no wifi should feel insecure... network bullying is NOT okay
@PuceGaming4456 ай бұрын
negawatt
@kevinwong_20166 ай бұрын
Fr💀
@twinkl3s6 ай бұрын
@@PuceGaming445huhhhh
@LuigiCotocea6 ай бұрын
Bro mas mixed his thoughts 💀
@Cartiisthegoat296 ай бұрын
I once connected to McDonald's free Wi-Fi and before I knew it, Anonymous hacked my entire family tree :(
@savagecorn17396 ай бұрын
L
@hiddenguy676 ай бұрын
darn it!
@varteo6 ай бұрын
one of the best IT youtubers rn
@budgetarms6 ай бұрын
He will be big, not extremely fast, but also not slowly
@pepeshopping6 ай бұрын
Says more about you than him...
@Coral_pepe6 ай бұрын
Agreed
@KoDi826 ай бұрын
Ever since he took out the background music for sure
@CongruentYT6 ай бұрын
6:19 Leak
@Win_76 ай бұрын
it may be intentional by him
@Alex-ll3df6 ай бұрын
@@Win_7 Whats the point of that 💀
@EricParker6 ай бұрын
Thanks for pointing out.
@phecdaDia6 ай бұрын
@@EricParker It's still visible, before it's censored out
@KiwifruitDev6 ай бұрын
I went to it just now and realized that my ip address might make its way into the video, oops
@noderunner_6 ай бұрын
I think a misconception is that you have to be on an "insecure" network to have a security problem. Being on any network with other users is a risk. Maybe you trust that both your device and the network itself is secure, which is not always the case, but what about anyone else on the network? They're probably not a malicious actor, it's more likely they're computer illiterate, which means they've probably clicked the wrong thing and their box is already pwned by malicious actor(s) who can then use their machine to attack you.
@JessicaFEREM6 ай бұрын
this is one of the 2 cases where using a commercial VPN is a good idea. something like mullvad or proton should work and be more trustworthy than the rebranding of 1000 VPNs that usually happens since they don't do that. (and make sure to turn on disable traffic if not connected to VPN before you connect to the wifi network) the other case being piracy.
@volodumurkalunyak46516 ай бұрын
There is VERY SIMPLE RULE: 1. Don't go to non-encrypted sites over public WI-FI. 2. That is all. No VPN necsessary unless you have to go to non-encrypted sites.
@goresunstrider62726 ай бұрын
don't use WiFi outside of the company one at all. Easy
@biorix97045 ай бұрын
@@goresunstrider6272 or the home one, obviously
@orondf3436 ай бұрын
Wouldn't DNS over HTTPS also solve the issues that you demonstrated were solved by the VPN?
@Dynamit0086 ай бұрын
I was not suprised at all, but good that you learned. by the way WPS Pin that you did talk about sucks when it comes to security. it almost as horrible as having UPNP on the router enabled
@awesomeguysuncle6 ай бұрын
YOUR UPLOADS ARE SO FAST AFTER YOU POST SNEEK PEEKS THANKS MAN
@jcxtra6 ай бұрын
Hmm. If a captive portal uses a self-signed certificate it's definitely not secure, since someone could easily just spoof the page, but I expect it's a little more difficult if a system uses a properly trusted certificate... but if there's someone malicious they could just SSL strip the page and MITM it anyway and unless you were looking out for "hmm why is the login page plain text" (which most users probably wouldn't). Do you happen to know what effect opportunistic encryption (OWE) has for open networks and sniffing from the air? I'm guessing given that you can just pull it from the air and connect you may be able to figure stuff out, but I'm not so familiar with OWE maybe the encryption is per device which would make it a bit difficult. I'd test but I've no wireless cards I can get to work in promiscuous mode yet. Been following your videos since the XP online one got some traction and gotta say I really enjoy your content and look forward to seeing them (but I don't comment all that much) :>
@S-axle6 ай бұрын
Nice Video. How about cellular networks? Are mobile networks more secure (AT&T, Verizon, etc)? Any other phones reachable on like a mobile LAN?
