Cloudflare really is a middle man that we voluntarily trust to have the ability to decrypt like half of the internets traffic and not pass that data to the NSA huh. Never thought about it that way.
And they can rug pull and either break the device by breaking the service it relies on in planned obsolescence or turn the critical service into a subscription cash cow.
I absolutely burst out laughing in the gym when someone told Prime that the Internet connected coffee cup already exists. That might be my favorite use of the f word in one of his videos. The despair in that word brought joy to my heart because I feel seen.
my game server keeps getting hit offline with someone who has something called nightmarestresser booter and idk what to do can someone help? my server is always offline the dude wants to be unbanned but he was cheating i cant unban him
One other reason IoT sucks, companies can just disable a perfectly fine device whenever they want. Or sometimes not even on porpoise, like when the company just goes bankrupt and your "smart" scale doesn't work anymore because the api is down.
I won't buy any "cloud" garbage, unless they have an open protocol to make it possible to run your own back end WHEN (not if) the company goes tits up, or some middle manager just decides that that particular product doesn't meet the company's "vision" anymore. So many examples of perfectly fine hardware instantly turned into e-waste in this way already. Companies should have to pay huge fines when they pull those stunts.
I spent thousands on smart devices during the original hype, when the company went bankrupt my home was bricked back to a dumb house. They did send me a check for all my registered devices, but I'll never buy smart devices again. I just make my own now when I want to tinker.
L3/4 means layer 3/4 not level. I am not blaming Prime/Michael, it is not clear what L means when not placed in context. Article probably should have mentioned OSI layer first and introduce the abbreviation L.
he often confuses words that sound alike but in the context of what he says and frames the sentences, I'm pretty sure he means "layer" when he says "level"
This is a technical article and some of this knowledge is assumed. All it means in layman's is they are using tcp/ip and not using an application layer attack like dns amplification. Very interesting though
So I bought myself a new Samsung phone, and came near my samsung Oven, and suddenly my phone asks "do you want to connect your oven to wifi?" I feel his pain...
I'm planning to remove all smart devices from my home. watch real dvds and listen to CDs. Desktop and laptop only devices to connect to internet. Even looking to dumbify my phone (which in testing on my old device means about 1wk battery life!)
what, lashing out against it or IoT in general? Prime is based on this one, IoT sucks / is a security nightmare. It's scary the folks in chat who are clueless to all these implications and mindlessly gobble up IoT crap.
My friend had a fridge. A normal, run of the mill fridge. No smart systems in it. Or so they said. He was moving to a new home, and taking the fridge with him. As the movers are taking the doors off the fridge, I am looking at the top panel they pulled off, and see something that catches my eye. I ask my friend if his fridge was a smart fridge, and he said no. But there it was, a wireless module like you'd see in a laptop. Turns out, there is a higher end model that is "smart," and the company uses the same parts. This panel had a slot for the card to sit it, and rather than not put a card there for the lower end fridge, they put it there. Not sure if it was connected before they pulled the panel off, but even "standard" devices are coming with "smart" technology....
I had Dr. Leonid Levin of NP completeness as an algorithms professor in grad school. "We are computer scientists, we computer at work and not at home" didnt understand what he meant at the time, but now I do. Great guy, good professor. Took time to explain to baby-me what it means to mathematically prove something, something HS freshman me never learned. Sad that i was the only one to go to his office hours when I went. His work is truly foundational. "What do you do when your boss tells you to solve a problem, but you cant prove to him the problem is impossible" lol
"What do you do when your boss tells you to solve a problem, but you cant prove to him the problem is impossible"? I let him fire me, buy guns with the unemployment benefits, and laugh at the solutions the cheap replacement labor attempts to implement. Once society reaches a critical point of chaos due to mismanagement, I take over by force. Any further questions?
@@broadestsmiler Eugenics. There's no need to maintain my rule by force after everyone is genetically predisposed to developing my ideas on their own.
I completely agree with his opinion about IoT. I have three devices that connect to the internet: a desktop computer, a laptop computer, and a mobile phone. My smart TV is blocked from internet access by my router. I have repaired my more than ten-year-old robot vacuum cleaner (Neato XV-25) countless times, because today's robot vacuum cleaners require an internet connection.
