2 месяца назад

      Sim jacking is old news 😂

    • @XGD5layer
      @XGD5layer 2 месяца назад +1

      ​@@rightwingsafetysquad9872 yes, if an end is compromised, then it doesn't matter

    • @bororobo3805
      @bororobo3805 2 месяца назад +8

      Even SMS on 2G is insecure. You can use an IMSI catcher to grab SMS and even USSD sessions

    • @thethan3
      @thethan3 Месяц назад

      What is insane is actually the fact that until someone put this right in your face no one pays attention.
      Tech workers have been saying these things for decades, and regular people discount it as you are just being paranoid if you can't show it happening right in front of you.
      Also, its illegal (a felony for each count) to do these things, but the actual enforcement is only retroactive. You would think that people would pay attention to experts, but that is and has no longer been the case for years. This is one part of why most of the global society of 1st-world countries are failing.
      This has been an open secret in the IT and telecom industry for decades, right along the ME/Securezone (firmware-based backdoor access to all network connected computers).
      There are also many other aspects which were not covered, but equally mind-bending for an average person; and the risks are very real. For example, what would happen if your close contacts, which you don't see every day suddenly just stop talking to you. Messages you leave aren't returned, or are delayed without any indicator. Where your voicemails show up after the fact backdated. How would you know someone had called, or sent something, and it follows you across providers. Would your interpersonal relationships dwindle and die on the vine? Would you become isolated? Would it surprise you to know anyone with a radio can do the same things, passively? (a length of wire, an inductor and switch is all it really takes).
      Today, there is no amount of action short of violence where people will believe this is a problem with the underlying systems today. The system works fine for them; they'll just think its you being flaky and cut you out of their lives just like what happens with ghosting, only this denial of service will be from some third-parties forcing you to become a pariah without your knowledge by interfering with the connection between you and society.
      All it takes is isolation, lack of agency, and increasing cognitive dissonance applied across large enough portions of a persons life to induce a mental break, be it violent psychosis, or disassociation, there's a lot of literature if one looks for it that backs this, and the objective truth violates assumptions we naturally make about the capabilities, and free-will of others. We are malleable social creatures. Distorted reflected appraisal was perfected back in the 70s.
      When you torture someone (and these components are torture). When the torture is unending everyone eventually breaks, I would not be surprised if China was doing this to people broadly in the US. Active shooters clinically display very similar characteristics to violent PoWs returning from the Korean Conflict (at least what was described in the case studies done by Lifton/Meerloo under Mao's torture).
      Couple that with other forms of equally remote harassment, such as paying off a mail carrier to mark your address as vacant (so all mail goes to the dead letter department), Denial of Service to submit any query to a company or business, or interfere in job seeking activities.
      What would happen if you were summoned to jury duty and don't show up because you never got the summons, or worse did receit it but confirmed on their their website saying you were excused (when you weren't)? What about filing your taxes and they were never delivered. Opening support tickets (the only way to contact a company) only to have them closed 30 days later (with no record of them being opened, and no response). What about arbitrary discontinuation of food benefits after you are unemployed, no job prospects (no one calls back), rising costs (inflation), all regardless of the effort you make to correct the issues because interaction has been shimmed to allow unlawful transparent interference and torture.
      What would you be willing to do when you are desperate, have no food, no shelter, no future, and no ability to change it... and every other person sees this and just says, it works for me you must be doing something wrong.
      Many of our societal systems now operate on presumptions that can be by design made false, and the people that notice these things, the experts in systems that call it out; but aren't listened to, are instead made into pariah's, labelled paranoid, or just crazy. That's the world we have today, and why society is unraveling.
      Complacency is when true evil does its most destructive work. What was described here was known back in 2000. They have had all this time fix things, no action was taken and that is because these outcomes are by design.

  • @mitchellct01
    @mitchellct01 2 месяца назад +93

    I appreciate that your advert plug was left to the end and not interrupting the main video context. You are one of the only channels where I actually sit through the ad.

    • @winterwierdo
      @winterwierdo Месяц назад

      I also sit though then just for the view metrics for him.

  • @NorbiPeti
    @NorbiPeti Месяц назад +12

    4:42 I once created a DTMF tone for my grandparents' landline number in Audacity and then played it on my smartphone next to the phone and it actually dialed them, that was fun.

  • @drop6597
    @drop6597 2 месяца назад +1865

    linus' wife being like 'that's nice dear im busy' was the most relatable thing ever. HAHAHA.

    • @117chris9
      @117chris9 2 месяца назад +88

      hmm I got red flags but that's Might just be me

    • @antonio97b
      @antonio97b 2 месяца назад +375

      @@117chris9 It would be a red flag on the other end if you expected your SO to always bow to you.
      People have lives. Yes, wives can be busy without their husbands. Quit being weird.

    • @carlosalloatti5899
      @carlosalloatti5899 2 месяца назад +51

      @@antonio97b Also, people have manners.

    • @NikKrystalo
      @NikKrystalo 2 месяца назад +44

      relatable (un-married and 17)

    • @luketurner314
      @luketurner314 2 месяца назад +40

      I read it as Linus made himself sound like an artificial voice and she fell for it thinking it was some kind of spam call with a faked voice

  • @ChristianHDD
    @ChristianHDD Месяц назад +93

    I’m convinced there is no such thing as privacy anymore. I’m sure there is SO much more that we don’t know.

    • @jamielondon6436
      @jamielondon6436 Месяц назад

      Could you at least put on some clothes before posting this? Jeez, nobody wants to see that! :-p
      ;-)

    • @Dwigt_Rortugal
      @Dwigt_Rortugal Месяц назад +1

      I wish it weren't so. I'm teaching my kids that there's almost no privacy now, but when they grow up, assume there won't be any whatsoever. "Don't get a Gmail account. Here's why..." I wish our politicians knew something useful about anything more complex than a Casio calculator. Even a TI graphing calculator would be an improvement.

    • @storyofbo
      @storyofbo Месяц назад +5

      Assuming you (as most people do) want to participate in society, then yeah there's nothing you can do

  • @istiakakib7056
    @istiakakib7056 2 месяца назад +4722

    When you sleep first during a sleepover

    • @CrownVirtual
      @CrownVirtual 2 месяца назад +37

      that’s pretty mild

    • @budgreenjeans
      @budgreenjeans 2 месяца назад +40

      Sounds like Someone has been to band camp

    • @CrownVirtual
      @CrownVirtual 2 месяца назад +5

      @@budgreenjeans ???

