when?

This is an Ad!!! Why are people "Thumbs UPing" an AD???? Huh, I guess the channel owner is getting a kick back from them...

​​@@docbrown1157 If you're not interested you don't have to click but an upvote on an ad for the Creator's livelihood is a small sign of appreciation of the time & effort that goes into educational videos like this that have been made freely available. At least it's relevant and not some annoying sh*te like nordvpn or some sweepstakes scam.

I could offer a cheap tutorial on how to sync your audio and video already the during recording process :)

Was always sus of webp to the level of canceling it completely in my projects.

Exploiting webkit has been a pretty popular way to jailbreak things. You can even do it on the PS3. I used to have to use an E3 flasher back in the day. I totally prefer webkit exploits any day over popping open something and attaching random shit to the onboard chips

There's been loads of very scary bugs in software that nobody ever seems to have cared about the potential risks. For example, you have no idea whether you've been hacked or not. Really.

It was an ok idea. Buuut it revealed that the phones security was garbage.

@@ryangrogan6839 Yeah, i modded my PS3 with HEN all thanks to the browser

@@syrus3k Ah yes, if only there was a popup on the screen every time the PC got hacked, lol

Yeah, similar problems have existed in libjpeg and libpng, both exploitable in practice. Shows the value of both memory safe programming environments and simple data formats.

I seem to recall a similar bug in IE 5 once or twice a week, back in the day. 😂

Jeah, i think the bug was in the GDI or GDI+ library, but maybe this was another bug.

There was a similar exploit in IE and Firefox involving animated mouse cursors.

the first iphone jailbreak was through a image parsing exploit

Came here to say this!! Haha. The tiff overflow!

I still remember even somebody got a PSP back from being serviced with a magic battery in it that was immediately sent to the cracking scene.

It definitely was 😊

@@mgancarzjr yeah that was crazy

Also the iPhone/iPod Touch. 1.0 - 1.1.1. Was patched in 1.1.2.

its all so magical

I was thinking the same thing. I like the narration as well! Now I have to research more.

In this case, it was a bug. But especially with Machine Learning, there can be 100% correct code, but the AI is still vulnerable to image/video/data stream manipulation. Fascinating stuff! I don't know about the case with tesla, but it is (or was) possible to confuse many AIs used for street sign recognition in a way that made them completely useless (Stop signs to 50 signs and similar things). Luckily, as far as I know, it is near impossible outside of laboratory circumstances, as it relies on the specific learned topology of the target AI. It is very weakly transferrable and near impossible to generate without access to the AI. Do you maybe remember the paper? It sounds very interesting, but I could not pin it down with a quick google search. "Hacking Tesla with image" seems too generic.

The problem with hacking a tesla is that you can never tell if it was you causing it to fail, or if it just failed on its own.

@@eanredur9920 Machine Learning turned out to be the biggest crock of shit once it started being rolled out, it can't even hold a conversation without its mind wandering into fucking Narnia, and you expect it to write perfect code??

maryastroyka dolls :D

Mary Striker Dolls! 🤘

ngl, Perestroika Dolls hit me hard. The idea of the dolls redesigning themselves so they no longer stack.

Ironically this particular exploit also affects Linux. It couldn't run as root of course but it could sure erase your home folder!

🗣️😭☠️🙏🛐‼️ deserved

@@em7dim9 ???

@@ggsap Running Linux wouldn't have protected you from the exploit in the video. The comment was about Linux offering more protection.

@@em7dim9 You made "this particular exploit" sound like the exploit OP was referring to

Fr

I would assume either in the image data, or the table itself, but I also would have liked the video to cover it.

That's an interesting question, yes. You have to somehow get the compiled form of the code you want to run into a region of memory that will be executed from.

He made a previous video explaining exactly how the webp exploit works.

He explained the hardest part.

I've been feeling the same!! Enjoy, happy learning ♥️

Did you do Huffman Trees or is it more about understanding trees, compression, and recursion? Just asking because I found our Algorithms and Data Structures lecture useless. We did basic stuff, but nothing one could not have learned to a reasonable degree by reading 2-3 hours a day for a week.

@@eanredur9920 we learned both. Had to do Huffman encoding for an exam question actually.

@@Adreadon Cools stuff. I wish we did go a bit deeper.

Picture go boom. Computer be sad now.