So, you say you have four devices connected to the internet. Or what, isn't the router connected? Microtik devices are mentioned first in the article for reason.
That rant about IoT is so true, i worked as a technichian and have a sick gaming setup at home, not a single IoT device and drive 1974 old brazilian car with a vintage bluetooth radio to play old music, my gf say she can't understand how i know so much about tech and don't use it, thats the point, the more aliterate you are, the more they play with you, she wanted an Amazon echo dot, not in my house honey
I miss hardware-buttons on cellphones.... NEVER got use to touchscreen-keyboards.... Typewise makes it a tiny bit better, but still.... habtic feedback. I need this....
@@Lelende CF serves requests from nearest location/edge/datacenter so no single point of failure to overwhelm the entire network. Its essentially 'Distributing a Distributed Denial of Service' attack.
👏 Thanks for the video, its amazing ✨. This is the kind of video we need to save the link to see later when is needed (it'll be needed). Hi from Brazil 🇧🇷🇧🇷🇧🇷
GOD! What a fantastic rant! I am 49yo and I agree with you 100% I drive a fking 2007 renault without any technology, not even parking sensors and I will drive it until I DIE ! When I go to work in the morning I cut the power to my modem/router etc... nothing is online during the day at home
IoT sucks. I want my mechanical stuff back. I don't need to automate my house. I've got legs and arms, I can get up and flip a mother fucking switch. I can set a thermostat. I can do all of that.
7:05 those clunky lightswitches that have existed since forever, that was peak light switch. Every smart switch and touch panel and WiFi enabled light bulb are worse in every goddamn imaginable way. I don't want to open a fucking app to turn on the light, and I don't need 5 different governments to know what time I go to bed and I don't want to be part of a Russian botnet.
They do keep putting these IoT devices out because when is the last time you heard of a 0-day attack resulting in a lawsuit against the company that developed the software? IoT generates sales without any of the responsibility.
The first five minutes of this WENT places, but I have to say I 100% agree with all of it. And the science afterward was cool too. I had no idea this was possible, starting with a DDOS that large... Figured it was IoT immediately, but dude. DVRs, why, indeed. Only funnier way would be if it was the coffee mugs.
18:30, TCP and IP are from the same time period/standard but are different layers, so the TCP header (or UDP) will be enclosed in whatever is implementing IP (ethernet and or wifi), and the TCP header won't have to care about ip/mac address, as that's the layer below's problem. But the OS will pass that info up to the programmer/application as they do care.
IoT is awesome when done correctly... The reason it sucks is because companies selling you IoT crap don't implement or maintain it correctly, therefore IoT is only great when you fully DIY it
Still, i'd rather connect the dumb devices to some raspberry and have it control everything then to have a network of sMarT DeVIceS you can't really control, fox, know what's inside and you're locked into that companies' hardware.
Your comment about cars sounds just like my complaints. My current car while has a nice looking screen, most of the controls, from heating, radio, streaming, etc. are on the screen. If the entertainment system fails, I can't adjust the temperature. My older car, which also had an entertainment system, still had knobs, and I could do most things without having to move my eyes off the road. Now to change the temperature or fan speed i have to look. To make matters worse there are a lot of options that I can do on my smartphone such as starting the car, unlocking the car and and all of this is standard on the car. Sure it's a convenience, but I don't trust it's security, especially when I saw a demonstration years ago on how easy it is to hack a car, and that was before the trend to computer control everything in cars.
Their current configuration is absolutely perfect for both minimizing attack surfaces and maximizing attack flexibility. I laughed once I understood what was going on there. 😂
Prime: A: Zwave is cool stuff for home automation without the 'wifi' on everything - if someone wants to go down that road. B: The car makers are clearly trying to do the 'netflix' model on everything 'car' these days - do what i do - buy something older. Being a mechanic isn't that far off from being a programmer. C: Have you realized the 'toast' problem yet? If yes my answer to that is: "Sunbeam" D: As far as refrigeration....do you have a friend who is into HVAC? Buy fridge from mid 20th century, get hvac friend to update with new fridge gear. E: I could keep going on this topic... Edit: Former vocalist - get a tea called "Throat Coat" - it will help.