    • @spindoctor6385
      @spindoctor6385 2 месяца назад

      In my day you would just wake up with a penis drawn on your forehead.

    • @Chitose_
      @Chitose_ 2 месяца назад +41

      now it's veritasium tech tips

  • @aivarasurbanavicius9563
    @aivarasurbanavicius9563 Месяц назад +17

    I been following your channel for several years now. Hands down this is the best science related channel on youtube. The topics are well presented even for a person with no knowledge on the topic. Derek I hope you understand how much of an impact you are making. I feel like I do learn more everytime I watch your videos. You are a gem.

  • @nydydn
    @nydydn 2 месяца назад +590

    Me with 2 sim cards in my phone, from different countries, so that attackers have multiple chances of success, just in case one of the networks is a bit more secure.
    I'm now realizing that pagers are the only way to protect yourself... Ooh... Wait.

    • @Daft_Ideas
      @Daft_Ideas 2 месяца назад +102

      *boom*

    • @iRelevant.47.system.boycott
      @iRelevant.47.system.boycott 2 месяца назад +26

      Make sure you get one with regular non lithium batteries ...

    • @turanamo
      @turanamo 2 месяца назад

      @@iRelevant.47.system.boycott it had nothing to do with batteries. LiOn cannot cause such destructive explosions.

    • @zozzinator
      @zozzinator 2 месяца назад

      The world is evil now, Israel will try to destroy anything in its way to control the world. There's not much we can trust around them

    • @dalegawne5286
      @dalegawne5286 2 месяца назад +39

      maybe go really old school and use walkie talkies surely they cant hack them

  • @vossti
    @vossti Месяц назад +47

    Brilliant video. i'm in the telco industry and i just like to point out one added layer of security as to how the network gets this IMSI.. upon first access to the network yes you use your IMSI but subsequent access and interaction with the network uses TIMSI (Temp IMSI) which changes.. and there are other authentication algos present in the Home Location Register that would make an attack of this kind not be widespread or easy to execute.. also would like to point out that the team there were able to exploit this since their system ( i think its a form of signaling transfer point- (stp) already had gained access to the network signaling and was intergrated to the nodes involved in the MAP signalling involved here.. Otherwise yes this was still a very informative video to the general public.. and i do remember watching their video from 2014 while i was still new in this field and yep they are right ATI (anytime requests) have been largely dropped in most major networks for security reasons..

    • @jeremylindemann5117
      @jeremylindemann5117 Месяц назад

      What's the point of having a unique identifier if you have multiple identities?
      Are these TIMSI numbers single use and still associated with a SIM or are they recycled within a global pool, which would make them completely non-unique?
      This sounds like a security nightmare and a system for launching multiple attacks using one TIMSI after another.

    • @rejophilipjose7763
      @rejophilipjose7763 Месяц назад

      Thanks for the info man

    • @vossti
      @vossti Месяц назад +2

      @jeremylindemann5117 yes theres an algorithm in the HLR that generates TMSIs based on your IMSI and you present this TMSI to the network periodicaly during a process called periodic location update. and if this TMSI does not match what the HLR gave you the last time then you wont be able to make any network interaction.
      Also note that the TMSI changes anytime you move to another serving cell since you will do another fresh location update.
      My point is this study shows that yes ss7 is not a nuclear bunker but ALOT has to be in place for someone to make this kind of attack and like he said it would need an inside connection to the telco itself to begin with..which govts actually do have..

    • @TheKarlitotube
      @TheKarlitotube Месяц назад +1

      actually, TMSI are on the air interface (BSSMAP). Here they get directly access to the SS7 network, and there is no IMSI. Update Location, SRI, SRI for SM or PRN at MAP level deals only with IMSI

    • @vossti
      @vossti Месяц назад +1

      @@TheKarlitotube you mean no TMSI. Yep. you are actually right.. thanks for pointing that out...i was just trying to mention that its not as easily penetrable as the guys here are painting it to be. happy to see someone in the field who knows his stuff! 😉

  • @Xathonn
    @Xathonn Месяц назад +6

    The beginning with talk about operators and stuff reminded me of my favorite story of those times.
    There was an undertaker who had a rival undertaker in the town, their rival was married to a phone operator, whenever someone called for an undertaker she would redirect them to her husband. The first undertaker got fed up with this and invented a machine to automatically connect calls, putting the operator out of a job.

  • @prathamjohari8301
    @prathamjohari8301 2 месяца назад +2467

    you can tell when this was recorded based on linus' hair colour

    • @oakleyves
      @oakleyves 2 месяца назад +585

      some say this is the new carbon dating

    • @evildude109
      @evildude109 2 месяца назад +273

      It was the day he left for the RUclips creator summit thing that he discussed last night on the wan show, and he was on the wan show in person last week, so this video was produced in under six days.

    • @TropicSpoon
      @TropicSpoon 2 месяца назад +92

      ​@@oakleyves linus-hair dating

    • @donc-m4900
      @donc-m4900 2 месяца назад +45

      So this is recent or 7 years ago? 😆

    • @WayStedYou
      @WayStedYou 2 месяца назад +37

      Or the fact Linus tells you during the video

  • @abielreh
    @abielreh 2 месяца назад +2511

    Veritasium going on his villain arc

    • @-TAPnRACK-
      @-TAPnRACK- 2 месяца назад +11

      Dang what an original comment

    • @chu121su12
      @chu121su12 2 месяца назад +14

      Still the element of truth

    • @DV-tx6ol
      @DV-tx6ol 2 месяца назад +28

      ​@@-TAPnRACK- dang, what an original comment stating what an original comment.

    • @Peekobo0_
      @Peekobo0_ 2 месяца назад +16

      @@DV-tx6ol Dang, what an original comment stating what an original comment stating what an original comment.

    • @captain_fisher_price
      @captain_fisher_price 2 месяца назад +10

      @@Peekobo0_ Dang, what an original comment stating what an original comment stating what an original comment stating what an original comment.

  • @janbobis
    @janbobis Месяц назад +324

    12:33 "you need something like a SIM card" then flashes a MicroSD card LOL

    • @mmdts
      @mmdts Месяц назад +13

      how do you even notice this?! amazing....

    • @proton3748
      @proton3748 Месяц назад +2

      I thought it was a sim card lmao

    • @haneycr
      @haneycr Месяц назад +13

      That's a Micro SIM card which performs the same function as a standard SIM card.

