Mediatek, more like mediarekt. blog.sonicwall... blog.coffinsec... 🏫 COURSES 🏫 Learn to code in C at lowlevel.academy 🔥 SOCIALS 🔥 Come hang out at lowlevel.tv
Пікірлер: 332
@LowLevel-TV3 сағат бұрын
now way haha lowlevel.academy is really cool !?
@paulmichaelfreedman83342 сағат бұрын
The community is divided about your name change. Here's my proposal for a compromise: Low Level Lear
@TremereTT2 сағат бұрын
Are range checks allways on in Rust plus they also exist for all kind of buffers?
@qriist18502 сағат бұрын
It's neat that you went to Twitchcon with the CEO of Jurassic Park. 🥰
@TechnoMinded-qp5in2 сағат бұрын
I think in the future businesses will run Linux servers and not Windows servers.
@plank_length_architect9539Сағат бұрын
Just out of interest. You provide good curses, but sadly, the only payment options are im gonna call them the American payment systems (cash app, visa, American bank). So to the question: will there ever be any other payment options ? (Seap, direct transfer, PayPal, etc) Anyways, nice video, always great content, and all of you have a great day.
@williamdrum98993 сағат бұрын
He dropped "learning" because it's been nearly half a century and people still haven't learned how not to index an array out of bounds
@LowLevel-TV3 сағат бұрын
HA
@amadzarak77463 сағат бұрын
This comment wins
@besterspieler22853 сағат бұрын
@@amadzarak7746 you win
@BastetFurry2 сағат бұрын
>still haven't learned how not to index an array out of bounds Some people should only program in BASIC, it won't let you write out of bounds, you have to fight and sabotage BASIC to do so.
@FinaISpartan2 сағат бұрын
Yeah... I think we should just collectively stick to bound-checked languages at this point...
@s_92803 сағат бұрын
He has stopped learning. There is nothing left to learn. He has reached the lowest level.
@LowLevel-TV3 сағат бұрын
it's true i am immortal
@AffectionateLocomotive3 сағат бұрын
🤨🤨🤨
@RokasSondaras3 сағат бұрын
Calling your level lowest possible is a huge compliment who understands it. :D
@false_positive3 сағат бұрын
they say you can't fall lower than binaries
@szaszm_3 сағат бұрын
I wonder if he's gonna correct the "I was right." video, where he was wrong.
@phloxpluto3 сағат бұрын
rip low level learning. you would've loved low level 😔
@agastyasanyal4026Сағат бұрын
Nah I was his classmate in school, everyone called him low level Even the teacher calls him low level
@Test_7493 сағат бұрын
low level is no longer learning
@valentinn35073 сағат бұрын
Yea, just low level content 😂 Nahh it‘s a fine name, the old one was good already tho.
@AffectionateLocomotive3 сағат бұрын
Brain is no longer braining.
@pluto84043 сағат бұрын
a new low
@BurgerKingHarkinian3 сағат бұрын
It's only downhill to a lower level from here
@wasshattereddreams2 сағат бұрын
bro's gonna make a surprise video showing a modern CPU through microscopes and find hardware vulnerabilities
@scientiac3 сағат бұрын
Aww, it's like when "it's okay to be smart" rebranded to "Be Smart" . Low level learning was quite good, low level is fine though. Low level learning is stuck on my tongue though it's so fun to say: lowlevellearning lowlevellearning
@pranjal37272 сағат бұрын
At this point, all IDEs and compilers should issue a warning for all memcpy, memmov and DMA operations if they do not have a length limit check immediately before it.
@angrydachshund2 сағат бұрын
Ten minutes later, the devs will disable those warnings at the project level, because obviously they are smart enough that their code does not have such bugs.
@garrickstokes2 сағат бұрын
@@angrydachshund That's what I do 👍
@pranjal3727Сағат бұрын
@@angrydachshund -Wno-warning-i-know-better
@moveonvillain1080Сағат бұрын
IDE alerts the FBI when you make such mistakes and you get swatted.
