Fun fact, at my work, if we are dealing with incredibly sensitive information, the protocol is to be in a locked room with no computers, and writing stuff on paper, possibly using a typewriter.
Great I can hack that by using the fast fourier transform series machine learning and audio recordings of the typewriter button taps to decode any messages
ridiculous. Sounds like your company has trust issues and doesn’t trust their existing security protocols. Hopefully everyone threw away the papers afterwards and no one talks about the stuff outside that building.
same we write all orders on pen and paper, then bring them to the kitchen staff to be prepared It's sensitive because we write user information on the paper (usually comments on their appearance to remember them when we get to the table) We also don't have computers, but because they're expensive Hopefully we can buy a new spatula before the end of the year
I would like to share a fun fact that is tangential to the five eyes stuff. In the 90s there was a dutch anarchist/squat terrorist group called Rara (only targeting material, not people) that was watched by the dutch security agencies. After a while the dutch BVD (sec agency) realized that their observation squads were being. Observed. As it turns out, the group RaRa realised they were being watched and had set up 'contra observation groups', they were able to decode a lot of the BVD communication channels (as in, multiple kinds of devices, used for different forms of communications), had identified safe houses by cross-referencing those communications and they even ended up placing bugs on the observation cars of the BVD. This ended up with the BVD stopping their observations out of fear of Rara aqcuiring even more information. Imagine being a CIA agent and getting out CIA'd by a bunch of stinky punks. such a funny story
This video was sick, well done. It's pretty hard to fit something as broad as cybersecurity into an iceberg video, but I think you captured it well. Honestly, I think doing a deepdive into some of the more interesting topics from this list would be a good idea if you're looking for what other people are gonna want to watch. I feel like there's not enough channels that dive into the history of cyber.
@@7alen7I feel bad, my Dad works in IT at a law firm and not only are the lawyers there some of the least tech savvy people he or I have ever interacted with, but nearly every single system, around 400 computers, got hit. Him and like four other IT guys had to go around the entire three floor office space and do the manual fix.
Watching this as someone whose general knowledge of this iceberg ended in Level 2 with occasional spots later on, I was reminded of something William Gibson, author of Neuromancer, said. When he was writing the book back in the '80s, he had said he got the inspiration for the slang and lingo present in the now cyperbunk cult classic from listening to people's conversations. He described two of them being when he was listening to an ambulance driver, using the word 'flatline' as a verb to describe someone dying in an ambulance. The other was when he was listening to two computer software employees, and they were talking about some virus program. From there, he created the wonderfully flavorful and exotic slang present in Neuromancer that is now present in nearly all cyberpunk media. Gibson had never even touched a computer until after Neuromancer was published. I got the same feeling as Gibson listening to those two software employees watching this video. There were so many acronyms, events, phrases, and terms in the video that sounded like pure sci-fi at times. Excellent video. It was extremely informative. Thank you for taking the time to make this.
Nice. Very nice. You pretty much summed up the most important events of the last decade. What you could add when talking about password hashes in databases is that they are more often salted in respectable enterprise software and then explain what that means.
Cool vid, the Solomon seal I've often thought about.. We inscribe etchings on motherboards, make crystals think, have daemons that do processes for us, and we conjure light on a black mirror. MIT have that programming book too that leans heavily into the magician/conjurer perspective. Truly modern day terms applied to magic.
Just to correct something. The term “Nigerian prince” and the associated scams are used all over the world and the country “Nigeria” takes the fall for hackers all over the world
That’s because Nigeria is one of the top countries for scammers. This is because of Socioeconomic and the limited access to jobs due to poverty, and unemployment. There’s also large organized groups of scammers from and in Nigeria that include necessary infrastructure and resources, as well as protection to carry out there fraudulent activities. Just look at the statistics and then come back to me.