    • @GermanCacha
      @GermanCacha Месяц назад +22

      ​@@haneycr Is a Micro SD

    • @jaames
      @jaames Месяц назад +20

      @@haneycr I have the same exact transcent micro sd card. same colors. it's not a sim card lol

  • @swaggamesph3342
    @swaggamesph3342 2 месяца назад +218

    I'm glad someone created a video about this. I've been telling my colleagues about this and some of them seems like they don't believe me or did not understand.
    Big companies and banks should update their 2SV system since most of them will try to verify either by sms(otp) OR by email. It should be both sms(otp) AND email. This will make logging in to your own account hard BUT more secure (compared to previous system).

    • @J.C...
      @J.C... 2 месяца назад +6

      You don't look up much on here, do you? They've been putting SS7 attack vids on here for 8 years at this point. This isn't new. At all.
      Seriously. There's a vid from EIGHT YEARS AGO showing ppl use SS7 attacks to hack cell phones.

    • @SidewaysCytlan
      @SidewaysCytlan 2 месяца назад +9

      I much prefer TOTP or similar tokens that are generated on my device. The inconvenience is less and the security is arguably better (though we should be careful about underestimating the stupidity of users).

    • @VariantAEC
      @VariantAEC 2 месяца назад +3

      People wonder why my phone is basically always in airplane mode and why I never rely on VOIP internet features.
      Meanwhile, I can read the storage of computers up to about a mile away without additional tools or even any need for the target device to be connected to anything that could provide power to it... So, there are worse things on the way, it's only a matter of time.

    • @SakuraiEvsa
      @SakuraiEvsa 2 месяца назад +2

      sometimes its not the companies that not upgrading. its the customer.
      its the usual problem of accessibility vs security. multiple option so the customer can tailor their own are the best option imo.
      but yeah some company (mostly bank for me) are the slowest to over such option.

    • @high-captain-BaLrog
      @high-captain-BaLrog 2 месяца назад

      @@J.C... iCLoud and other remote storage hacks are just as common as they were a decade ago, people don't bother being pro-active or educated.

  • @SapphireSpire
    @SapphireSpire 2 месяца назад +1277

    People are asking why this hasn't been fixed. I imagine it's because government intelligence agencies, and international policing organizations like Interpol, consider it a feature, not a bug.

    • @meneldal
      @meneldal 2 месяца назад +163

      Governments don’t need this to control people in their own countries, they can just have the telco do their bidding. It's only useful for tracking people where you don't have control on the telcos. Hell back in the day government would put recorders inside the routing centers so they could listen on the line and people would try to hear the click the machine did when it started recording.

    • @Atexih
      @Atexih 2 месяца назад +75

      Nah. It's more like consumers like roaming that works almost everywhere and that means that you need to be compatible with the lowest common denominator. Your telco in a western country can't force some random other country to update their systems, but they still want to have roaming and calls between eachother.

    • @ms3862
      @ms3862 2 месяца назад +80

      @@meneldalyep well said. Your government does not need ss7. Your telco already collects all your calls, location and messages and the government just asks for it and they hand it over. In fact in many countries it's now required by law for your telco to monitor you so in the event the government wants the data it's there and available

    • @tboneforreal
      @tboneforreal 2 месяца назад +36

      It's money, plain and simple. Like they said in the video, no one wants to be first and spend the money and then all the other companies jump in and get the benefits for either a much lower cost or free. Are government intelligence agencies probably exploiting this? Very likely, but they would exploit any future system that replaces SS7 as well. You have to remember that governments have to approve these technologies before they get implemented and so they have the specs for months or years to analyze for vulnerabilities for their own use.

    • @RyanEglitis
      @RyanEglitis 2 месяца назад +23

      To be fair, the phone companies have only had 45+ years to fix it, they're not machines

  • @TimothyMershon
    @TimothyMershon 2 месяца назад +2346

    Veritasium: I hacked my friend. But first let me give you a complete history of the telephone.
    Me eating breakfast: Ok, cool. 👍

    • @-danR
      @-danR 2 месяца назад +36

      I needed less on the history of the telephone and more elaboration on places where Derek summarily simply papered over cracks, eg. the exploit against the boat captain.

    • @djraptorx
      @djraptorx 2 месяца назад +2

      I watched this while squeezing spinach at work 🙃

    • @sitrilko
      @sitrilko 2 месяца назад +14

      I think it was a good move, since it established quite well why things work the way they do now.

    • @syberphish
      @syberphish 2 месяца назад +3

      @@djraptorx Hey! You leave that poor spinach alone! Who told you you could touch a spinach that way? You oughtta be ashamed of yourself.

    • @mementomori29231
      @mementomori29231 Месяц назад +6

      I enjoyed learning about it. If you don't care about history then don't watch, get lost and be less educated. The impatience of the want it now society is insane.

  • @leadcloud
    @leadcloud Месяц назад +13

    Combine this threat with LLM voice spoofing, and youve got near-perfect social engineering potential

  • @randomtuberhandle
    @randomtuberhandle 2 месяца назад +746

    Im amazed that this has been publicly known and proven for over 10 years yet has remained relatively unknown by most people until now. Well done Veratasium and Linus Tech Tips. Excuse me now while I smash my cell phone into pieces and then flush it down the toilet.

    • @Blackwing2345635
      @Blackwing2345635 2 месяца назад +39

      Some services/apps with 2FA will warn you, that sms/call is not secure and you'd better use a 2FA app or key (secure card, usb key, etc.). In enterprise ditching sms/call 2FA is more common, though.
      What amazes ME, is that we have a lot of good and easy ways to secure stuff, but on the consumer end of business almost none of them are used.

    • @xx133
      @xx133 2 месяца назад

      State actors benefit from the status quo, and corps don’t want to spend money to upgrade

    • @123payattention
      @123payattention 2 месяца назад

      If anything the next phone you get should ONLY be for phone calls and text messages. Use the old or another device for everything else. Any device you use for any serious stuff, banking, buying things, etc etc should be on a secure device where not much else takes place on.
      I've even broken up devices I do Google searches on because they can be legally linked back to you if tied into a Google account that is interconnected with something that has your real name.
      Learn about metadata if you want to know how to take simple steps to protecting yourself

    • @MaxPower-11
      @MaxPower-11 2 месяца назад +19

      As shown in the video, there was a 60 Minutes segment about SS7’s vulnerabilities 10 years ago so it’s not _that_ unknown.