@bparker063 сағат бұрын
"you know it's being more openly monitored", why is there an assumption that most open source code is actually monitored?
@avarise56073 сағат бұрын
Its monitored, by like 2 people, dev and the gvmt agent on his way to make name with new fancy backdoor 😂
@tablettablete1863 сағат бұрын
@@avarise5607So 2 eyes now!
@benargee3 сағат бұрын
Most people confuse "it is monitored" with "it can be monitored"
@Minsk_Accords2 сағат бұрын
@@tablettablete186 better than 5 eyes
@rogo73302 сағат бұрын
For me, it's not about someone done audit on the code - it's about that you can torn thing out and replace it with something else, including your own binary.
@ImSquiggs3 сағат бұрын
Not sure how I feel about the rebrand, but I'm generally terrified of change, so even a KZbinr deciding to remove eight letters from their name can be too much for me sometimes, haha.
@LowLevel-TV3 сағат бұрын
I am too, but thats life :)
@crusaderanimation69672 сағат бұрын
Same, i have force awakening poster in my room, i haven't watch the movie (maybe snipptets on TV) i don't plan to since (from what i've heard) it's rather shitty movie, but i have it since middle school (or rather polish equivalent of there of) and i'm 22 in December so now removing it triggers my sentimentality
@joshxwho2 сағат бұрын
It's just a nice change it's a rebrand without the word A.I or Cloud afterwards. 😅
@moveonvillain1080Сағат бұрын
You have replaced about 330 billion cells in your body over the last 24 hours. You are not even the same person you were 30 minutes ago 😅
@squirlmy26 минут бұрын
@@moveonvillain1080 you are really only a story you tell to yourself, or rather your new self. Ponder. Time for beer!
@soyitiel3 сағат бұрын
next up: Low, just low
@collin45552 сағат бұрын
shorty got low
@MordecroxСағат бұрын
LPL: This is Lockpicking, and today... FW: Thanks for turning in for Forgotten, I'm iMac... And of course SteveMRE1988 becoming just Steve
@blauesaxolotlСағат бұрын
she hit the flo
Сағат бұрын
Vanilla OpenWRT is not affected by this, as it uses open source mt76 driver with hostapd. wapp is part of Mediatek's proprietary driver
@Lutz643 сағат бұрын
Who goes to new Jersey for vacation?
@RoachDoggJr4353 сағат бұрын
I hear the shore is a pretty exciting place
@angrydachshund2 сағат бұрын
You do if your priest assigned it as penance.
@NotMarkKnopfler2 сағат бұрын
Was thinking the same thing. Who would want to go on holiday anywhere in the USA (Montana being a notable exception!)... I'd rather spend a week in a septic tank 😅
@shreyansdoshi2 сағат бұрын
@@NotMarkKnopfler Upper Michigan, New Hampshire and Pacific Northwest are quite beautiful too.
@griffinfaulkner35142 сағат бұрын
@@Lutz64 I'll deal with the state if I get to see the ship.
@すどにむ3 сағат бұрын
The reason why lots of those "security features" like ASLR and oft mentioned IOMMU aren't enabled for low level things that interacts with real world is, because they're inconsistent against the real world they interact with. Lots of those makes jittery mess in terms of response times. Webdevs think those are just one click enables because Web is jittery mess anyway but not everything in the world is.
@ahmednishaal94322 сағат бұрын
@@すどにむ 🤣🤣🤣🤣
@da5e2 сағат бұрын
Might be showing my age, but WAP will always mean 'like the internet, on a Nokia 3310, but somehow worse than that implies' to me.
@zekicay2 сағат бұрын
Please stop referring to forks of OpenWrt as OpenWrt, it would be the same as referring to Mint, Zorin, Pop! as Ubuntu. OpenWrt is not vulnerable to this. Additionally OpenWrt 19.x and 21.x are no longer supported, but regardless they are not vulnerable as they are not using Mediatek's proprietary SDK - the only thing with the bug. The mitigations are available as they are used by default in OpenWrt and Mediatek forked from it.