IoT is great with Home Assistant and blocking all communication to and from their VLAN. I LOVE being able to walk out of my house with 90% of the lights on knowing they’ll turn off automatically 🤓
Look at Nitrado's Steel Shield. I know one of the guys who used application level attacks to mess up their old firewall, effectively shutting them down for a few days, until they developed SteelShield, which is more advanced and application specific than anything that Cloudflare or Link11 runs. 3.8 tbps is something that was already known years ago. Though it's still crazy that they were able to defend against it. And yes Cloudflare is US-Government like all larger US companies (GAFA). UDP Reflection / Amplification (usually done via DNS) is pretty common, one of the ways Nitrado was hit back then.
Regarding the "suspicious 2 and a half billion packets": I certainly agree with the "int32" cause, but have an even deeper suspicion how that came to be: They implemented their "DDOS Manager" in Java, abd keep track which packets it sent. And Java Collections can only store as much as 2^32-1 elements....
@9:15 the reason for this exercise is that these types of corporate or academic papers have an expectation of explaining the outline, primarily because it helps people with varying levels of expertise know what to read. People who don't need to understand the foundations or basics can skip to methodology and results, people just looking for "conclusions" can skip to reseasrch questions, results, and conclusion, etc. I'm not saying it's right, I'm just saying what it's expected
I would think a better standard for infrared control would be better than iot. Imagine a remote control that can help you control a lot of device in your house with infrared only.
@Prime you do need Ethernet on security cameras, but be firewalled from accessing internet. Large scale deployments need long cables (USB does not go 100 meters) and lots of ports. For wiring a building you would need a hefty USB hub to plug all cameras in, let alone power them and receive any kind of signal from them. But I agree, they don't need access outside their subnet.
@@kzalesak4 wireless for security camera is the worst because you can spam the channel the cameras are on and the data from cameras will not reach the DVR, so no video recording.
100% Agree on the "not everything needs wifi or a touch screen" boomer take. I'll be a boomer on this one. My freaking electric kettle has a touch interface. You can't easily turn the thing on in the dark, you know, before your eyes have adjusted to light in the morning, right when you need a coffee most. Sometimes I hit the wrong spot, accidentally set the maximum temperature to 40°C and get back to a lukewarm kettle. It freaking sucks and I totally understand why my mom gave it to me and got a new one herself whenever my trusty old switch-operated one broke.
I'm an embedded hardware/software engineer, I hate IOT devices... I developed all automation in my house myself, rather than waste money on devices that get deprecated after one or two years. I even hate the touch-buttons on my induction stove, the whole garbage thing goes completely bonkers whenever a single drop of water falls on those touch-buttons. For heaven sake, just give me old-school rotation buttons! For work I mostly develop medical and industrial products...
The IoT rant at 5:35 - 8:20 was *gold*. The difference between *tech enthusiasts* and the *tinfoil hat people* is becoming more funny by the day because the tinfoil hat people fears are getting proven right again and again.
I can already see the TikTok generation falling into burnout whenever they come home to realize a single lightbulb is dead and they haven't been notified about it before.
![BOWKYLION - วิงวอน (ex-change) [Official MV]](http://i.ytimg.com/vi/cLdnZWDaO-w/mqdefault.jpg)
It turns out Cloudflare was able to mitigate the DDoS attack by refering the attackers to the trust and safety team.
Criminally underrated comment.
I always chuckle now whenever someone unironically mentions "trust and safety team" for any company
The only sinkhole deeper and darker than /dev/null
🤣
Hahahahahaa
Plot twist: It was just their sales team mass emailing everyone to upgrade to the Enterprise plan.
It was the trust and safety team haha
@@Slashx92 It was the sales team pretending to be the trust and safety team 🤣
@@wlockuz4467 Why do we need one more team for trust, when most trust worth people exist in sales team...
Mr. CEO, they hit the second lavalamp!
the buildup of facts required to understand this statement is really good.
how many people do you think it'll take to storm the wall and drink all of it?
