you can get the dislike button back w an extension, but I agree that youtube shouldn't have removed it in the first place. Not everyone knows that you can even get them back and dislikes can be crucial information in cases like this
Yeah, and they even had the gall to make a video saying some nonsense like "before you claim you know something, you should check the other side" trying to say that all users complaining about the removal of the dislike button don't know what they are talking about.
I said the same thing about the removal of the dislike counter. I knew scammers would take advantage of it. Susan's actions are allowing malware to spread, but it's okay as along as the "creators" don't have to worry about that dislike counter that they strangely can still see. However, I get this feeling that youtube would double down on it instead of bringing it back by say creating a new rule they can ban people for and use to censor more creators or something like that.
That's precisely it. Creators can still see the dislike, but no one else can. So which "creators" does this benefit? Big corporations. Their feels won't be hurt by big thumbs down, but they can definitely benefit from burying any negative public perception their skeezy actions might bring about.
Imagine having incredibly valuable state secrets worthy your weight in antimatter and giving them away for payments of an Uber ride and your monthly paycheck. That's the dumbest spy in existence and it's a shame for our species
To be fair he wasnt a spy. He was just someone who worked at the CIA with (claimed) misconfigured credentials that gave him access to documents he wasnt supposed to. Coulda been a custodian for all we know.
You forgot thar part where he was 250k in debt. How dumb do you have to be to do that. Also, in all fairness, it's not a shame to our species. Because at least you can say most people would have more common sence than this #1 Not going into massive debt, #2 Being a traitor to your country just to get out of debt.
For real, I'd get the documents on a thumb drive up my ass and get to motherfucking Russia by any means necessary... People would _kill_ for that information... Maybe people _have..._ Man, I am realizing how boring would a spy thriller be in the 2020s...
Oh I learned from high school never to trust a shortcut. I used to replace the internet shortcuts on the School PCs with the shut down prompt. Was hilarious to watch even the teachers losing their minds because they think someone is actively hacking the computer 🤣
I use to make batch files that still opened the original program but put a shutdown timer so the person would be actively in the middle of what they opened and go “wtf”, as it shut down I miss trolling the school computers
I disguised a .bat file with the simple command "shutdown -f" I changed the icon to that of a folder, and titled it "Fun Games". The server admin clicked on my .bat file while logged in as admin; shutting down the network for all the schools within the county. I was pulled out of class and the head IT guy asked me how to remove the "virus". I told him to just click on it once and press delete. I was banned from computers for the rest of the year.
That app mode is a horrible idea open to tons of abuse - it should always show the URL somewhere in the UI - but at least they are making it harder to block ads for "security" purposes.
The idea of app mode is to make a web app appear like a native app. It should not show the URL, same as PWA for phones. As for extensions, they're disabled by default but they can work in app mode.
@@LetrixAR Yea besides it obviously being ripe for abuse, I don't see the real need from a user POV for an easy lazy way to make web pages appear to be apps. It's another user hostile invention. Zero gain in functionality for the user but they lose a lot (all the normal browser functions which become inaccessible). All so the developer can pretend they developed an app when they didn't. There's plenty of tools for wrapping websites as "apps" already if that's what they are after so there's no need for it to be built into chromium.
@@LetrixAR It's a terrible idea, either malicious or just out of stupidity. There is NO reason why the "app mode" should be able to hide that it is just a browser window. There should be some kind of indication, it doesn't need to be intrusive but it should still be obvious.
There's probably at least 9 other people whose done the same thing as mr. Dalke and gotten away with it because they chose to be patient and had good opsec. Then there's the 10th person who gets themselves caught because they just can't keep their mouth shut.
Of course. It is a part of espionage. This is why they use methods such as compartmentalisation but this story was interesting in that the guy claimed to have access to things that he shouldn't have had access to. I can't understand why he would be so careless though. He was obviously desperate for the money so was this a gambling debt or something? It would explain the totally reckless behaviour and the scenario itself, in which you'd imagine that even a non-tech savvy person would surely have more sense. Randomly sending out emails trying to contact the FSB sounds like something out of a comedy film. Or like the old: "Hi, I would like to purchase some of your finest illegal drugs, if possible." How did this guy get a job at the NSA?
So who is behind the dodgy Tor channel? Chinese government? Dissidents? CIA? Triad? Random hackers? It is horrible but you've gotta give them credit, it is an incredibly effective blackmail operation.
