@@glichking6812 what do you mean? Mckenna was trying to say that their computer is so bad that they felt that the low frame rates were normal and thus, didn't notice it.
I was at Defcon 2 weeks ago, at a party, and ran into the security expert that discovered Heartbleed, got to spend quite a bit of time with him. It often surprises me how small a percentage of people that work in the security industry actually do most of the discovery work we hear about. While at these parties, it always the same 50-100 people that are present the entire time, even as the industry continues to explode in personnel numbers.
+oakeydokey I also use Linux. If I had this video fullscreen I would have thought my GPU crashed and poked the reset switch. Does that often enough since I'v been tweaking odd driver options to desperately try getting OpenGL working. Screen goes blue and grey (occasionally a hint of pink and lime) smears when it does. Yeah I know, I have to install the non generic drivers soon. I just hate reverse engineering and backporting ATi's code.
theLuigiFan0007 I rarely use full screen on my laptop. (I'm a computer junkie and I can't imagine not seeing an interface in front of me. It makes me nervous.) It just looked like a buffering issue to me until I saw the BSOD.
Megalus Doomslayer Pretty much the same here. Since I use Linux with the Enlightenment desktop, I set the dock to always be on top, and no application can cover it.
Gandhi was originally a nuke loving monster in Civilization because of an overflow error. In Civilization 2, Gandhi was programmed to be pacifist, so he had a "desire to use nukes" value of 1 out of 10. The game designers also decided that any AI Civs that adopted democracy would have their "desire to use nukes" value lowered by two. For all the other civs, this was fine, however, for Gandhi, it caused his "want to use nuke" value to "drop" to 255, turning him from a friend to a nuclear monster that desired nothing but to watch the world burn. In Civilzations V, the game designers, in a nod to the glitch and the "Gandhi nuked me" memes, gave Gandhi a 12 out of 10 desire to use nukes, higher than anyone else in the game.
notbobby125 That's actually not buffer overflow but value overflow/underflow, it's a different type of error you can experience even in JavaScript or other buffer-overflow-safe languages (there's actually very small number of languages that are not susceptible to that and most of them are functional). Similar error in UFO: Enemy Unknown caused really experienced soldiers to have something like lateral sclerosis (their stats overflowed to very low values, way below novice soldiers).
Rylan Edlin Most functional languages are immune to overflows but yes, it can be pretty inefficient. C# is also immune to overflows but it throws an exception. This also brings some overhead. Moreover it's debatable how safe that actually it. It avoids the overflow but it does not avoid the logic error that lead to it and who knows if that does not just move the error to another place in the program's logic, eg. in C#, it usually crashes the program so it can be used for DoS attacks. There are also statically-verifiable languages where no error can happen but it is pain in the ass to program in those.
produKtNZ OE: 016F: BFF9B3D4 is actually an error code from Win ME. It's an exception (error) that was commonly associated with your graphics card drivers being bad, thus throwing an exception during rendering of certain graphical elements.
Marty Pines i would have installed linux on that machine and then I HAVE WON THE INTERNET with a mostly overpriced system running a free operative system that you can do basicly anygthing on
+Luiz Sarchis It's the same principle, when you use the glitch to encounter Missingno. on the coast of Cinnabar Island the game goes to pick a random pokemon from the list of pokemon that can be encountered in that area. However the programmers never put in a list of random encounters for that certain area of Cinnabar Island so the game ends up reading some other data as encounter data (It actually ends up reading a part of memory that stores the players name) which causes things to happen that weren't expected.