@@HimanshuSharma-b3q3u 😂😂 right. if you know u know, and if you do it's fucking hilarious 😂
Epic 😂
Absolute genius
Cloudflare really is a middle man that we voluntarily trust to have the ability to decrypt like half of the internets traffic and not pass that data to the NSA huh. Never thought about it that way.
That why we need to support Let's Encrypt and run your own ngnix proxy
@@gljames24 Nginx would die under that load, but cloudflare open-sourced a lot of their stuff to build your own proxy
@@gljames24 https isn't secure enough, especially automated CAs because the NSA can easily spoof your IP address
@@gljames24 Doesn't really help you not get DDoS'd though
@@gljames24 Who say's Let's Encrypt or any other CA doesn't create certificates for agencies which then can be used to mitm traffic on routers?
IoT is actually more profitable than regular devices. Because they use wifi to send usage data back to their servers that they sell to advertisers.
Data brokers, any one can tie into the data brokers, some of them are advertisers.
@@daviddickey9832literally evil shit
And they can rug pull and either break the device by breaking the service it relies on in planned obsolescence or turn the critical service into a subscription cash cow.
All those open microphones. I will never own a Tesla.
And this is why I only use local server IoT devices. 😅
I absolutely burst out laughing in the gym when someone told Prime that the Internet connected coffee cup already exists. That might be my favorite use of the f word in one of his videos. The despair in that word brought joy to my heart because I feel seen.
perfection. 🙂
why or even how are you watching videos in the gym bruh
@@knufyeinundzwanzig2004 I was just listening to it.
my game server keeps getting hit offline with someone who has something called nightmarestresser booter and idk what to do can someone help? my server is always offline the dude wants to be unbanned but he was cheating i cant unban him
"Why does everything have to connect to the internet? We're creating a botnet!"
Bro, you answered your own question. 😅
rhetoric
yeah he being rhetorical to emphasize what is happening here because some people may not realize.
I love how his hoodie goes full old-school cyberpunk on white backgrounds.
One other reason IoT sucks, companies can just disable a perfectly fine device whenever they want. Or sometimes not even on porpoise, like when the company just goes bankrupt and your "smart" scale doesn't work anymore because the api is down.
I won't buy any "cloud" garbage, unless they have an open protocol to make it possible to run your own back end WHEN (not if) the company goes tits up, or some middle manager just decides that that particular product doesn't meet the company's "vision" anymore. So many examples of perfectly fine hardware instantly turned into e-waste in this way already. Companies should have to pay huge fines when they pull those stunts.
How about on shark?
But yeah, the S in IoT stands for security.
To serve a youthful porpoise
I spent thousands on smart devices during the original hype, when the company went bankrupt my home was bricked back to a dumb house. They did send me a check for all my registered devices, but I'll never buy smart devices again. I just make my own now when I want to tinker.
@@TNH91But there’s no… oh, right
This is a trap. What scares me are small ddos attacks, that would give me a 1-2k bill and that the cloudflare magic would probably not detect.
They're typically refered to as Denial Of Wallet
If you’re worried you can keep under attack mode on 24/7.
@@undefinedchannel9916 not to scare anyone, but that can be bypassed and is commonly done so in the right (or wrong) communities^^
@@undefinedchannel9916Magic transit and Spectrum doesn't have that setting, as it operates on network level.
Don't use lambdas and provision your own VMS
L3/4 means layer 3/4 not level. I am not blaming Prime/Michael, it is not clear what L means when not placed in context. Article probably should have mentioned OSI layer first and introduce the abbreviation L.
That's a VERY imperishable difference! OSI Model layers vs. Like for ex. level 0/1 Backbone ISP tier
he often confuses words that sound alike but in the context of what he says and frames the sentences, I'm pretty sure he means "layer" when he says "level"
This is a technical article and some of this knowledge is assumed. All it means in layman's is they are using tcp/ip and not using an application layer attack like dns amplification. Very interesting though
Could be udp too but idk
Lol I couldn't help but laugh at the innocence of him saying L three 😂
So I bought myself a new Samsung phone, and came near my samsung Oven, and suddenly my phone asks "do you want to connect your oven to wifi?"