@EricParker6 ай бұрын
My understanding is no such sniffing is possible. In theory ina roaming situation there could be a malicious tower but I’ve never heard of it
@peulleieoyukino63696 ай бұрын
there were some nasty mitm attacks possible back in the GSM/3G era, where one could take control of a tower or access the unencrypted payload on the backbone nowadays, with 4 and 5G, and better monitoring from ISP, not so sure, especially given the backbone may be ISP dependant, and with it the attack vector
@jackssrt6 ай бұрын
at 6:20 you can see through the censor
@Win_76 ай бұрын
it may be intentional by him
@EricParker6 ай бұрын
Editing pending, was not intentional. I can't stop people but seriously I am not trying to setup a CTF / ARG type of thing, looking ot see what automated vuln software does.
@SKlESYT6 ай бұрын
Hey Erik! I love the channel! Could you make a video on the Roblox chrome extension BTRoblox? It has permissions to read data which could mean account cookies. Thanks! Keep making great content
@hiddenguy676 ай бұрын
btroblox is pretty fine for me personally and i think it uses reading data to see prices of robux and stuf on items
@ギコ6 ай бұрын
it's literally open source
@hiddenguy676 ай бұрын
👍
@kavylavx6 ай бұрын
sorry but thats normal.. btroblox ive been using for more then 1year, nothing happened. also ropro does the same
@traffictraffic6 ай бұрын
This was the video I've been looking for. I have always wondered if vpns really do work and this videos shows that they most certainly do and to what extent. Thanks!
@goldencheats236 ай бұрын
What if we connect this to windows xp?
@JohannesThies326 ай бұрын
What about the AP isolation / SSID isolation feature in professional access points?
@EricParker6 ай бұрын
Depends on the setup. AP isolation is mostly to prevent networking across guests (in a LAN sense).
@pepeshopping6 ай бұрын
Ahhhhh. Somebody that actually knows and thinks! Any time anybody answers your challenge with: "mostly" yiu know they don't truly understand low level stuff!
@pepeshopping6 ай бұрын
@@EricParkerdetails, details! Cmon, TEACH US!
@juanmondragon6 ай бұрын
@@pepeshoppingand yet you have fallen on the same boat
@nordlawt82426 ай бұрын
Is there any major security difference with Ethernet if you plug directly into the modem vs plug it into the router?
@KiwifruitDev6 ай бұрын
Would you be able to test an open VNC connection? Like no password and all? I once had my PC set up this way in high school because the school PCs didn't allow me to enter a VNC password through the browser, but I removed it once I saw my mouse moving on its own one day.
@felixbemme72576 ай бұрын
Isnt there a Method to logout users from a current network? Then just let them connect to an evil clone with a custom dns server which serves a phishing Page instead of the actual requested one?
@Amonimus6 ай бұрын
Interested in that private VPS thing. It sounded like any vpn is better than no vpn, but then there's a question if you trust the vpn more than the wifi provider. Also this won't help much if wifi provider blocks wireguard and other vpn protocols because as a public service they'd really be just as interested in seeing what you're doing as any sniffer.
@EricParker6 ай бұрын
If your wifi provider blocks VPNs your wifi provider is malicious, full stop. There is actually a way to mask a VPN as a DNS server that they are unlikely to catch, but it would be limited to ~ 1 mbps.
@incandescentwithrage6 ай бұрын
@@EricParkerI've seen VPN traffic blocked on hotel WiFi. Having a VPN back to your home router using port 443 gets around it. A lot of enterprise firewalls use "SSL VPN" (just their own OpenVPN implementation) on 443 for this reason. You can do all this with openWRT and similar.
@goresunstrider62726 ай бұрын
Hello Sir WPA3 is no longer operating with PSK, it instead operates with SAE, so even if you got the password, you dont have the encryption key. good videos :)
@BlackRedandDEad6 ай бұрын
What video are you referring to at 5:10?
@kylewm6 ай бұрын
likely an upcoming one that was mentioned in a previous video.