    • @123payattention
      @123payattention 2 месяца назад +4

      @@randomtuberhandle Jesus. My comment talking about limiting what you do on your phone got deleted....

  • @DiegoSusa
    @DiegoSusa Месяц назад +26

    Thank you soon much ! This video explains all the basics of my first jobs going from analog phone lines all the way up to SS7

  • @notme222
    @notme222 2 месяца назад +112

    As a teen in the early 90s, I was so fascinated with those early Phone Phreaking techniques. Some of which still worked. Even did a school project on it.

    • @codefeenix
      @codefeenix 2 месяца назад +1

      What still worked for you?

    • @Xero5273
      @Xero5273 2 месяца назад

      ​@@codefeenix "I wanna know too... for a friend"

    • @EricGranata
      @EricGranata 2 месяца назад +1

      @@codefeenixnot OP but probably close in age. I was too late for Blue Box but was able to cobble together a beige box (lineman’s handset) and mess around.

    • @notme222
      @notme222 2 месяца назад +1

      @@codefeenix It was a long time ago. Like @EricGranata I remember the Beige Box with the extra row of keys.
      Although not as exciting, my most practical use was tapping the hook switch on a school phone to simulate the old rotary clicks. It enabled me to make outgoing calls from a phone they didn't think it was possible to dial from.

    • @J.C...
      @J.C... 2 месяца назад +3

      @@notme222 I can't believe this is the first comment, other than mine, where someone mentions Phreaking.

  • @olindblo
    @olindblo Месяц назад +7

    21:46 this is actually how they caught a hitman in Finland back in 2020.

  • @kron7536
    @kron7536 2 месяца назад +475

    Fun fact: the dial up system was created by a dude that was upset because the phone operator that took care of his phone was the wife of a rival bussiness owner and she kept redirecting his calls to her husband's company.
    Dude got so mad he made her job obsolete

    • @marcelogomes4485
      @marcelogomes4485 2 месяца назад

      I saw this yesterday on 9GAG

    • @iresineherb7
      @iresineherb7 2 месяца назад +9

      what the name of the dude or the story?

    • @MatterLivesWhite
      @MatterLivesWhite 2 месяца назад +8

      Damn bro I watch YT shorts too!

    • @sterlingodeaghaidh5086
      @sterlingodeaghaidh5086 2 месяца назад

      @@iresineherb7 Almon B. Strowger
      There were many patents and inventions for automatic telephone exchanges in the 1880's when this took place.
      Almon was a funeral director in Kansas City, Mossuri when he noticed that his business was taking a dip in customers after his competitor's wife took up a job as a telephone exchange operator. At this time his funeral service was only one of two in the entire city so having your business more than halved is noticeable. She essentially used her position to route calls meant to go to him to her husband's business instead. This caused him to invent one of the first automatic exchanges in the nation, installing it first in La Porte, Indiana. He is widely credited with the two tone system that Veritassium mentions but I am doubtful that its as black and white as its laid out to be.
      Generally inventions like this are rather grey with multiple people creating different versions at the same time and patenting them, the telephone is another example with multiple people patenting their version of the "Voiced Telegraph".

    • @ArawnOfAnnwn
      @ArawnOfAnnwn 2 месяца назад +28

      Gonna need something easily verifiable before I trust this story.

  • @RichHeart89
    @RichHeart89 Месяц назад +197

    "Nothing to hide, nothing to fear" is only valid when you expect the one going through your data and your life to be someone you trust and whose values you share. Which will probably almost never be the case.

    • @bluegamer4210
      @bluegamer4210 Месяц назад +2

      The other side of the argument however is far worse, the absolute privacy has always yielded the worst types of illegal content and actions. The problem is the system that we exists under and values that many people hold as a result of the media that is being feed to them.

    • @Fielith
      @Fielith Месяц назад

      How do you have same pfp as my other acc

    • @RichHeart89
      @RichHeart89 Месяц назад +1

      @@Fielith This pic is one of the default options google let’s you choose from without uploading your own

    • @One.Zero.One101
      @One.Zero.One101 Месяц назад

      "Nothing to hide nothing to fear" is mostly used by naive people living comfortably in first-world countries. In my country you can gain the ire of the police with a simple Facebook post. Yes that's how petty they are and many people have been arrested; from teachers to teenagers criticizing the government.

    • @Muskar2
      @Muskar2 Месяц назад +1

      Why wear clothes at all if we got nothing to hide? Why not have all walls made of glass, stream all your microphones and cameras live 24/7/365 without the ability to turn it off?

  • @TheReaverOfDarkness
    @TheReaverOfDarkness 2 месяца назад +305

    We keep just trusting that digital systems are secure, often when they don't even have a single security layer. But when someone breaches that security, the companies running it tell us to manage our end user security better! Hold companies accountable! They can fix this and they should!

    • @xantiom
      @xantiom 2 месяца назад +21

      This is something that was known for more than two decades. Only some European telcos made some upgrades.

    • @justSomeUserOnYT
      @justSomeUserOnYT 2 месяца назад

      ​@@xantiom Yeah it's a well known vulnerability in these situations. Networks do decent amount of blocking of bad actors, but if someone really wanted to route your calls, listen in, intercept your SMS, locate you, they can. It's pretty crappy.
      It's why OTT/VoIP are significantly better alternatives.
      It's why Apple should have been genuine implementing RCS instead of using the Universal Profile which is not encrypted. Furthermore, Apple should just work with Google to expand iMessage.
      It sucks. Cellular networks are very old technology, often very outdated.

    • @ponyslavestation4669
      @ponyslavestation4669 2 месяца назад +1

      ​@@xantiomYea even heard of this some time ago on JRE.

    • @bradhaines3142
      @bradhaines3142 2 месяца назад +5

      ive never trusted it but im not given any choice in how things are done either

    • @pacmonster066
      @pacmonster066 2 месяца назад +12

      I mean if you watched the video you'll find it was the analog system that was the least secure. Playing a specific tone into your phone could connect you to whoever for free.
      SS7 was initially very secure, but got less secure over time as greed and laziness came into it. And now 4G and 5G are digital systems that don't have this vulnerability at all, it just requires larger adoption.
      There is a constant battle between security and people looking to break that security. You can't just make a generalized statement that "digital = bad".

  • @3dgar7eandro
    @3dgar7eandro 21 день назад +1

    @veritasium I give up there is literally no bad video of yours... How could you be so amazingly accurate and continues!