I feel his pain...
i buy bosch(non smart devices). as for phones... well your f'd anyway.
That’s because they’re using BLE to find nearby devices. Same as TVs do so you get those pop ups about sending video to the TV on Android/iOS.
@@LtdJorge I know how it works, I am more concerned it is a thing
OSI Layer - Layer 3,4 = Network & Transport - So hitting the raw IP stack
That's script kiddie attack level.
What it means is that it's easier to block because it doesn't speak proper HTTP and may just be SYN packets, so stressing the connection tables most.
@@defipunk The SSL interface is a more likely interface to attack than the web-service - thats what brought GitHub down a few years ago
But what does that mean for a ddos?
@@thewhitefalcon8539 It means they're ddosin the core fabric
at 3:35 - Finally !!! Someone calls out the insanity - Everything does NOT have to talk to the Internet - Preach, Brother !!!
3:34 IoT Rant -- I've never felt such kinship with a YT video. Preach brother!
My grandfather was a B17 tail-gunner in ww2 and he passed away this week. RIP Corporal E.T. Flood and bless you for your service.
The scary part of security service is that attacker and defender could be the same person.
In the NSA's defense.. at least they don't DDoS you or try to steal your money. They are just after your data
"I just want buttons" should go on your coffee mug
I second that
on a wifi powered coffee mug
Buttons on a coffee mug
bro lashing out at IoT is hilarious… too little too late for that IMO .. that ship has sailed 10 years ago …
Ships can be sunk. One can dream at least
I'm planning to remove all smart devices from my home. watch real dvds and listen to CDs. Desktop and laptop only devices to connect to internet. Even looking to dumbify my phone (which in testing on my old device means about 1wk battery life!)
what, lashing out against it or IoT in general? Prime is based on this one, IoT sucks / is a security nightmare. It's scary the folks in chat who are clueless to all these implications and mindlessly gobble up IoT crap.
Need IOT ceramic pills so I can track my poops.
wet ass firewall 🤣
🤤
My friend had a fridge. A normal, run of the mill fridge. No smart systems in it. Or so they said.
He was moving to a new home, and taking the fridge with him. As the movers are taking the doors off the fridge, I am looking at the top panel they pulled off, and see something that catches my eye. I ask my friend if his fridge was a smart fridge, and he said no. But there it was, a wireless module like you'd see in a laptop. Turns out, there is a higher end model that is "smart," and the company uses the same parts. This panel had a slot for the card to sit it, and rather than not put a card there for the lower end fridge, they put it there. Not sure if it was connected before they pulled the panel off, but even "standard" devices are coming with "smart" technology....
I had Dr. Leonid Levin of NP completeness as an algorithms professor in grad school. "We are computer scientists, we computer at work and not at home" didnt understand what he meant at the time, but now I do.
Great guy, good professor. Took time to explain to baby-me what it means to mathematically prove something, something HS freshman me never learned. Sad that i was the only one to go to his office hours when I went. His work is truly foundational.
"What do you do when your boss tells you to solve a problem, but you cant prove to him the problem is impossible" lol
"What do you do when your boss tells you to solve a problem, but you cant prove to him the problem is impossible"? I let him fire me, buy guns with the unemployment benefits, and laugh at the solutions the cheap replacement labor attempts to implement. Once society reaches a critical point of chaos due to mismanagement, I take over by force.
Any further questions?
@@henlofren7321 Once you take over by force, what policies will you impose to keep yourself in power?
@@broadestsmiler
Eugenics. There's no need to maintain my rule by force after everyone is genetically predisposed to developing my ideas on their own.
@@henlofren7321 Wise man.
@@henlofren7321 that's freaking hilarious 😂. Reads like something out of Fallout New Vegas
Layer 3 of the OSI model is the Network layer.