+Alex Golembeski Close, but not quite. The game never reads any different part of memory, it's that the part of memory in question contains something it normally doesn't. How this works exactly is: you go to Cinnabar Island and surf across the east coast. The programmers accidentally set this strip of water as being equivalent to grass. Water routes have no specific data related to wild grass encounters, so data that was in the section of the memory related to said encounters is never overwritten when entering the route and whatever was there before stays there. That's where the classic "talking to the old man" part comes in. Because when you're being taught how to catch Pokemon the name of the character changes from yours to the Old Man's, yours has to be temporarily saved somewhere else. Since Viridian has no grass encounters, that section of memory is where the name is being written into. Normally it would've been overwritten as soon as you enter some route with grass encounters, but because you Fly directly to C. Island which, like Viridian City, has no grass, the data (currently your name), as stated before, stays where it was. Here's the actual Missingno./M. part. You have your name saved to the grass encounters section of the memory. Fly from Viridian to C. Island, still no grass encounters, data stays where it was. Going from island to the shore, same story, data stays where it was AND, because we're now on a grass-like tile according to game's logic, we can encounter Pokemon with in-game values corresponding to wild encounters data or, in that case, characters in our name. Problem is, our name is 7 characters at max. Random encounters section reads up to 11th and because in most cases characters after 7th (or however long your name is) are blank, we get the buffer underflow-like scenario and an encounter with M. Pokemon at level 0. The Missingno. are a bit different since they are leftover data from removed Pokemon and don't appear because of blank data being where it shouldn't, but that another story :).
This video about Heartbleed was so much more understandable to me than the Computerphile video. From CP I just didn't gather what the whole heartbeat thing was at all, but you worked the way up there. Thank you, Tom.
While I appreciate your paranoia, I think the better question is, "How the hell did they forget to check the length of the input?" I mean, alright, sure, we all make mistakes. But it's a security library; you'd think they'd be careful to sanitize and verify all input >_< .
I haven't read the code myself, but from what I've heard from people who have, it's daunting spaghettified mess. Or to use their words, _"after a few hours, I wanted to stab my eyes out with a fork"_. It's equal measures human error, and equal measures horrible, convoluted code base that let's these error go unnoticed for so long. OpenSSL is in desperate need of an audit and a re-write.
MissingNo is not a buffer overflow error. The technical side of the error is that different segments of memory have different roles attached to them depending on the part of the game you're in. For example the same part in memory that stores what pokemon are in certain routes also stores trainer data in battle (well probably not but that's just an example). For example the mew glitch works, because you cheat the game into thinking you're in battle while you're not, so other segments of memory are used for different things than normal. And this is an explanation how the old man missingno glitch works: When the old man in the virdian city shows you how to catch a pokemon, you see the battle from his perspective. To do that, the game does a temporary change to your trainer data, while storing the regular trainer data in an unused space - the wild pokemon data space and it doesn't clear it from there. That would be normally no problem, as entering any region with wild pokemon will replace the data. The glitch happens, because shore in cinnabar is coded as place where you can fight wild pokemon. But the Cinnabar City itself has no wild pokemon data so it's not loaded. That means that this little part of the map will use any wild pokemon data provided in memory. Normally it's the last place you visited (neat trick for easy safari zone pokemon in R/B ) but if you have trainer data in there the game will try to make sense of it as wild pokemon data (both are stored in hexadecimals after all). This is why pokemon outside of the regular 151 show up. This is not a buffer overflow because nobody tries to put input longer than place provided for it.
Actually, The buffer overflow happens when it tries to write that you have caught that pokemon to the pokedex. Instead of it going to the pokedex, it goes to the amount of items in the 6th item slot.the "buffer" is the memory that the Pokedex occupies and the item data happens to be stored near the pokedex buffer. so there is actually a buffer overflow happening here
@@herrkatzegaming It is not the capture flag that causes the item duplication, it is the encounter flag. You can run away or beat it, and you will still receive the item duplication. And from my understanding Dawwy is indeed correct that is is not a buffer overflow; it simply writes to the wrong location in the memory, rather than sending a value that spills over into neighboring data. Also, the Pokémon shown in this video, contrary to what the title says, is in fact not MissingNo. It is 'M, a Pokémon that shares certain traits with MissingNo, but is in fact different in many aspects.
@@kodekristian The hall of fame corruption though is caused by a buffer overflow because when it decompress the big glitched sprite, the game writes the sprite way pass the pokemon buffer
It's my understanding that MissingNo is a buffer overflow error in the pokemon generating step - it's reading pass the buffer of indicated Pokemon, because it doesn't know what to wrap around the valid space of Pokemon. Ergo, "Missing Number", because the Pokemon doesn't have a number where it should be, and the image sprite is based on whatever it can read there, which is why sometimes the name and sprite change depending on which version you find.