Cyber security gives me a headache! Seems like there is nothing you can really do in the end to eliminate the risk of your online activities or sensitive data being acquired by someone else. You can only mitigate the chances...
I think sticking to the basics is the safest option. But that window feature that lets the attacker hides the url is almost impossible to catch for an average user. Chrome is really not doing much to protect their users
Most of internet security for the everyday person is just avoiding suspicious links tbh, if you can avoid phishing links/pop ups/phone calls and avoid downloading and running malwar your good. The only thing you can do about things out of your control like data breaches is to use different strong passwords for every account you have and use 2FA when offered (idealy one that isn't text based)
@@TtEL If they want to monitor you, they don't need the internet. They can install key loggers on your computers when you aren't home, bug your house, etc.
But even they can download it from multiple sources that are more trustworthy than a fcking youtube video link that leads to to some random URL. There's really no excuse for that level of stupidity.
@Strange Daze You mean ToR as a technology/concept? Because unless they have a backdoor to a specific browser or node (which they have a lot of and is a different discussion) one can't really place a backdoor on it. That's like saying the Germans must have a backdoor(?) to self isolating rocket guidance, as they made it and now nobody can launch self guiding missiles without Germany's approval.
@Strange Daze Bruh, what? Of course torproject could add a backdoor to a tor browser they have made. US navy _didn't_ make that tor browser, only the core idea of onion routing, thus they can't just have some magical right to a backdoor on the browser made by torproject (which is open source, BTW). That's like saying Henry Ford has a backdoor to your car and can lock up your steering whenever he wants, because he came up with the idea of assembly line production of cars (which is how your car was made). Not the people who made the electronics, the brand owner of your car or the dude who sold it to you, but Henry Ford. For my sanity, I hope you're just a stellar gift at playing the idiot.
I find it interesting that the functionality for chromium apps lends itself so well for phishing and malware related attacks on the public. I mean, such an easy exploit almost sounds made on purpose...
C:\WINDOWS was the pioneer of dodgy on purpose. No user/system partition separation, like most other systems used? No reasonable attempt at permissions? Not until XP SP3 and UAC and it was broken all of Vista. Billy boy is the OG.
@@CrazyKevin22 To be honest Google should be thrown out of the Chromium project. They are just a soulless corp trying to use their majority to fix non-existant issues.
@@theheavenlyoption I don't know how to respond to something so unintelligent. What makes you think they would choose not to spy on someone, they spy on their own people and everyone they can get information on! You never know who might become useful to extort in the future! You are not thinking, either shilling or cattle! I hope for your sake that you're the former!
@@festerbutt No, it makes more sense that it's the Chinese government spying on their own citizens who trying to evade their watchful eye and censorship laws. The Chinese government already has many propaganda channels on RU-vid.
@@theheavenlyoption google owns youtube both based in california, they follow what US tells them, wouldn't let china spread their viruses, but they're obligated by law to allow US to spread theirs.
It's not just compromised Tor versions you have to worry about; over one third of Tor nodes are owned by the US government as of the time of this writing, so there's a very high chance anything you do will be recorded regardless.
@@sackofclams953 Only using your own nodes weakens your anonymity. By using one node several times you're essentially associating your identity with that node. For the sake of simplicity let's suppose for a moment the US government owns exactly a third of just middle tor nodes and you're visiting a website for a US-based company through tor. Since they have the power to order information from said companies (which are particularly happy to comply if they are victims of an attack) there would be a 1 in 3 chance they could see the ip of your entry node, their middle node, the exit node, and what is being done on the target website each time you connect to it. This leaves a clear connection between your activities on the site and the node you own. Whether you're hosting it yourself or renting out a server your identity is associated with that node and can be retrieved through an order.