  • @cameodamaneo
    @cameodamaneo 2 месяца назад +438

    Linus: "I can't believe that YOU of all people were able to do this!"
    Veritasium: "I know right? It's scary that literally ANYONE is able to do this"
    Also Veritasium: "So anyway, the first thing I did was hire a security expert at the top of his field"

    • @bartlx
      @bartlx 2 месяца назад +113

      A security expert that has a running subscription costing a few $K's / month to use a rogue SS7 node.

    • @nydydn
      @nydydn 2 месяца назад +57

      The security expert is literally anyone not too dumb, and who can afford to spend half a year studying this without working a job and 5 to 10k to spend on access and devices.

    • @SeanHoulihane
      @SeanHoulihane 2 месяца назад +13

      Why do the leg work when you need to spend a few $$ for the intercept anyway. Unless the hack is zero cost, there is no reason not to subcontract running the scripts.

    • @abnorc8798
      @abnorc8798 2 месяца назад +44

      It is fortunate that this isn't extremely easy to do, but several thousand dollars per month is not ridiculously expensive. There are very many people who can afford that.

    • @dead-claudia
      @dead-claudia 2 месяца назад

      @@abnorc8798yep that's well within the range of what criminal hackers can afford.

  • @matta2738
    @matta2738 2 месяца назад +650

    Linus wasn't hacked. He didn't go running through the house in his underwear

    • @chadbizeau5997
      @chadbizeau5997 2 месяца назад +68

      You mean birthday suit...lol

    • @CrystalFier
      @CrystalFier 2 месяца назад +41

      No underwear lol

    • @mrowlsss
      @mrowlsss 2 месяца назад

      ​@@chadbizeau5997what

    • @user-lz2oh9zz4y
      @user-lz2oh9zz4y 2 месяца назад +30

      He didn't use underwear last time

    • @privacyvalued4134
      @privacyvalued4134 2 месяца назад

      @@user-lz2oh9zz4y It was a strawberry instead.

  • @ChrisBigBad
    @ChrisBigBad Месяц назад +61

    Ooooh! I do remember Karsten Nohl from the Chaos Computer Congress where he decrypted a cellphone call live on stage. In a later talk he said, the security in SS7 is "you don't know my address (GT), so you cannot hack me" - except the hackers DO know the addresses, so they DO hack you.

  • @BLASTIC0
    @BLASTIC0 29 дней назад +3

    Great video! My father helped Woz with the schematics for the blue box…. What a bunch of phreaks! I gotta check to see if he still has anything left over from working on it.

  • @MysticMusic07
    @MysticMusic07 Месяц назад +48

    Nothing is perfect every things have flaws but these sort of flaws chills me to the bone.

  • @kentslocum
    @kentslocum 2 месяца назад +333

    We need to force banks to stop using SMS for two-factor authentication.

    • @petesmitt
      @petesmitt 2 месяца назад

      Good luck with that; banks love it because it's automated technology that costs them nothing..

    • @HarishBabuM
      @HarishBabuM 2 месяца назад +4

      Is there any alternative?

    • @veselindimov307
      @veselindimov307 2 месяца назад

      ​@@HarishBabuMYes - P.O. Box mail. Old-fashioned, but waaaay more trusted

    • @grigorispavloudis383
      @grigorispavloudis383 2 месяца назад

      ​@@HarishBabuMAuthenticator apps

    • @jc84com
      @jc84com 2 месяца назад

      ​@@HarishBabuM bitcoin

  • @onn116
    @onn116 2 месяца назад +54

    It's really cool how you show clips from Mr.Robot. Shows just how faithful and realistic the series is. You can even find a breakdown of the exact attack the clips are from.

    • @Stiruz
      @Stiruz 2 месяца назад +6

      Such an incredible show in every sense

    • @PrograError
      @PrograError 2 месяца назад +5

      Too bad certain parts of the show were actually stolen.
      They stole code someone wrote and re-present it as their own production's, at least from what I heard (it was apparently for a certain conference as a demo, and was presented nearly 1:1)

    • @avarise5607
      @avarise5607 2 месяца назад +4

      ​@@PrograErroryea, they stole a puzzle, which contained phone number of creator, and proceeded to leak it to thousands of ppl

    • @MrAwesomeZ
      @MrAwesomeZ 2 месяца назад +3

      @@avarise5607 it wasn't his personal phone number just a number he setup for that puzzle. and the puzzle was stolen by the social media team for mr robot and had nothing to do with the creation, writing or production of the show

  • @AkhileshBharti-s2k
    @AkhileshBharti-s2k 8 дней назад +350

    I treated my ex like a queen. I gave her everything she wanted, and more, but it wasn’t enough. Finding out that she was cheating on me was utterly devastating. The hardest part to accept is that she was in her 50’s, and sleeping with guys in their 30’s. Not because they were younger guys, but because I figured a 50 year old woman wasn’t capable of this. 6 years down the drain, but a valuable lesson learned. Dale valskov is very calming and his insight is invaluable.

  • @anything.with.motors
    @anything.with.motors Месяц назад +259

    😂😂 i love how his wife was like oh major hacking sceme
    Sorry im busy bye

    • @joelfarm8497
      @joelfarm8497 Месяц назад +9

      The world will be crumbling into utter destruction and the babes will be fixing their faces.

    • @ishanpatel6583
      @ishanpatel6583 Месяц назад +18

      Linus getting hacked is a routine thing for her, so no reaction

    • @karolbielen2090
      @karolbielen2090 Месяц назад

      @@joelfarm8497 "I refuse to die without makeup!" XD

  • @ZoosheeStudio
    @ZoosheeStudio 2 месяца назад +546

    The amount of fake numbers that call me everyday, tells me everything I need to know about phone security.

    • @afjer
      @afjer 2 месяца назад +59

      Also the number of people who call me "back" because a scammer spoofed my number.

    • @J.C...
      @J.C... 2 месяца назад +12

      @@ZoosheeStudio I hope not because that has zero to do with it 🤣🤣🤣🤣

    • @abc123number1america
      @abc123number1america 2 месяца назад +15

      @@afjerhad this happen, very uncomfortable feeling first time some called me cussing me out

    • @tomaszzalewski4541
      @tomaszzalewski4541 2 месяца назад +9

      the funniest call I got said that I'm apparently an owner of a metric ton of a swiss Gold. All I need to do to get it is pay for shipping....