@falsemcnuggethopeСағат бұрын
This. I've been clenching for a while because I thought I would need to patch my router before visiting the office. Turns out this is a complete non-story. Openwrt has nothing to do with this vuln. I will go and release my babies now.
@IceAce1Сағат бұрын
It's pretty surprising how low level the fact checking is on this channel.
@ozzelot33493 сағат бұрын
A MediaTek chip has a hole in it. The world yawns.
@tranthien39322 сағат бұрын
Ed: *Drop "Learning"* Literally Everyone: My Disappointment is Immeasurable and My Day is Ruined.
@AnEntityBrowsingYTСағат бұрын
SHARP suit my dude
@Audacity_693 сағат бұрын
Having a good day LLL releases a new vid Misery resumes
@kyeeehehe2 сағат бұрын
Having a good day LL releases a new vid Misery resumes
@GREG_WHEREISTHEMAYO2 сағат бұрын
Actually 🤓☝️ it’s LL now Edit: Nooo someone beat me to it
@Иіск3 сағат бұрын
I understand why you rebranded to Low Level. However, my 2 cents is that I prefer Low Level Learning😔
@saturten3 сағат бұрын
in my head this guy will forever be the tech bro version of nick from the yard
@Scriabin_fan3 сағат бұрын
Next rebrand: Low
@pluto84043 сағат бұрын
thats too hard to say. Next Next rebrand: L
@MacDKB3 сағат бұрын
After that, "L".
@tayzonday2 сағат бұрын
“Low Level Learning” speaks to SEO and reconciling your content vertical with viewer behavioral telemetry. Both might be more important than reconciling your content with how humans parse ease and memorability.
@9hoot7892 сағат бұрын
Low Level Learning is both easy to remember and has a better ring to it, I really can't see any pros to dropping it, like, at all.
@Ironically-Sarcastic2 сағат бұрын
Bro have you been hacked? What are you talking about? You starting a new "Tay SEO Tips" channel or something, and you're testing the waters in the KZbin comments?
@KMRamirezСағат бұрын
@@9hoot789 he is referring to discovery by search engines and recommendation algorithms, as opposed to traditional branding/word of mouth
@balsalmalberto8086Сағат бұрын
Keep bringing us that chocolate rain the comments bro.
@mskiptr2 сағат бұрын
> use software provided by your hw vendor > get bad quality code who would expect that…
@mskiptr2 сағат бұрын
and that is why we should push for FOSS firmware
@poglavicas3 сағат бұрын
This only applies to stock factory drivers, not opensource ones.
@Afif871233 сағат бұрын
atleast this forces mediatek to push updates to their old network cards, mine haven't gotten new one in the last like 2 years lol
@falsemcnuggethopeСағат бұрын
Imagine how many new holes they will introduce
@q1joe2 сағат бұрын
The real shock here is SonicWall found this.
@_JohnHammond52 минут бұрын
no more learning? stooping to this level is pretty low, double L
@ryogo_kurogane3 сағат бұрын
like petition to turn back to Low Level Learning (please dont ban me i love your videos)
@Serversurferz3 сағат бұрын
It had a nice ring to it for sure
@user-qr4jf4tv2x3 сағат бұрын
Low Level: i'm beneath you but nothing is beneath me
@paulmichaelfreedman83342 сағат бұрын
Behold the Underminerrrrrrrr
@rayane98973 сағат бұрын
Always whenever he goes to vacation something like that happens.
@DegradationDomain_stuff2 сағат бұрын
You should start writing an OS in Rust. That would be sick! This can become THE THEME of this channel, a pinnacle of "Low Level Learning" so to speak.