I panicked more than that before I realized what happened. Tom Scott (or perhaps Brady)...you are evil. *EDIT* Okay, not Brady, this isn't Computerphile after all...
i was pissed, cause this was the first video in a time i watched using windows and for a second t thought it was going to crash. Until that bluescreen came up. We are not using XP anymore. Todays bluescreens have smileys on them
I remember this... I remember going out in pijamas driving like crazy down to my office to check the server... update (downgrade) OpenSSL, and recheck, then I had to change all my certificates the next day. #HappyTimes
Wow, I loved this video. My favorite part: that grin at the very end. Was scarier than all the horror movies I've ever watched in my entire life put together.
Nice job, Tom! another great video! this certainly has been an interesting day. please do make more like this, computerphile doesn't film you often enough!
as far as I remember, missingno wasn't a buffer exploit but a design fault temporarily storing the user's name at a location that's referenced as a pointer elsewhere, so you're not really overflowing data into RAM, but redirecting later pointer dereferencing.
Kyra Zimmer The Item Duplication when you “See” Missingno. is a buffer overflow, its setting the high order bit of the 32nd byte of something a lot smaller then 32 bytes.
@@absent612 it was another bug, but that NSA kept quite about for 5 years until it was leaked. Called EternalBlue and is what made the ransomware attack back in 2017 possible.
Andrew Boz open ssl is used by about 66% of the internet, sure, not all will be using the problem versions, but the problem has been there for 2 years, I'm pretty sure more than yahoo were effected.
Wow. Back in 8th grade I watched this video, then again in 10th grade, now again in 12th grade, and only now after 5 years experience in programming did I actually understand it fully, and now I see why that is such a massive exploit.
Did he say this bug's been in there for 2 years!?! A bug this significant? In a product used by millions of people? How is that possible?? Maybe he's not being so paranoid ...
It is a bit simple, but I didn't cringe. Well done explaining something rather complex in a way that is both understandable and still rather technically correct.
So, at 1:38 is that kind of overflow caused by something like while(nextChar != EOF){} or something like that? Just carelessly reading everything it's given, or is it more complicated than that?
I read somewhere that the bug was written by someone still working on new year's eve, just goes to show the dedication people have to open source software.
That last question reminded me of an incident in a south american bank where a programmer modified the code of the banks ATMs just so that with a private code he could extract any amount of money from the machine. The exploit went unnoticed until after the employee retired - and - some ATMs were missing aertain amounts of money
When you described the "buffer underflow", it's basically a buffer overflow except that it occurs while _reading_ from memory instead of when _writing_ to it.
That smile... I think Tom put it there.
Exactly what I thought
that smile was very creepy
SparkySywer It’s a little late to worry about that. Just smile & wave. 🤪 lulz indeed!
What smile
No it’s Robin Seggelman
“If debugging is the process of removing bugs, then programming must be the process of putting them in.” - Edsger Dijkstra
"the technical folks are going to be cringing"
network engineer here, this is actually an excellent explanation. well done tom
this is so wholesome! 1000% smiles over here
agreed@@mallorystrom7511
You know you should worry about your computer when someone in a TH-cam video fakes a low frame rate and you don't even notice it...
...what?
@@glichking6812 what do you mean? Mckenna was trying to say that their computer is so bad that they felt that the low frame rates were normal and thus, didn't notice it.
Same but with my phone
your blue screen didn't fool me, I know mine look different in windows 10 because i've gotten two in the last 12 hours. ohgodsendhelp
Run a hard backup of all your files now, because my old computer did that right before the CPU died a terrible death
No, a CPU doesn't need backups but you can never be too careful that your hard drive might be what goes
I'm not saying their CPU is dying, I'm saying that multiple blue screens of death is a sign of impending disaster, because that's what mine did
actually, the last time the BSoD looked like this is Windows 98
Oskar Martin try buying windows 7, it's only like $20
THAT SMILE IT MUST HAVE BEEN TOM
is him
What
it was the NSA
I was at Defcon 2 weeks ago, at a party, and ran into the security expert that discovered Heartbleed, got to spend quite a bit of time with him. It often surprises me how small a percentage of people that work in the security industry actually do most of the discovery work we hear about. While at these parties, it always the same 50-100 people that are present the entire time, even as the industry continues to explode in personnel numbers.
i'm on linux and i fell for the bluescreen. damnit.