    • @jimpad5608
      @jimpad5608 2 месяца назад

      It has been possible to completely block all spam using SS7 and VoIP for many decades since it is just some additional software. BUT Telco don't want to spend the small amount of money it would cost and the Telco and governments simply do not care how annoying it is to users.

  • @Pedro_MVS_Lima
    @Pedro_MVS_Lima Месяц назад +11

    Your videos and the questions you ask are pretty much always excellent. This one is particularly special to me as it relates to most people's daily lives and because I do have a thing about electronic communications since the late 70s, thank you for reminding me how the POTS analog signaling worked and explaining how I could have called the Pope for free.
    I may be wrong, but I don't foresee SS7 will be phased out in 20 years time. It's been around for over 40 years now and it works reasonably well, its flaws and issues are seemingly not significantly affecting telcos operation or customer's communication reliability and privacy. I do foresee that it will get better protected, a parallel of this inertial process would be the IPV4 protocol.
    And at this point I've no idea why I still haven't subscribed to one of the more important and valuable channels in RUclips, I'm taking care of that right away.
    Thank you for everything, Derek!

    • @Winter-n7l
      @Winter-n7l 12 дней назад

      I highly recommend proton mail for high level encrypted services, from email, VPN to a crypto wallet they have in beta. And all from a non-profit started by CERN researchers as a hobby project with everything physically based in Switzerland, free for the base package too. If the Swiss hid naz! gold for their banks for so long I think their privacy laws will provide decent cover for encrypted and non-logged email and other services like drive and docs.

  • @DataIsBeautifulOfficial
    @DataIsBeautifulOfficial 2 месяца назад +2136

    Please tell me you changed all his contacts to 'Mom'

    • @_drago
      @_drago 2 месяца назад +32

      LMFAO

    • @fastlanenigeria
      @fastlanenigeria 2 месяца назад +59

      This is an insane prank 😂

    • @WumbologyPHD
      @WumbologyPHD 2 месяца назад +17

      Brb about to go back up my contacts

    • @ILoveTinfoilHats
      @ILoveTinfoilHats 2 месяца назад +77

      It's not that kind of hacking but still funny

    • @zperk13
      @zperk13 2 месяца назад +20

      that's... not how that wo- well i guess if you knew his mom's phone number you cou- idk if it can spoof though....

  • @brekmister
    @brekmister 2 месяца назад +88

    In the USA, There is a huge push in the Telecom industry (at least the smaller telcos) to start moving all services from SS7 to SIP based trunks. This includes 911 services.
    The biggest reason for doing so is because SS7 runs over TDM based connections (T1, SONET/SDH) the equipment that drives these are built by companies that were big in the 80's, 90's and early 2000's but no longer exist. There is no support for this equipment anymore and even modern solutions are dwindling too. (This includes Cisco, their solutions are coming to the end of the line)
    For those newer to the workforce, a lot of these telco systems in production managed remotely is older than them by a long shot. Thats myself included.

    • @PrograError
      @PrograError 2 месяца назад +1

      I imagine there's still fossils that runs on diskettes... just like the military still have stuff that runs on XP... or even 98...

    • @bobbobby1846
      @bobbobby1846 2 месяца назад +1

      ​@@PrograErrordos

    • @omarjimenezromero3463
      @omarjimenezromero3463 2 месяца назад +2

      like cobol being used by banks, and you can easily put a script there to rob money, the only thing that stop the majority of hackers is basically a surveillance system that looks for cobol logs that are "strange" XD

    • @brekmister
      @brekmister 2 месяца назад +3

      @@PrograError First version of DOS timeframe for the D4 Channel Banks. Hand soldered chips :)
      There are DACS that require a VT terminal (or a serial terminal from your laptop) some of the later DACS do have Telnet over 10 half duplex on IPv4. There is also a DACS I know that the modem card was basically rusted on so the only way to get into it is via a Dial-up modem.
      One of the systems I manage includes software that was designed for DOS. On floppy's. Last version of Windows that the software works on is Windows XP.

    • @madmax2069
      @madmax2069 2 месяца назад

      When I hear the word trunk I think of something like P25 trunking

  • @messyg-tar2251
    @messyg-tar2251 Месяц назад +200

    Pretty funny how the day you released this, australia started running ads that theyre shutting down the 3G network

    • @jsergiuiulian
      @jsergiuiulian Месяц назад +2

      2g will probably stay though

    • @Nickexp
      @Nickexp Месяц назад +8

      This has been in the works for a while, the ads have been running for months (maybe longer)

    • @kieransmith4477
      @kieransmith4477 Месяц назад +6

      One of the carriers in New Zealand is also shutting down the 3g network in 2025 it is somewhat annoying as a lot of phones are not enabled for 4g calling.

    • @flagmichael
      @flagmichael Месяц назад +3

      @@jsergiuiulian 2G is almost entirely gone already. T-Mobile is the last major carrier in the US to support it at all, and this month marked the end of them keeping it going. Some service may remain but it is being left to die on the vine.

    • @Dwigt_Rortugal
      @Dwigt_Rortugal Месяц назад

      It's mostly defunct here in The States, as far as I'm aware. My 2016 Subaru keeps trying to phone home via 3G and drains its battery if left at the airport without disconnecting said battery.

  • @DarshanAS
    @DarshanAS 2 месяца назад +678

    30:07 Saying "I dont care about privacy because I don't have anything to hide", is same as saying "I dont care about free-speech because I have nothing to say” ☠️

    • @jaculaa01
      @jaculaa01 2 месяца назад +30

      it is completely different. having nothing to hide is seen as something good, whereas having nothing to say is seen as something bad. even though the statement "I'm not worried because I have nothing to hide" is stupid, so is your analogy imo.

    • @thedeathcake
      @thedeathcake 2 месяца назад +54

      ​@@jaculaa01everyone has something to hide. It's such an idealised thing to say. Every human wants to have at least some sense of privacy.

    • @iCore7Gaming
      @iCore7Gaming 2 месяца назад +5

      That analogy is awful. Also there is no such thing as free speech. You cannot say absolutely anything without consequences, the USA even has laws against this.

    • @EdgarRoock
      @EdgarRoock 2 месяца назад +7

      I believe that's a quote by Edward Snowden. My guess is he wants to say that even if you personally don't need that level of privacy, there are other people out there who do. So this universal right must be protected for them.

    • @jaculaa01
      @jaculaa01 2 месяца назад

      @@thedeathcake I know it, but who asked? that wasn't the point of my comment, but sure buddy.