I'm relatively new to this domain, currently working as a Security Analyst, spent almost 2 years in this domain and now I literally suspect every little thing. even from a shortcut to things like power/ram usage in my PC :/
I remember 12 years ago I learned about cell phone spying. I learned about possible signs of surreptitious third-party use include lower battery life, high battery temperature when not in use, spikes in phone bill, episodes of turning on when not in use, difficulty shutting down, receipt of text messages that look like code (presumably accidentally sent to you by the perpetrator whilst destined for someone else, or meant to be sent to your phone through an invisible manner rather than text), EMI-like interference when the call application is not in use, sudden activations of voice recognition (e.g. Siri turns on by itself), and strange transmissions during phone calls. Figured you might value this information as a security analyst even if it’s just about phones.
well whats secret anyway in this world - the only is to do old fashion way use a old computer not connected anyway to internet - just use a cd or dvd rom without any burning feature so you wont infect your burned safe cd/dvd and besidies what is there to hide unless you are a croc or high profile target
this is why whenever I'm watching a youtube tutorial for something and they give me a link in their description, I ALWAYS look that thing up manually in my own search bar because it's so easy nowadays to fake things like that.
9:02 the scroll can be fixed just by adding "overflow: hidden" in the body element, and creating a wrapper for the content that will have the scrollbar with "overflow: auto"
I think this may be one of those "filter out the too-smart guys so we don't waste our time on them" mistakes-on-purpose things. Like how shitty spelling in Nigerian Prince scams gets the vast majority of the smart people not to respond.
We are talking about chromium, so I think we can just make the scrollbar's width 0px: ::-webkit-scrollbar { width: 0px; } or you can give it to an element, instead of the whole page: .your-class::-webkit-scrollbar { width: 0px; }
The thing with App Mode is that it's used for Kiosk stations where it's only opened at a specific webpage you can't navigate away from and can't be closed by the end-user.
That's just one of the things it can be used for. If you develop abrowser you are supposed to have in mind the question: ,,What is the worst thing that what I am developing now could be used for." Google employees failed in that regard.
50/50. In many places, the police doesn't actually want to do jack towards things like this, but readily take action whenever easy and clear evidence is at hand. And nothing is as easy or lucrative for scammers as middle men as that, as long as they don't step on wrong toes. almost every corrupt place has a version of this with their checkpoints, permit wars or Schrödinger's crimes.
@Geographer Sudoku what does a cop win by having your info? Nothing. What does a scammer win having your info? Money. He can kidnap you and sell your body, he can sell your information, he can target ads to your address etc. what can a cop do?
Aaron, you and I know the truth, that's exactly how Chinese police operate when they think they can get away with it. The deniers are either really REALLY naïve, or they are Chinese police.
0:41 ...So, wait, the Tor website is banned in China. RU-vid is also banned in China. People looking to get Tor are willing to bypass the RU-vid block to look for Tor downloads, but not just go to the Tor website directly? What??
"Even if you haven't bought anything from a dark web market, I can pretty much guarantee you've browsed them, if only put of curiosity." Then there's me, who doesn't even know where to find them and is terrified that even just using TOR will get me put on some kind of list
You're not alone on not knowing how but I see no reason to be worried. As long as you aren't actually committing a crime and you have no prior reason to be on the radar of your government you should be fine to browse away!
You are, technically, apparently. Your IP's logged when you download it, but like. I've been using tor to go on some... dodgy clearweb sites, and I haven't gotten yelled at. (I have on the other hand been yelled at to stop torrenting copyrighted movies from bittorrent, lmao.)
Using VPN in China (without further “illegal action)could land you in police custody from a day or two to two weeks, plus getting berated constantly and having to confess about it in writing. Quite a common occurrence among Chinese netizens.
Thank you M$ for forcing me to have a program on my computer that can be used to scam me. I've lost track of how many times I've tried to get rid of Edge.
the only difference I spotted on the fake Microsoft login was the black footer banner was not positioned absolute bottom it has a small margin below it! very convincing
It's very easy to have the scroll bar under a fake address bar, you just set the div style with overflow: scroll and disable the default scrollbar on the window.
Is there a plugin for Firefox that prevents websites from disabling the scrollbar? I often do that manually by nuking nodes in the websites source code, but it's tedious.
@@jannikheidemann3805 I don't know a plugin with that exact function, but you could probably find a userscript w/ grease monkey for it. I personally like to use ScriptSafe to disable Javascript on webpages, you have to allow, trust, or enable each executed/external javascript whether by domain, address, etc.
@@weshuiz1325 why tho? Not having a feature just because a few people got phished is sad. I love application mode because it can display websites as if they were native applications. Very handy for services that don't have native programs anymore like RU-vid music, Prime Video, WhatsApp web, .. I love to have those as their own window with a launcher in my start menu or taskbar.