All the stats also power states like north Korea, Russia, eastern Europe states, certain "first world" countries and south asian countries. Scamming isn't a new thing and there are large organized crime syndicates everywhere, even in the glorious United States of America. None of the top 10 hacker groups responsible for billions of lost funds yeartly are from Nigeria, yet bloggers and the likes continue to churn stats they read from fellow unreliable sites. While hackers in north Korea and the likes get less scrutiny for their actions.@@Lightnang_
This was a well done video! Great topics, too. Personally, I create videogame 'hacks' to modify things in-game. I don't release them to the public, nor do I do it for multiplayer games. I usually do it when I'm done with a game, and wanna mess around. Infinite gold! etc. Or if I'm stuck, for some reason. Stuck in a wall? Just... teleport out. :) It's very interesting to me, because I can guess/see how the developers designed their game, etc. (I also have fun making games) It's kinda fun, honestly. Also nice voice btw.
Hacks for single player games are 100% ok by me. I think back to the days of using absurd cheats in GTA to mess around for a bit. If a game doesn't have those options, might as well create your own to get more enjoyment out of it :)
Baller video with great quality. Im actually studying for the security plus currently and starting as a Network Admin next month as well. Was actually on a study break when I came across this and found it awesome while also being kinda informative, well done sir.
I've been struggling with my Cybersecurity schoolwork, and I'm almost "done"... but it feels like I didn't know any of the concepts in their simplest form/summary. This video gives me a beautiful foundation to use the other skills they taught me. Thanks.
This is the coolest thing ever. I love cybersecurity stuff like this that talks high level but takes the time to explain acronyms etc. Amazing job, my friend. Definitely worth the like, sub, and share for sure.
I’m so glad you made an iceberg for cyber!! These are helpful to zoom out and remember why you love this field so much. Thank you for this, it was very well made!
This iceberg was extremely informative and each entry was explained very well. Thank you for making this, I am definitely going to go down a rabbit hole with some these topics lol
This is awesome, I've been following cyber for several years but haven't broken in really. Glad to see I know a lot or most of these entries and that there's a lot in here that's brand new to me Would love to see a continuation or maybe individualized icebergs like "red team iceberg" etc
@<a href="#" class="seekto" data-time="60">1:00</a>:00 I believe the hacking typewriters refers to the Russian hacking of US type writers in the Moscow embassy.
@<a href="#" class="seekto" data-time="1358">22:38</a> Bitcoin is not an anonymous banking system, every crypto exchange requires your ID and every transaction is on the ledger. The only "true" anonymous way for crypto are the ones you mine yourself and with wallets that have no connection to any PII.
I was doing a shot game where if I didn't know a term I had to take a shot. I'm sitting here at 1 am on a Friday completely sober. I may need to touch some grass.
You earned a sub! This video is absolutely amazing, this is the only privacy, cybersecurity related iceberg that I’ve found. I watched it from start to end. Loved the information and the way you explained it. Looking forward to more videos made by you! Have a great day! ❤🎉
one of the nastiest attacks are ones that silentinstall a ip tunnel tool and uses your machine as exit node for filesharing... the copyright lawsuit fines aggainst the exitnode user are huge because they think he is the filesharer
Hi! Cool video. Just one thing to clarify, there are ways to make things zero-risk, but it usually involves making the information inaccessible to everyone including yourself, which oftentimes defeats the purpose of having the information in the first place.
This was great. I really want to know more about Solomon's Seal. It seems like it's just a meme and no one really talked about it much beyond that, though :(
<a href="#" class="seekto" data-time="2989">49:49</a> Being Turing complete is different from passing the Turing test. Being Turing complete requires the thing to be able to simulate a Turing machine. And a Turing machine is a simple machine that can implement any computer algorithm. For example, Minecraft and Conway's Game of Life are both Turing complete, but they don't really pass the Turing test.
thank you for making this video! im gonna be majoring in cybersecurity engineering, so its cool to learn about the history and interesting tidbits of cybersec lore
I absolutely love icebergs because a lot of them are interesting, but if you watch any sort of documentary or investigation, depending on the topic like it’s iceberg so it needs it. I just wish they would add more things sometimes that may not be as well-known.
Empty internet theory is nothing compared to the empty NPC people walking around this realm, making things annoying for souls trying to escape this matrix.
Loved the vid. You have a nice channel. That red shirt survivor in the meat plant from @<a href="#" class="seekto" data-time="1932">32:12</a> to @<a href="#" class="seekto" data-time="2778">46:18</a> was SCHMIXING you though :P
So, in short, everything is hackable which reminds of: "your chance of X is small, but never 0", which is classic meme of: "so, you are telling me, there is still a chance?". Great video, btw.