  • @pusparajmali
    @pusparajmali 8 дней назад +1

    I treated my ex like a queen. I gave her everything she wanted, and more, but it wasn’t enough. Finding out that she was cheating on me was utterly devastating. The hardest part to accept is that she was in her 50’s, and sleeping with guys in their 30’s. Not because they were younger guys, but because I figured a 50 year old woman wasn’t capable of this. 6 years down the drain, but a valuable lesson learned. Dale valskov is very calming and your insight is invaluable.

  • @MichielKeij
    @MichielKeij Месяц назад +30

    On the 19:43 mark you leave the totp code with a timestamp on screen. Linus should reset his MFA to prevent someone from brute forcing his totp hash as the number of possibilities have been drastically reduced.

  • @TheDarkbluerock
    @TheDarkbluerock 2 месяца назад +544

    Ok, Jobs and Woz prank calling the Vatican is actually funny :D

    • @SebastianHackeado
      @SebastianHackeado 2 месяца назад +14

      Is not a real story, is exaggerated to make them look cool.

    • @xantiom
      @xantiom 2 месяца назад +40

      ​@@SebastianHackeadothere were lots of cool stories from that era, especially with Capt. Crunch.
      I don't know if Woz calling the Vatican was exaggerated, but it really it isn't implausible. We are talking about a time where phreakers were social engineering military bases pretending to be generals just to troll their secretaries.

    • @SebastianHackeado
      @SebastianHackeado 2 месяца назад

      @@xantiom Calling the Vatican is certainly true, them waking up people to talk with the pope is a lie, Jobs is telling the truth with his body language. He was always good at inflating and overvaluing stuff. But he is not a good liar.

    • @playerzking
      @playerzking 2 месяца назад +1

      the story is the physical manifestation of code injection

    • @123payattention
      @123payattention 2 месяца назад +20

      ​@@xantiomit's not even remotely outlandish. Cyber security was non existent back then

  • @yupimrandy
    @yupimrandy 2 месяца назад +1454

    Linus getting hacked, what's new?

    • @EvolutionBG
      @EvolutionBG 2 месяца назад +16

      xd

    • @Skiman__
      @Skiman__ 2 месяца назад +63

      Him not getting locked out of the channel lmao

    • @FirstLast-xt9ig
      @FirstLast-xt9ig 2 месяца назад +16

      Well, he is the biggest fish in the sea

    • @BentleyCreates
      @BentleyCreates 2 месяца назад +2

      LMAO

    • @GuyIsNotHere
      @GuyIsNotHere 2 месяца назад +31

      Well at least he wasn't naked this time... so we have that going for us...

  • @portobellomushroom5764
    @portobellomushroom5764 2 месяца назад +135

    The hacksmith calling Linus Tech Tips and having Veritasium pick up the phone is the weirdest crossover of the year

  • @Switch72nd
    @Switch72nd 16 дней назад

    Things like this is why SS7 is on the way out. Being replaced with diameter and sigtran. Though diameter is vulnerable to a lot of the same things as SS7, it actually has encryption at least. Really interesting video.

  • @SteakandChains
    @SteakandChains 2 месяца назад +15

    Great video! This was my whole world when I was in the military and for a contractor when I got out. The reason why it doesn’t always work is because of network registration. Your victim’s phone needs to be far enough away on a neighbor node for the routing to your phone to work. I miss that life.

  • @Blue-cq2hl
    @Blue-cq2hl 2 месяца назад +267

    I really hate the idea that if you have nothing to hide you have nothing to worry about from a privacy standpoint alone, let alone when it comes to bad actors at all.

    • @Unknown_Genius
      @Unknown_Genius 2 месяца назад +10

      Yup.
      The worst part is that technically mass surveilance would bring a huge boost in general security and could prevent a lot of bad actors from.. well, bad acting - if there wouldn't be the issue that abusing it is easy as well.

    • @DavidKen878
      @DavidKen878 2 месяца назад +3

      Oh please, the only reason you're whining about privacy is because you consider it to be a right.

    • @markfish8539
      @markfish8539 2 месяца назад +7

      Generally, i believe its ppl who have malicious intentions and ppl who can’t think or are lazy in imagining evil who subscribe to the this idea.

    • @iRelevant.47.system.boycott
      @iRelevant.47.system.boycott 2 месяца назад +23

      Getting ads about something you have recently talked about was considered a conspiracy theory not to long ago ...

    • @lschmidt2405
      @lschmidt2405 2 месяца назад +9

      ​@@DavidKen878Just because many people are nosy & love being entertained by other people's activities doesn't make it a right for them either.

  • @mshthn
    @mshthn День назад

    As always, awesome video. What I don't quite like is that it kind of suggests that Jobs and Wozniak created the blue box.
    They got interested in it after the 1971 October issue of the Esquire magazine featured it and the phone phreak culture. That's when Woz told Jobs he knew a guy who knew more about it and soon they sat down for a talk somewhere. That guy later became known widely as Captain Crunch.
    At least that's how I know the story, I hope I'm not completely wrong.

  • @tupcho33
    @tupcho33 2 месяца назад +60

    As a person who works in telecom and specifically roaming - i am thankful for you sharing this and in the same time, you sharing this has increased our volume for this specific exploit almost twice

    • @tj86xj
      @tj86xj 2 месяца назад +1

      Yikes

    • @Dornacgove
      @Dornacgove 2 месяца назад +1

      As you work in the field, would disabling roaming with my carrier mitigate that specific attack?

    • @tupcho33
      @tupcho33 2 месяца назад +2

      @@Dornacgove not quite, the issue comes from the GT that you are being assigned temporary, in my case (roaming) in other cases, there is a different route from network cell to network cell that can be exploited for same country. But even if you do disable roaming, i don't think believe (based on what this disable is ) it will change much as you need to have set rules and assignments to carry a call.

    • @iulian.danila
      @iulian.danila Месяц назад +1

      ​@@tupcho33 with all due respect, the explanation is a nonsense. There are tons of them in this video comments, though. It is advisable to read a bit about how the addressing works in legacy networks, and what a "GT" is. To have a better picture, an analogy could be the GT is like a public ip of a server. Now imagine how easily you can hack the server by knowing its true ip. This video contains tons of oversimpifications and nothing on SIM authentication. To trick a network that its user is roaming you need first to hack the network itself, get data that it is stored in encrypted format, decrypt it, then get data that is stored on the SIM and corelate the two.