Layer 4 of the OSI model is the Transport layer.
aka L3 = IP, L4 = TCP or UDP
I completely agree with his opinion about IoT. I have three devices that connect to the internet: a desktop computer, a laptop computer, and a mobile phone. My smart TV is blocked from internet access by my router. I have repaired my more than ten-year-old robot vacuum cleaner (Neato XV-25) countless times, because today's robot vacuum cleaners require an internet connection.
So, you say you have four devices connected to the internet. Or what, isn't the router connected? Microtik devices are mentioned first in the article for reason.
That rant about IoT is so true, i worked as a technichian and have a sick gaming setup at home, not a single IoT device and drive 1974 old brazilian car with a vintage bluetooth radio to play old music, my gf say she can't understand how i know so much about tech and don't use it, thats the point, the more aliterate you are, the more they play with you, she wanted an Amazon echo dot, not in my house honey
I miss hardware-buttons on cellphones....
NEVER got use to touchscreen-keyboards.... Typewise makes it a tiny bit better, but still.... habtic feedback. I need this....
I have a friend who works on ship engines. They’re replacing everything slowly with IoT and touchscreens 😬
Titanic 2.0 but this time the iceberg won't be the reason it's gonna sink xD
have they never watched BSG?
Using TCP/IP isn't the issue. The issue is if it can be accessed from the internet or can access the internet.
I do hope this isn't the case...
TLDR: Anycast routing
Please explain for my peabrain
@@Lelende CF serves requests from nearest location/edge/datacenter so no single point of failure to overwhelm the entire network.
Its essentially 'Distributing a Distributed Denial of Service' attack.
It's both obvious and really amazing that it works ;)
ty
As a sysadmin and devops guy I love this!!
👏 Thanks for the video, its amazing ✨. This is the kind of video we need to save the link to see later when is needed (it'll be needed).
Hi from Brazil 🇧🇷🇧🇷🇧🇷
GOD! What a fantastic rant!
I am 49yo and I agree with you 100%
I drive a fking 2007 renault without any technology, not even parking sensors and I will drive it until I DIE !
When I go to work in the morning I cut the power to my modem/router etc... nothing is online during the day at home
IoT rant just made me a life long fan of the prime! 💯💯😂
Hearing Prime rant about IoT warms the cockles of my heart.
3:45 the rant we needed. Not everything needs to be "high tech".
IoT sucks. I want my mechanical stuff back. I don't need to automate my house. I've got legs and arms, I can get up and flip a mother fucking switch. I can set a thermostat. I can do all of that.
You say "AGEN!", I say "Gesundheit!"
prime going whole louis rossmann mode is nice
I work with Network security. My job security just keeps rising because of stupid IOT items. I should love it but I don't ....... not at all.
7:05 those clunky lightswitches that have existed since forever, that was peak light switch. Every smart switch and touch panel and WiFi enabled light bulb are worse in every goddamn imaginable way. I don't want to open a fucking app to turn on the light, and I don't need 5 different governments to know what time I go to bed and I don't want to be part of a Russian botnet.
I got eyeballs!! This has got to be my favorite rant of yours of all time 🙌🤣
Plot twist: the protected Cloudflare client was Crowdstrike pushing a new update and Cloudflare prevented the callbacks :)
You want a car where you press a bottom? I dunno man, the last guy to try to drive using a gamepad ended up at the bottom of the ocean.
They do keep putting these IoT devices out because when is the last time you heard of a 0-day attack resulting in a lawsuit against the company that developed the software? IoT generates sales without any of the responsibility.
The first five minutes of this WENT places, but I have to say I 100% agree with all of it. And the science afterward was cool too. I had no idea this was possible, starting with a DDOS that large... Figured it was IoT immediately, but dude. DVRs, why, indeed. Only funnier way would be if it was the coffee mugs.
18:30, TCP and IP are from the same time period/standard but are different layers, so the TCP header (or UDP) will be enclosed in whatever is implementing IP (ethernet and or wifi), and the TCP header won't have to care about ip/mac address, as that's the layer below's problem. But the OS will pass that info up to the programmer/application as they do care.
IoT is awesome when done correctly... The reason it sucks is because companies selling you IoT crap don't implement or maintain it correctly, therefore IoT is only great when you fully DIY it
Still, i'd rather connect the dumb devices to some raspberry and have it control everything then to have a network of sMarT DeVIceS you can't really control, fox, know what's inside and you're locked into that companies' hardware.