@MickmickWashesThings_Official6 ай бұрын
Interresting, that's why they say, "insecure", when connecting using a resent OS. Also why am i the only one that made a real comment ? (right now)
@EricParker6 ай бұрын
Because most of those were posted within a 1 or 2 minutes of posting. They couldn't have watched the video yet.
@PerMejdal6 ай бұрын
It does not matter that the captive portal login is encrypted. As an attacker, I will spoof my the login page, and wait for someone to login. If that login is used else ware, like email, the fun really begins.
@5GIlYsq2fmZYv8pIAnR2b6jiu6 ай бұрын
ok Per Mejdal
@MickmickWashesThings_Official6 ай бұрын
This is interresting ! I was wondering this for a long time, the hospital i went to one day, and used a captive portal
@Zer0-Day6 ай бұрын
Can you do a man in the middle attack next and see if it's possible to see the packets
@EricParker6 ай бұрын
If you have watched any of the network analysis malware videos I have done, or the "What does windows collect" those all use MITM, but it requires the system installing an SSL cert. There are definitely problems like this possible with a malicious hotspot. What I show here doesn't require the hotspot be malicious.
@vladislavkaras4916 ай бұрын
Great video! Thanks!
@the-answer-is-426 ай бұрын
The VPN thing reminds me of an attack I heard of recently that could bypass VPNs using (if I remember correctly) a DHCP server and admin access to the router, but I forgot the details. Think it was called "TunnelVision". So even with a VPN you might not be safe. I honestly refuse to use public wifi because I don't trust them, but I'm probably too paranoid 😂
@hiddenguy676 ай бұрын
personally I just use mobile data, never will trust them
@Darkregen95456 ай бұрын
Glad to know VPNs hide the information i request and send on public wifis thanks.
@Deniil20006 ай бұрын
time to do wireguard over WLAN
@Floofie_boi6 ай бұрын
You can't get any of my data I use a VPN
@superstar646 ай бұрын
Not sponsored by NordVPN, but if you WERE...
@danielk71656 ай бұрын
Another great video, Brother
@MNMLSTN6 ай бұрын
finally a wifi network I can relate to
@mariocamspam726 ай бұрын
This thumbnail is like something from a roblox porn scam, please go back to the old ones haha
@realvercy6 ай бұрын
Hello, do you remember hearting my comment in the video about the OS when i said i was the 10th comment?, I was actually the 10th comment in that video!
@Tsiikki6 ай бұрын
Fun is over now ;) Well, enjoy the cat.
@mamba39686 ай бұрын
Currently in a no Password (and no WPA) wifi. I just love my VPN
@davel40306 ай бұрын
How risky is hooking up with somebody at the hospital? 😂
@SametKaratas-db1xu6 ай бұрын
Ethernet is better than Wi-Fi
@hiddenguy676 ай бұрын
Yes, it is
@SteveSteeleSoundSymphony6 ай бұрын
Always
@xtrxplex1176 ай бұрын
Brother i love your vids, but i just realised, you sound like tristan tate 😂😂
@IAmMarvel14 ай бұрын
Sniff sniff
@mtt694206 ай бұрын
:(
@surcohh6 ай бұрын
secon d
@JagArFlicka6 ай бұрын
@Daniel636-j7l6 ай бұрын
First
@lucymorrison6 ай бұрын
happy pride month everyone
@GeorgeSukFuk6 ай бұрын
Lmao omg
@sauliusvitkauskas87416 ай бұрын
pride is a sin
@Magiczny-Krzysztof6 ай бұрын
@@sauliusvitkauskas8741shut up
@ColaTai6 ай бұрын
Bro why the gays get a whole month
@Magiczny-Krzysztof6 ай бұрын
@@sauliusvitkauskas8741 shut up
@cesarstwounderwersu84236 ай бұрын
fifth
@pepeshopping6 ай бұрын
Wrong. A wifi, with a known shared password CAN BE FULLY SAFE by simply implementing SEGMENTATION for ALL the clients! What does that mean? Gp find out if you just believe these exaggerated youtubers. But what exactly do you expect from THESE people that use a VPN, for "protection"!