    • @tupcho33
      @tupcho33 Месяц назад

      @@iulian.danila I don't want to get in any arguments especially in youtube comments. My recommendation is to read about MTFSM in ORACLE. There is no need to hack the network

  • @meowmerere
    @meowmerere Месяц назад +81

    I think it would be funny if he uploads a random science video on Linus' channel, and nobody will know why unless they watch this video 🤣

  • @thisismossop
    @thisismossop 2 месяца назад +13

    I worked in 2nd/3rd line support for a large, well known, MVNO in the UK in the early 2000's. We had access to the parent networks HLR for Mobile Number Porting (Prior to MNP2 in the UK) and could make these changes in IMSI association at will. I even remember my SS7 training. I knew people at the parent networks NOC, and what they earned at the time. I can understand why so many Voicemail PIN's got reset back in the day (See UK Phone Hacking in early 2000's). Interesting point, the company that wrote our HLR interface was based in Israel.

  • @madeline-onassis
    @madeline-onassis 17 дней назад

    The animation at 4:57 made me so happy!

  • @RaphaelChan888
    @RaphaelChan888 2 месяца назад +40

    It would have been a great demonstration and proof of concept for Derek to actually upload this video on LTT's channel while he was in there...

    • @awaitingconfirmation8406
      @awaitingconfirmation8406 2 месяца назад +1

      The LTT channel wasn't hacked.
      They are using much greater security methods now which most likely aren't reliant on SMS or anything related to it. They are probably using physical encryption keys and authentication apps.
      But even those are not entirely secure because of browser session attacks like the one that caused their last hack lol

    • @romangiertych5198
      @romangiertych5198 2 месяца назад

      He was not in there, he told Linus the code, who typed it in.

  • @theencore398
    @theencore398 2 месяца назад +143

    Sometimes i feel so privileged to live in time where such high quality storytelling art is free to access

    • @oldwiseowl4506
      @oldwiseowl4506 Месяц назад +19

      You paid with your personal data that being collect by Google to distribute their ads.

    • @TurboWorld
      @TurboWorld Месяц назад

      @@oldwiseowl4506 well foey with your truths old wise owl, i love you. Story telling art + bad ass comments of truth like this above, priceless.@theencore398

    • @theencore398
      @theencore398 Месяц назад

      @@oldwiseowl4506 my humble privacy minding self is on revanced brother, I ain't even giving them crash and bug report analytics, forget about ads. personalised advertisement have been turned off down to the every last goodgle setting I could get my hands on and then some more. So yeah, goodluck serving me ads and digging my data.

    • @aaaaaa-hh8cq
      @aaaaaa-hh8cq Месяц назад +1

      veritasium is awesome. the best science channel on the whole platform, period.
      the sad thing is, sometimes he makes very informative and interesting videos about different science subjects, but because the video isn't click baity, or because it doesn't immediately please the audience, it gets very low views which generates less revenue. what concerns me is that he'll stop making those videos because of their lower revenue.. derek please don't do that . science is priceless, sometimes we'll have to make sacrifices to enjoy and spread it.

    • @MatvaNabor
      @MatvaNabor Месяц назад

      @@aaaaaa-hh8cq What are you talking about, this video has over 3 million views...

  • @deltaman2004
    @deltaman2004 Месяц назад +99

    Since I was a kid, I was convinced button tones were unique and this just confirms it. Wow 30+ years later

    • @EstonianSunshine
      @EstonianSunshine Месяц назад +8

      Same!!!

    • @crimsonalchemist856
      @crimsonalchemist856 Месяц назад +3

      Well, that's how IVR still works today using DTMF tones.

    • @BlueSparxLPs
      @BlueSparxLPs Месяц назад +7

      My cousin used to swear he could tell who people were dialing just by listening to the tones. I wasn't sure about it as a kid, but it does sound very realistic now.

    • @jamesallen74
      @jamesallen74 Месяц назад +2

      ​@@BlueSparxLPs​ yep I knew someone who could tell exactly what key I would press. I would test her, and she would not miss. I thought I could trick her with 4 vs. 7, or 1 vs. 9. Nope.

  • @CoreenMontagna
    @CoreenMontagna Месяц назад +16

    30:12 sounds like if your abuser has enough money to purchase the services of such hackers, you should be concerned.

    • @johnba291972
      @johnba291972 Месяц назад +1

      You don't think just having an abuser is reason to be concerned?

    • @CoreenMontagna
      @CoreenMontagna Месяц назад

      @@johnba291972 obviously it is, I was assuming someone who has already left their abuser, and is trying to avoid being found

    • @kirby145x
      @kirby145x Месяц назад +1

      There's hundreds of ways you can find someone if you want to. Only way to not be found is to go off grid completely

    • @Winter-n7l
      @Winter-n7l 12 дней назад

      If a abuser has $30 and ur name they can find you with a legal service, so no need for the SS7 thing. Be concerned, and if in the US, exercise ur 2nd amendment rights. One of the only justifications for that right to exist is a case like DV or abuse.

  • @rdyer8764
    @rdyer8764 2 месяца назад +65

    When I was working for AT&T we called the older technique for connecting calls "In-Band" signaling, and when the SS7 network was added that was to do "Out-of-Band" signaling. There was even a commonly available publication that was for sale in most larger magazine stores called "2600" where these folks would share common techniques to hack the phone network.
    Also, If I remember correctly, the rotary dial phones delivered one more pulse than the number dialed. i.e. the number one created 2 pulses, the number two created 3 pulses, etc.

    • @EricGranata
      @EricGranata 2 месяца назад +11

      2600 is still published. They’ve got a radio show and podcast too. Good times.

    • @rdyer8764
      @rdyer8764 2 месяца назад +3

      @@EricGranata Cool! I had no idea. Then again I've been out of telephony since 1998.

    • @gamblit
      @gamblit 2 месяца назад +13

      It was number = pulses, not 1 extra pulse.
      People would sometimes have little padlocks on the rotary phones, to prevent people using them. I was able to complete calls simply by using the hook switch very fast to introduce the pulses. To dial a 7 you would simply tap the hook switch 7 times really fast.

    • @Steve-Kratz
      @Steve-Kratz 2 месяца назад +7

      The pulses are the same as the number (0 being 10). You could actually dial a phone by using the hang-up button on a phone to tape the numbers really fast, pause, go to the next number.

    • @profpuffofficial2
      @profpuffofficial2 2 месяца назад

      2600 OG memberd have a very active facebook group