Your comment about cars sounds just like my complaints. My current car while has a nice looking screen, most of the controls, from heating, radio, streaming, etc. are on the screen. If the entertainment system fails, I can't adjust the temperature. My older car, which also had an entertainment system, still had knobs, and I could do most things without having to move my eyes off the road. Now to change the temperature or fan speed i have to look.
To make matters worse there are a lot of options that I can do on my smartphone such as starting the car, unlocking the car and and all of this is standard on the car. Sure it's a convenience, but I don't trust it's security, especially when I saw a demonstration years ago on how easy it is to hack a car, and that was before the trend to computer control everything in cars.
That text contrast is absolutely criminal
6:47 I'm dying!
1 Billion more Packets they would’ve mitigated 3.14 (Pi). 🤣
I like how he phase in and out of existance continuously like hes an AI
"dynamic fingerprinting" that has regex written all over it
Cloudflare big blunder followed by amazing mitigation, yeah right.
You're mistaking Crowdstrike with Cloudflare..........
Wait till the connect every shoe to the internet. So they can make sure you are walking in the most ergonomical way possible
Their current configuration is absolutely perfect for both minimizing attack surfaces and maximizing attack flexibility. I laughed once I understood what was going on there. 😂
the signed int32 instinct is beautiful
Prime:
A: Zwave is cool stuff for home automation without the 'wifi' on everything - if someone wants to go down that road.
B: The car makers are clearly trying to do the 'netflix' model on everything 'car' these days - do what i do - buy something older. Being a mechanic isn't that far off from being a programmer.
C: Have you realized the 'toast' problem yet? If yes my answer to that is: "Sunbeam"
D: As far as refrigeration....do you have a friend who is into HVAC? Buy fridge from mid 20th century, get hvac friend to update with new fridge gear.
E: I could keep going on this topic...
Edit: Former vocalist - get a tea called "Throat Coat" - it will help.
nice looking graph. i have one just like it in my living room.
I think we could start a movement of futuristic, non-networked computing devices.
8:14 to skip the rant about IoT
I totally agree, but dang that was a long one
It healed the soul.
that lavalamp doing some godly work.
You're the Alex Jones of IoT. And that's why I listen.
That attack method mentioned around the 26 minute mark is also known as an "amplification attack".
100% the NSA TOR network "hosts" is been repurposed for CF lol
IoT is great with Home Assistant and blocking all communication to and from their VLAN. I LOVE being able to walk out of my house with 90% of the lights on knowing they’ll turn off automatically 🤓
Lazy
Prime's stock just went up with the Chevy pickup reveal.
Look at Nitrado's Steel Shield. I know one of the guys who used application level attacks to mess up their old firewall, effectively shutting them down for a few days, until they developed SteelShield, which is more advanced and application specific than anything that Cloudflare or Link11 runs. 3.8 tbps is something that was already known years ago. Though it's still crazy that they were able to defend against it. And yes Cloudflare is US-Government like all larger US companies (GAFA). UDP Reflection / Amplification (usually done via DNS) is pretty common, one of the ways Nitrado was hit back then.
"Your lightbulb no longer works." - e message. "No shit!" - ThePrimeagen
Regarding the "suspicious 2 and a half billion packets": I certainly agree with the "int32" cause, but have an even deeper suspicion how that came to be:
They implemented their "DDOS Manager" in Java, abd keep track which packets it sent. And Java Collections can only store as much as 2^32-1 elements....
@9:15 the reason for this exercise is that these types of corporate or academic papers have an expectation of explaining the outline, primarily because it helps people with varying levels of expertise know what to read.
People who don't need to understand the foundations or basics can skip to methodology and results, people just looking for "conclusions" can skip to reseasrch questions, results, and conclusion, etc. I'm not saying it's right, I'm just saying what it's expected
0:33 remember that whiteboard smile :) that got leaked referring to how GCP was proxying things? Yeah ahaha.