@rursus83543 сағат бұрын
I think the problem is burritos. Whenever you eat a burrito, Internet will crash, AI will crash, some plane somewhere will crash. Burritos are dangerous.
@MrSlm19822 сағат бұрын
"On vacation in New Jersey".... I don't understand that sentence... They are English words but don't make sense in that order 😂
@Kiyuja3 сағат бұрын
gotta love the "but what would Rust do?", this never gets old.
@edinatl20082 сағат бұрын
Might use your courses for CPEs, looks dope.
@foobarf87663 сағат бұрын
Before assignment check the length, it should be easy. Should...
@shrill_kill9929Сағат бұрын
Even the fire tv stick is affected.
@CentreMetre2 сағат бұрын
Thank you for sacrificing you vacation days for the sake of stopping any more computer security vulnerabilities appearing .
@arashai3 сағат бұрын
What’s with the super clickbait titles these days? Love the channel but feels bad, man.
@avarise56073 сағат бұрын
Blame is on you for getting baited, not the author on using it. You got free will, use it
@BurgerKingHarkinian3 сағат бұрын
@@avarise5607trash take. You can like a video and still hate the thumbnail. Boycotting a video that you think you might like just because of the thumbnail is a bit extreme, don't you think?
@dallinyauney31313 сағат бұрын
I was so happy when you stopped saying "Hi my name is Low Level Learning" and transitioned to "Hi my name is Ed," and honestly this is still better than introducing yourself as the channel name
@toperri3 сағат бұрын
bro became a god he doesnt need to learn anymore lol
@SourceCodeDeleted2 сағат бұрын
Man, you make me want to return to reversing again...
@chuckcrizer2 сағат бұрын
Code from a chipset mfg is just sample or test code, it is never meant to be used in a production environment. Such code often doesn't have bounds checking or full error handling. Many are written in plain K&R style C for simplicity.
@LSSTmusicСағат бұрын
i swear to god people in the cybersecurity world make up the most nonsense names for stuff possible lmao
@themichaelwСағат бұрын
Rust boys will have a field day with this one
@privacyvalued4134Сағат бұрын
What annoys me is that the articles just list the chipsets affected, not actual devices with the chipset in it nor which device firmwares are confirmed to be affected. Ubiquity, for example, claims they are immune to this issue despite being called out specifically in the articles. That creates confusion and makes it a LOT harder to determine what devices are actually affected. Nor do the articles provide any directions to mitigate either. I don't think I'm affected by this but I have no way to figure it out definitively either way.
@falsemcnuggethope58 минут бұрын
It also claims that certain OpenWRT versions are vulnerable even though they don't even ship the vulnerable code.
@ssmith50483 сағат бұрын
sure.... no coincidence at all that these seem to overlap with your absences.... not sus at all
@ottergauze2 сағат бұрын
Low Level when High Level walks in:
@chazzer59683 сағат бұрын
If you stop going on vacation, vulns will be solved!
@mastersingletonСағат бұрын
The following three WiFi 6 Routers released in 2020/2021 features the combination of MediaTek's MT7621A network accelerator and the affected MT7915 Wi-Fi 6 connectivity platform are as follows: - D-Link AXO AX1800 (DIR-X1860) - TP-Link Archer AX20 (AX1800 Dual-Band Wi-Fi 6 Router) released exclusively in China - Buffalo AX1800 (WSR-1800AX4) released exclusively in Japan Check if you own any of the aforementioned routers and please update its firmware ASAP to the latest version that patches up this vulnerability; if its not available then replace them with a WiFi 6E Router that features either a Broadcom or Qualcomm WiFi 6E SoC.
@jaysonrees738Сағат бұрын
Today I learned that my WAP has an Atheros chipset in it.
@jaybrooks10983 сағат бұрын
Mediatek is in a lot of consumer routers.. Linksys/belkin/tp use this router. Meditek is an arm processor /soc made by the CCP
@moetocafe2 сағат бұрын
Not a very practical vulnerability in terms of mass exploitation in the wild. But perfect for targeted attacks. However, it doesn't affect that many devices and only the unpatched.