This was a great video, I wish I had this as a chill learning video when studying for my CISSP haha. Any suggestions on how to break into the market? Worked in IT for 8 years just having a hard time getting into cyber.
<a href="#" class="seekto" data-time="2995">49:55</a>, Turing complete has to do with Turing machines and systems and languages! Not with the Turing test!
this is a great video - any tips for how you got into the field, i’ve been studying and getting a bachelors but struggling for lower end positions like help desk
It's tricky to get into for sure - never forget that cyber isn't an entry level field, which makes it tricky to break in to. Main advice for how I got into the field is kinda multilayered, but most importantly is going to be either having certs or demonstrating a passion for the field outside of school. Second is meeting people who are already in companies that are hiring. During my last year in college, I didn't have any certs as I had no money to pay for the tests lol, but I had a public github, a public HTB account, and some other work outside of school to demonstrate to potential employers that I had a passion for the field beyond bookwork. If I were to recommend a starting point, get some certs under your belt. Sec+ is the obvious go to, but if money is an issue I believe ISC2 has a free certification exam and training you can take for a limited time.
<a href="#" class="seekto" data-time="586">9:46</a> The DIA does everything you think the NSA/CIA does. NSA just collects data and pools it, DIA and CIA and everybody else just analyze it. A separate agency deals with satellites and another deals with taking satellite data and turning it into maps.
Dude, this is exactly my type of video to watch. Cybersecurity is a passion of mine - as a software engineer. I like the Reddit approach to talking about the lore of cybersecurity haha.
Sec+, CySA+, Pentest+, CISSP, OSCP, and AWS cloud foundations - the last I only took because a professor in grad school was willing to pay for it. Honestly, depends on the route you want to take. Sec+ is a solid foundation, and most jobs will require or prefer CISSP at some point, even though that's a more management level cert. If you're blue team, go for CySA+ if you want though it isn't super necessary, and for red team I'd recommend going for OSCP. Pentest+ is ok, but only worth it when they have a beta going on (like right now! only $50!), otherwise I'd go for OSCP, or maybe eJPT if your skills aren't quite there yet. More than anything, certs don't matter if you don't have the skills to back it up. Likewise, if you have 10+ years as a pen-tester then getting sec+ really won't do anything for you. P.S., I know it's a meme at this point, but I wouldn't bother with CEH. It'll get you past HR firewalls, but most technical people know it doesn't mean much, and it's waaay to expensive.
Cool video! In my experience, thought the PS3 ECDSA 2011 hack was something pretty niche and e.g. the Five Eyes are pretty well known, but maybe it's different for each bubble :D
<a href="#" class="seekto" data-time="1605">26:45</a> I assume this was simply misspeak, but asymmetric encryption is really only used for the handshake and symmetric key exchange (ECDHE). Once the HTTPS connection is established, it’s all symmetric encryption (AES/ChaCha).
Besides "in Minecraft" there's also "in GTA" but it's mostly used by content creators and twitch streamers to dodge potentially violating terms of service regarding the incitement of criminal acts. In GTA of course.
Great video man. As a fellow security worker this was a great listen. Especially the stuff about ICS as I’m interested in pivoting towards industrial defense.
Okay so with the Microsoft China thing: The business is segmented. China wings of major US corporations like Microsoft, Apple, etc. all have shell companies incorporated in China. Their networks are not in any way connected to our networks in the rest of the world. Perfect example: Azure China. I think it's run by some Chinese data center company and is isolated from the rest of Azure. Edit: the argument about vulnerabilities is interesting, but then that's a dilemma of whether or not we want to provide the software to them to prod
@@TheRU-vidG.O.A.T start learning how networks and IT infrastructure operate. It's really hard to protect or attack something if you aren't sure how it works!
^ This is the best advice you’ll get. You can’t secure what you don’t understand. I work as an information security officer (ISO) and say this to everyone looking to get into cybersecurity.
I’ve always had an interest in the world of cyber security. It’s just so incredible what can be done! I give props to anyone that can learn this skill because this shit is hard.