@@sporqist i dont see any reason to ever use it, what's wrong with a web browser, only reason i could think of are illustration apps where every inch of your monitor matters
@@weshuiz1325 I use a tiling window manager to arrange my windows. It's very frustrating when there are 40 pixels of height wasted by the browsers title bar in each window thats has a website open. Also, I want to use my browser for browsing only. The stuff I need to have open all the time shouldn't waste space in my tab bar
It makes me really sad how good phishing scams have become. Computer savvy people might be able to see the little things and be sceptical but the internet is becoming so ubiquitous that I worry for older/less tech informed people getting tricked. It's really sad : (
Another reason to use Firefox ;) But anyways, thanks Seytonic for making me aware of that phishing method. I actually didn't that and it's good to be kept up to speed on what's new in order to be safe
4:43 Not really, EVERY printer keeps logs what is printed where when and by who. Print a document and look at it with a microscope, you will find little yellow pixels where that info is also encoded and stored.
Printer Machine Identification Codes or MICs provide up to 64 bytes of information. They're *not* found in black and white printers, nor most inkjet printers, but are found on most every color laser printer and color photocopier these days. The EFF analyzed a whole host of devices and disclosed that they contain the following information: printer manufacturer, model and serial number, and date & time (higher-end models only). User names/operator codes can be included in commercial-scale devices, but unless you're a commercial printer, a lawyer, a paralegal, or a spook, you're not going to see a machine *capable* of including this information during your lifetime, much less configured to do so. They don't include GPS coordinates. They aren't even that useful in most investigations. They *can* confirm if a specific printer was used for a specific printout, but little more than that. As far as printers retaining job history, yes: most printers will retain a timestamp, document title, and the specific print settings used. They also retain the document itself, to allow for effortless reprinting as storage allows. However, outside of the commercial-scale printers with their own embedded hard drives, no printer retains this data beyond the last document or two.
@@realitynowassigned Most places where copiers/printers/scanners get installed aren't at all concerned with origination tracking. Those that are concerned with billing and productivity tracking use external access control, authorization, and auditing (AAA) solutions that are agnostic of the printed MIC tags. The ones that *are* concerned with origination tracking use similar external AAA solutions, but typically also get custom firmware on the devices themselves that may or may not be different than say a photocopier at the library. They typically utilize server-controlled document processing and/or retention schemes, potentially with further steganographic data embedded. That's all done outside of the machines, except in cases where the device isn't allowed to connect to even an isolated network... Who knows what happens in and around those machines...
@@Phroggster thanks for typing that, I've learned a few things. I found the yellow dots on documents printed on 3 different laserprinters and then I assumed they all have that.
The fact the china government made a version to track people down and possibly get top secret info made by a high priority figure like spies and the secret service and even the president .
Well all of your favourite internet companies are associated with NSA, Google, Apple, Microsoft all obeys NSA command,there is no such thing as security in the internet, they know everything about you and it's been going on since 9/11. Deep state knows everything .
Damn, people getting death sentences for giving over state secrets? Can’t image what would happen if you had accidentally taken boxes of the stuff after you finished your job
18 U.S.C 783 (e). Office of the Former President All former Presidents get a federally funded office, with staff. And security clearances. And Secret Service protection. And Secure facilities (SCIFs) for classified records. It's not a even a real world possibility. Total fabrication. Think about that.
@@flavortown3781 There is a procedure for it because the lives of agents and years of investment in defense are dependent on keeping these from being accessed. A doctor for example can decide what is good for a patient, but cannot cut open a patient willy nilly because they had the power to decide. A CEO cannot take trade secrets from a company while leaving the job.
@@shivanandvp Do you just choose to ignore what I've said? It's not even possible for that to be true, not a former president. A former CEO can't take original documents from the company, but they are not protected from copy. They are bound by non-disclosure. Possession of them is not a crime. Share the info, you've broken your NDA, and if monetary, selling of trade secrets. All former POTUS can posses ANY document, period. So much so, they even anticipate it. (i.e. SCIFs)
"pre-append" is not a word. "append" strictly means "attach at the trailing end". The word you're looking for is "prepend". Yes. That is a word and you should use it.