@LibreGlider3 сағат бұрын
Not that WAP, I'll allow it... 10/10
@ralphandre44382 сағат бұрын
“Not that Wap” 😂😂
@TechnoMinded-qp5in2 сағат бұрын
Daemon in Christianity translates to DEMON maybe they shouldn't let DEMONS work on computers who don't know what they're doing.
@rafaelfigfigueiredo29882 сағат бұрын
I appreciate dropping the learning because I felt bad at myself for not understanding a thing even when it's dummy simple
@peterwassmuth40143 сағат бұрын
Awesome Thank you for Sharing 💯✴
@Fataha223 сағат бұрын
Frick, my router use mtk 7621
@Xetarine2 сағат бұрын
Same, but it's not running 21.02 nor has any wifi functionality, so...
@falsemcnuggethope59 минут бұрын
if you use openwrt, you're in the clear.
@cj12962 сағат бұрын
Correlation does not mean causation. Take time off when needed😁
@nonlinearsound-0012 сағат бұрын
Ah well... gcc v12 even has a static analyzer built into it and optimization switches, that always have been in all those compilers for years give you compiler warnings based on bounds checks. Build it into your pipeline before building your release and already a lot of your mistakes are being detected for you.
@AnWe792 сағат бұрын
Goes to show you're never completely safe. I think my AP uses that SOC, time to build a new OpenWRT image I guess. (I live in the sticks with one neighbour, so I'm not super worried. They'd have to be on my lawn (not LAN) to exploit...) FPGA open IP SoC routers/APs when? I guess I'll have to roll up my sleves and actually learn Verilog someday...
@pfred_3 сағат бұрын
The thumbnail feels like clickbait. Why mention openwrt when its a mediatek vuln?
@falsemcnuggethopeСағат бұрын
The blog post used as a reference seems to have the same misinformation.
@掇3 сағат бұрын
this channel is one of my favorite to watch. im 16 and i like computers
@rosehogenson13983 сағат бұрын
computers, Pog
@PhrontDoor2 сағат бұрын
The year is well beyond 2000... Why are we still pointing to memory in code like this? Why are we still doing mem copy, mem-move and depending on the passed LENGTH of the 'buffers' to be correct?! That was 'acceptable' in old ghetto crunk c/c++ code when we didn't care if crap crashed. If you have code that is anything more critical than a retro mario-game clone running on a phone, then KNOCK THAT OFF!
@garrettrinquest16053 сағат бұрын
I like the old name better personally
@9hoot7892 сағат бұрын
I'm pretty sure most people do, I dont understand the need to change it
@blehbleh9283Сағат бұрын
Openwrt in thumbnail but more like a mediatek vuln which is scarier
@falsemcnuggethope57 минут бұрын
OpenWRT is not even affected.
@3d1e002 сағат бұрын
I really want a Burrito...
@xerox13ster3 сағат бұрын
Not taking any sick days either, huh? You look and sound sick as hell in this vid. I had to bounce a third of the way through the video (buffer overflow) because my lizard brain started screaming internally that "this person is sick get away GET AWAY"
@monkemode81283 сағат бұрын
low iq comment (i have an iq of 150)
@Чумак-щ8и3 сағат бұрын
Another day another vulnerability
@ich68853 сағат бұрын
That video title made me a bit nervous 😅
@drdoubleU3 сағат бұрын
love the rebrand, channel feels more down to earth, more personal
@mychannelforfun55233 сағат бұрын
When is the patch coming out for pegasus 😂😂😂
@phlm2 сағат бұрын
Lol. I thought it was a second channel, also noticed I wasn't subscribed
@JS-ii3rn2 сағат бұрын
Hey @LLL, because of your lifetime offer I WILL buy this offer (promise) because I’d love to learn about this and from you. I am a bit worried about the quality and continuance of the future courses. Maybe you can get others like Prime to make a course on embedded programming in zig etc. to keep up the quality and engagement.?