Thank you, thank you. ;)
I wonder what the customer bill is gonna be like
💀
@@jpf51286 Don't think CF charges extra for DDOS mitigation also I hope the customer had some rate limiting already in place
Bout three fiddy
Can anyone estimate this? Even a ballpark?
I would think a better standard for infrared control would be better than iot. Imagine a remote control that can help you control a lot of device in your house with infrared only.
or bluetooth.
bluetooth 4 has like 18 meters range.
This is exactly what zigbee is for
Infrared is really bad. Are you old enough to remember having to aim the terrible tv remote?
7:50 My man, the only correct answer. Keep it as a hobby!
I love being able to control all my lights and a/c remotely and set them up on timers.
cloudflare gets DDoS'd and prime just flips on IoT devices, this video is great
Wtf is ur works into links
It was me, i accidentally ran a load test against production
l3 or l4 refers to layer 3 or layer 4 of the osi networking model. layer 3 is the routing layer and layer 4 is the transport layer.
@Prime you do need Ethernet on security cameras, but be firewalled from accessing internet. Large scale deployments need long cables (USB does not go 100 meters) and lots of ports. For wiring a building you would need a hefty USB hub to plug all cameras in, let alone power them and receive any kind of signal from them. But I agree, they don't need access outside their subnet.
Why not just a closed wireless network?
@@kzalesak4 wireless for security camera is the worst because you can spam the channel the cameras are on and the data from cameras will not reach the DVR, so no video recording.
@@kzalesak4 they use wifi jammers to disable security recording.
100% Agree on the "not everything needs wifi or a touch screen" boomer take. I'll be a boomer on this one.
My freaking electric kettle has a touch interface. You can't easily turn the thing on in the dark, you know, before your eyes have adjusted to light in the morning, right when you need a coffee most. Sometimes I hit the wrong spot, accidentally set the maximum temperature to 40°C and get back to a lukewarm kettle. It freaking sucks and I totally understand why my mom gave it to me and got a new one herself whenever my trusty old switch-operated one broke.
DVRs need a network connection for the tv guide data. Also, tgey are also streaming devices now.
TV guide used to be periodically broadcast one-way...
imagine youre responsible for that ddos and just watch as absolutely nothing happens
Imagine amassing an army of LED light bulbs and then someone else can amass an army of tooth brushes and see who wins. LOL!
5:00 that derailed and escalated quickly.
30:22 - eBPF is not the "Javascript of the kernel". It's the "WASM of the kernel".
Love the IoT rant. chef's kiss
b... but HOW will I know that my fridge needs a software update if it's NOT connected to wifi and to Amazon servers?!!!111111
I'm an embedded hardware/software engineer, I hate IOT devices...
I developed all automation in my house myself, rather than waste money on devices that get deprecated after one or two years. I even hate the touch-buttons on my induction stove, the whole garbage thing goes completely bonkers whenever a single drop of water falls on those touch-buttons. For heaven sake, just give me old-school rotation buttons!
For work I mostly develop medical and industrial products...
Counterpoint: if I'd had a physical skip button, I would have skipped this video.
inb4 we see a 15 yo kid running from the high school at 9pm screaming "IT WORKED, IT WORKED HAHAHA"
Anycast is actually the IP routing, thing you sent AT&T customers to one server vs another ISP overseas
I went out of my way to buy an e-reader that had no bluetooth and no wifi. It's so much nicer for reading and it was cheaper.
primeagen @ 4:58 unwittingly becomes proud sponsor of Lite Brite
4D chess is orchestrating the attacks to provide the snooping solution.
First 30s got me rolling already
After this rant I needed to buy a Bluetooth Mug...
The IoT rant at 5:35 - 8:20 was *gold*.
The difference between *tech enthusiasts* and the *tinfoil hat people* is becoming more funny by the day because the tinfoil hat people fears are getting proven right again and again.
You forgot to mention subscription services with the IOT devices being some of the most predatory.
I can already see the TikTok generation falling into burnout whenever they come home to realize a single lightbulb is dead and they haven't been notified about it before.
lightbulb burnout burnout?
@@thewhitefalcon8539 hahahahah yea