Two major security tips for anyone watching: 1. NEVER DOWNLOAD ANYTHING OFF OF RU-vid. 2. Add the NoScript extension to your browser and it should protect you from this new phising technique
Honestly Privacy Badger, Ublock Origin and NoScript are like. The trifecta of surfing in relative peace. NoScript keeps most crap out of my hair, uBlock is good for finer control even when I allow something through NoScript and it gives me UI element control (it makes Fandom wikias NAVIGATABLE, it's amazing), and Privacy Badger tells cookies that slipped through the first two to feck off when I don't want them even on sites I otherwise trust (and it actively notices when something is following me a lot and auto-blocks it, since it's made to spot stalky cookies).
@@neoqwerty Yeah lol. Personally I use all three, except noscript I've actually had disabled for a while because I don't feel like whitelisting crap on smaller sites I've never used.
Great video! I subbed :D I love keeping up with CyberSecurity news but it's kind of hard to sit down and read all of the stories, I appreciate you compiling them and presenting them in an easy to consume way
2:45 Yes! Thank you. I'm still angry at YT for removing the Dislikes and until they return, my YT Premium funds are being re-directed to creators, directly.
Thanks for reiterating the silliness of removing the dislike button. Ive literally stopped liking all videos on yt because it seems so pointless to do so now
thank you for putting your sponsor advertisement at the very end of the video and having empathy for the human kind instead of forcing us to watch it in the beginning like a lot of asshole youtubers. for that, i will definitely be subscribing.
2:04 Thank you! Everyone treats the deep web like something from the X-Files, but you're all like "You've probably checked out the Silk Road, even if you didn't buy."
youtube: We dont care about the millions of people that get scammed.. But we DO care about a handful of RU-vidrs who get harrassed by people pressing a button..?
There are a few channels that have "optimize windows 10" and such and have downloads to fishy things. What's worse is they are almost always from poor countries where people have bad morals such as India and sometimes have very samey comments from bots
As always, such great informative content, although I’d say, this one has been one of the more “tastier” vids in a while… How do you work for the NSA, get yourself into a quarter million in debt, and think to yourself “Gee, I know what I’ll do… I’ll sell some confidential government files to Russia for…. 99$” 😅
When he said "there is a new phising technique you need to be aware of" I was kinda thinking we were gonna be learning about some dope new way to fish. Shame...
I remember some other thing called freenet that used to compete with TOR as a decentralized platform that couldn't be censored. Not sure if it still exists.
That nsa gs pay grade just ain’t cutting it. A moment of silence for the men and women out there protecting us out of a sense of duty. You’re the real heros.
@@Amos_Quito tor is the vpn in the first place. Using tor with a vpn just breaks it. How tor works is (basically) there are 3 points, the start point, the mid point and the end point. Your info goes to a start point (another tor client) then the mid point (anothertor client) then the end point (another tor client) and then the site you want to access (slk r@ad) gets connected. This is very VERY simplified. Watch a full explanation for more info
Tor is basically a hotspot for both criminals, curious people and the government, I wouldn't suggest using it for something illegal because half of the time you will end up on a government node and get recorded
there's a tool in chrome to make a new app mode shortcut just go to the 3 dots menu > more tools... > create shortcut... then tick the "open as window" box it will add a shortcut on your desktop to open the current page in app mode
It's funny, the bad actor(s) behind this were actually busted. There was an article before the Chinese government had taken it down, but I'll attempt to find an archived ver on The Wayback Machine of said article.
I hate the removal of the dislike button because it used to be a way to verify if content was good, Susan ruining RU-vid to make sure we don’t have any fun times like 2016
Mentioning the "small details"...one time i noticed my chrome on a windows os dell laptop i had switched to a fake one day, looked super bootleg and https showed as jpeg... its crazy how you dont notice the small things before they take over your system as a novice. Now i know better.
Why is app mode a problem? it would need to be run locally, where you could just use a keylogger instead. I guess it's easier to avoid detection/blocking from anti-malware by doing it this way, but that doesn't seem like a big deal. I guess it's useful for more advanced spying where it pretends to be a secure browser when really it is a MITM, but I'm not sure what kind of content a keylogger can't really catch just as well. Stuff that uses file uploading, or maybe browser history but that seems really niche and not that valuable to a hacker.
It's not a problem. It requires the user clicking a malicious shortcut...at which point the shortcut can run arbitrary code like downloading and running whatever program it wants.
This story about the guy who tried to sell state secrets to Russia just makes me wonder how many more intelligent people have done the same thing, just without being caught... Jesus, this world sucks.