True, but you don't know it is a 1x1 pixel image unless you parse the image. Size is also misleading, because many image formats have many meta-data fields that allow me balloon the image to a point you no longer consider it suspicious. Browsers might be updates by now, but there is a lot of software that are embedding webbrowser components that might not be updated, like mail and chat applications. Linux users get most of their applications from the distro repository which will automatically update the applications. Under Windows this is much more messy and we all know that people don't like to upgrade their software because it is often asked when you want to use the application. VLC for example tells me when I'm want to watch a video that there is a newer version and I only have a yes or no option, why not a install on exit of application?

@@2Fast4Mellow Aye, the webview world is due a massive wake up ... I mentioned the webP thing a while ago, barely got a response ... till I started listing all the things that use it.

A company that I know... ...sends out emails that contain 1x1 tracking pixels. The reason I know this is that the same company has MS-Outlook policies that prevent the automatic downloading of images, instead marking the email's missing images with little squares on each corner. At the bottom of each email is a 1x1 pixel collection of four squares, that contains a link to an online (served) image that contains a lengthy and obviously unique identifier in the filename. In summary: 1) Company uses tracking pixels on all Corporate Communication emails, and 2) Company's MS-Outlook reveals this to anyone that knows about the general topic of 1x1 pixel images. SMH...

You can still do a ton of damage with a 1x1, depending on if you host it or not.

If you think that's bad you should see how Pokemon handles 0x0 images.

Meanwhile i would prefer a compile of discord that cannot render user content.

I downloaded two videos using that. It was the Rick Roll that slowly shrunk, and a cat meowing where the video would change size when the cat meowed. It's pretty cool, and is even viewable in certain desktop media players.

Remember that clip of the annoying orange coming through the TV that crashed your discord? I think it also used this tech.

AFAIK, that behavior was not removed in Discord directly, but through a patch in Chromium

@@jsrodman What's the point of that? Wouldn't that just be the UI?

Guess what, you're not safe even without Internet... and I don't mean your computer, I mean your physical body... the chance a sniper kills you is never zero.

#ifdef newlllvid bool goodday = true; #endif

​@@swiss_engplease don't use macro for runtime checks...

@@swiss_eng I'll do you one better. #ifndef newLLLvid *(char*)0 = 0; #endif // newLLLvid

This is some real strange dotnet syntax guys…

fn lllvid(new: Vid) { match new.is_ok() { true => true, false => Err(Error::Nonsensical) } }

Yep, definitely a play on Misty Mountain Hop by Led Zeppelin

The "picture" is a file which contains binary data representing the red, green, and blue (RGB) components of the color to be used for each distinct subunit of a digital image. With a large enough set of colored pencils (or an image composed from a limited color palette) and some graph paper you could open up the "picture" in a hex editor and render it on your graph paper in colored pencil.

@@jnharton That's only true of uncompressed formats.

@@paulstelian97 The first and modt important part is technically still true, because unless the compression is lossy decompression restores the original. A different encoding of data doesn't mean you don't have the data.

@@jnharton PNG is the only often encountered lossless encoding soooooooo… there’s others like jpg or webp

"I used the picture to render the picture"

Almost anything that can crash the browser, could be used to run arbitrary code before crashing the browser.

Never assume that because something's modern, it's secure.

*ten years

@@aylen7062 True.

yes !! I created an EPS that exploited it to run regedit to disable the EPS rendering and show an alert stating "you are now safe" .. years later this got my website blocked by McAffee corporate firewalls for hosting malicious files 🙂 It was the easiest way for us to patch a lot of workstations :-)

People still make zipbombs today, if mostly for tinkering and not as much harm There's one that has a theoretical decompression size of like more than Google's entire infrastructure lol

..and that makes you "laugh my ass off"? OK then. And what have you come up with?

​@@johnc3403it's funny because he constantly refers to it as this incredibly complex algorithm. I don't think he's trying to diminish the achievement in any way.

@@johnc3403 In azertyq's defense, I did also chuckle when he called Huffman Encoding super complex, because it's taught in undergraduate CS programs. After laughing, though, I did realize that most of LLL's audience likely lacks a degree in the field.

@@dagomara8380 just like anything else, its complicated unless you understand it

Huffman? WebP uses Huffman? Ugh... I thought we'd move on from that. Huffman was fine in its day, but we can do better now.

In your next lesson you learn that Huffman coding has been largely replaced by arithmetic coding, which is more complicated but can achieve better compression.

It was Epona's (the horse's) name, not Link's (the hero's) that was used as the bootstrap.

Dead internet theory

@@ramtennae it was scheduled but now it's gone. He's live right now on twitch though so maybe he changed plans/will be starting it later

It's a good format. Very efficient encoding (small file size) and high image quality. A programming error in one implementation has nothing to do with that.