@dafoex2 сағат бұрын
I'm not a fan of the Rust politics, either. It feels like veganism, just as many people complaining about shrieking vegans as there are vegans shrieking at carnivores.
@royalcanadianbearforce98413 сағат бұрын
Oh phew, my ancient RT-AC66U's are still safe(NOT).
@BurgerKingHarkinian3 сағат бұрын
Good enough
@framegrace1Сағат бұрын
Rust is like those plastic handles some nails have so you can place it perfectly straight and never hit your fingers. Is a nice tool that solves a problem no professional user ever had. The problem is not the tool. The problem is that people that NEEDS those tools are working as a profesional contractors. And this people will harm themselves with the hammer, even with the help.
@RustIsWinning50 минут бұрын
The problem is that your tool is outdated. Rust is winning. Get over it.
@slowdownexСағат бұрын
"no, not that WAP" ... Ight, I'm out of here. Peace. ✌️😂
@nosidenoside24582 сағат бұрын
They discovered a CIA backdoor 😔
@happykill1233 сағат бұрын
Rip LLL
@samiraperi4673 сағат бұрын
You do know that "remote RCE" is redundant, right? :)
@9hoot7892 сағат бұрын
Gotta say I'm not a fan of dropping the Learning part of the name. It no longer has a ring to it. And is potentially more confusing to new viewers. Maybe that's just me though
@Brahvim3 сағат бұрын
Mr. Ed! Please bring the _channel PFP_ back!
@davidli89363 сағат бұрын
I think this means you should go on more vacations, so that more exploits come up and you'd have more content to cover lol
@Brixster2 сағат бұрын
Low Level Learning fell off. He has truly reached the Lowest Level of his career. Truly a shame for the entire programming community. Maybe the level is only up from here? When is Python Learning going to start?
@TarodenaroСағат бұрын
Are you going to do another "Low Level Rizz" again with that denying woman for each shorts? that was funny.
@thomaswesleyscott45552 сағат бұрын
You should just announce you're going on vacation every week - guaranteed work and video fodder!
@RobertFletcherOBE3 сағат бұрын
I'm not mad about the re-brand but It wont stop me watching and if it helps you that's awesome! It does make me feel a bit sad about humanity though, especially if the word learning was scaring off viewers. Good luck with the channel man, your videos are always fascinating and informative.
@sparquisdesade3 сағат бұрын
Well... that's certainly some news... If you'll excuse me.... * Ron swanson throws computer into dumpster dot gif *
@zxami3 сағат бұрын
Oh no! I lost my chance to learn anything!
@dima136932 сағат бұрын
Hey, do you have a recommendation on what router hardware and software to use in this unsecure landscape?
@dj_chateau2 сағат бұрын
Every video: Have you used Rust? 🙄
@rodneynsubuga62753 сағат бұрын
Rust would not catch this
@RustIsWinning3 сағат бұрын
Incorrect.
@ShimrraJamaane2 сағат бұрын
He just explained how Rust would catch it, resulting in a panic, turning it from an RCE into a DoS.
@tom23rd3 сағат бұрын
Being from NJ I can say "there's your problem" lol
@LowLevel-TV3 сағат бұрын
same
@NoProblem762 сағат бұрын
yep you're solely responsible for all the CVE discoveries
@IronCandyNotes3 сағат бұрын
You piece of code! Ack!
@hasecilu2 сағат бұрын
downgrade from LLL to LL
@hansisbrucker8132 сағат бұрын
You talk a lot about Rust, however I have been looking into Ada lately. What do you think of that language? 🤔
@ShimrraJamaane2 сағат бұрын
Ada is a great memory-safe language for mission critical embedded systems like avionics. Rust is a great all-purpose, memory-safe language.