​@@LightTheMars​ I think the main reason people hate it is because it's annoying to work with. By default it will open in a browser, generaly speaking you cannot copy/paste it from a webpage, and a lot of softwares do not even know the format. It's efficient and the gain is obvious for big web companies that want to reduce servers cost, but for the simple mortals like us it's just an additionnal step to download/upload/modify an image.

​@@pierrotA it's annoying because big tech makes some software that doesn't support their own file format conspiracy? At least back in the day it felt like they didn't support .ogg files out of malice

It's a PNG with a size of JPEG. I think it's annoying to work with, but useful.

​@@pierrotAIt's not .webp's fault if the user has failed to install software that can handle a file format that's been around since before I suspect that kind of user must have been born.

Flatpak sort of does this on Linux

You don't need containerization to achieve a reasonable degree of security. Buffer overflows can only compromise memory that the executing program with the "bug" actually has access to write. If that isn't the case, your program would a segmentation fault and crash. So if you just don't give a program more permissions than it needs to do it's job that reduces the risk considerably. This is precisely why you almost never login as root (super user) on a Unix/Linux system and you don't run background processes as root unless absolutely necessary.

MacOS is a bit of a fun case. It does support isolation, but it's not obvious to the user which apps are running with the capability sandbox and which aren't. Add to that, they added some vulnerabilities to the sandbox configuration of some apps (notably, ms office) that can be exploited to achieve complete and persistent system takeover. There are operating systems that can provably isolate applications and safely delegate permissions to them; these are known as object-capability systems. SculptOS and Fuchsia are some attempts to explore this area, although there are a lot of mainframe operating systems that already meet this standard.

Imagine that you want to load a huge image... most likely you can already see how it loads slowly, row by row or column by column. Now imagine they had bounds checking in there as well, and there's a recipe to make you switch back to dial-up...

Checking the size of a variable and continuing or not, is literally a few CPU clock cycles, so the speed penalty for this would be expressed in nanoseconds. You could confidently say there would be no extra time added by this check, although if you had to check and re-check multiple times, this could become microseconds, but still an absolutely tiny amount of time. I think the developers simply thought it's not necessary and skipped it.

@@TheRadiastral Do you know why Tim Berners-Lee regrets including the "//" part of the URI in the HTTP protocol? It's just 2 keypresses, not that hard right...?

LOL oops

the operating system is responsible for allocating the memory and giving it to the program. what the program does with the memory is up to it. the operating system only intervenes when the program tries to access memory that doesn't belong to it or that the program itself asked the operating system to be protected.

It's a bit more than that. The NSO is an Israeli organisation that specialises in making malwares/spywares that they can sell to governments to allow them to spy on individuals, cyber warfare basically. And as you may guess, there is a lot, and I mean A LOT of money to make worth the effort

They really most do it for money. Others having a bad day is just a sideeffect. This is why capital- (no, i am not gonna do an essay on how capitalism is bad. It just is)

@@no_name4796 I'd say it goes deeper than that. Right into human nature. History has proven that time and again, way before any ideology was born.

People like NSO don't do it for fun or just to be dicks they do it for absolute boatloads of government cash.

@@no_name4796 If you think people screwing over others for financial gain is a capitalist invention, you need to check out some more history.

Asking because I've seen rce vulns mentioned several times over the years but as a dev not working that low-level, my understanding is lacking.

@@potential900 remote code execution is dangerous because it allows an external agent to run software on your computer. any software. from a simple "hello world" program to something that could leak all of your private files to third parties and steal all of your passwords and basically anything stored in your machine. An attacker exploiting an RCE bug means it's literally using the bug to run unwanted software on your machine.

As no kind of expert, my understanding at the most basic level is, feeding a program/system/etc the right kind of garbage can make it enter unexpected states (ungraceful crashes, half-executed functions, etc). These unexpected states may leave the system in a place where it is not safeguarded in ways it would normally always be. For example, your car's battery died before you got a chance to lock the doors. Sure you can flip the manual locks if your car even has them, but then your alarm still doesn't work, so if someone DOES get in there's nothing left the car can do. So the subject of the video is more the vector of harm than the tool of harm; its the way in. Once you have access to the right things, you can make the infected system do whatever you want.

Often it involves overwriting a function's intended return address with the location of a hacker's payload code

I agree but that would be one slow CPU.

Same question

That's how you take years off your life... oh and you're not likely to make the code as bug-free OR efficient as the major libraries out there, instead you'd most likely end up with MORE bugs, MORE space and LESS speed!