+oakeydokey
I also use Linux. If I had this video fullscreen I would have thought my GPU crashed and poked the reset switch.
Does that often enough since I'v been tweaking odd driver options to desperately try getting OpenGL working.
Screen goes blue and grey (occasionally a hint of pink and lime) smears when it does.
Yeah I know, I have to install the non generic drivers soon. I just hate reverse engineering and backporting ATi's code.
Same here. I legit panicked but then laughed when it went back to Tom.
+oakeydokey Recommended fix: don't use full screen
theLuigiFan0007
I rarely use full screen on my laptop. (I'm a computer junkie and I can't imagine not seeing an interface in front of me. It makes me nervous.) It just looked like a buffering issue to me until I saw the BSOD.
Megalus Doomslayer
Pretty much the same here. Since I use Linux with the Enlightenment desktop, I set the dock to always be on top, and no application can cover it.
Gandhi was originally a nuke loving monster in Civilization because of an overflow error. In Civilization 2, Gandhi was programmed to be pacifist, so he had a "desire to use nukes" value of 1 out of 10. The game designers also decided that any AI Civs that adopted democracy would have their "desire to use nukes" value lowered by two. For all the other civs, this was fine, however, for Gandhi, it caused his "want to use nuke" value to "drop" to 255, turning him from a friend to a nuclear monster that desired nothing but to watch the world burn.
In Civilzations V, the game designers, in a nod to the glitch and the "Gandhi nuked me" memes, gave Gandhi a 12 out of 10 desire to use nukes, higher than anyone else in the game.
notbobby125 I was wondering why I kept getting nuked by gandhi
And those memes will probably be a while before they go away too haha xD Civilization 5 is awesome
notbobby125 That's actually not buffer overflow but value overflow/underflow, it's a different type of error you can experience even in JavaScript or other buffer-overflow-safe languages (there's actually very small number of languages that are not susceptible to that and most of them are functional). Similar error in UFO: Enemy Unknown caused really experienced soldiers to have something like lateral sclerosis (their stats overflowed to very low values, way below novice soldiers).
+Jan Sten Adámek I imagine designing a programming language to avoid overflow errors would make it really inefficient.
Rylan Edlin Most functional languages are immune to overflows but yes, it can be pretty inefficient. C# is also immune to overflows but it throws an exception. This also brings some overhead. Moreover it's debatable how safe that actually it. It avoids the overflow but it does not avoid the logic error that lead to it and who knows if that does not just move the error to another place in the program's logic, eg. in C#, it usually crashes the program so it can be used for DoS attacks. There are also statically-verifiable languages where no error can happen but it is pain in the ass to program in those.
That grin at the end xD
Ioan Dragomir Well, he put it in :D, so why not. (I'm obviously kidding.)
Ioan Dragomir I'm still laughing at that grin :D
+Ioan Dragomir As if he wanted to say, yeah right, that was ME, bitches!
+Ioan Dragomir asi f to say i did that
Uhh, guys, I said the exact same thing, like half a year ago...
Ahaha that smile at the end after he says "who put that there in the first place" it was almost guilty ;D
:D
I was quietly hoping Tom Scott put a secret message in the fake bluescreen, but all I got was "o¿ù³Ô"
You disappoint me Tom :D
produKtNZ OE: 016F: BFF9B3D4 is actually an error code from Win ME. It's an exception (error) that was commonly associated with your graphics card drivers being bad, thus throwing an exception during rendering of certain graphical elements.
I was on mobile, your blue screen doesn't fool me
The lag got me on mobile
+Codaddict28 I didn't for me. it seemed so fake. my phone just stops when it happens
i'm on linux and the windows bluescreens are different now for the newest versions
I was on Mac. And not in full screen.
I HAVE WON THE INTERNET!(not really...)
Marty Pines i would have installed linux on that machine and then I HAVE WON THE INTERNET with a mostly overpriced system running a free operative system that you can do basicly anygthing on
Oh, Tom. You are the man. "Cockup before conspiracy" will live forever in my heart.
#CBCForever
CBC doesn’t mean what you think it means
I was disappointed by the lack of Pokemon in this video.
There was a screenshot that said "Wild "" M. Appears!".
+jimpikles I was expecting he would explain the Missigno bug in Pokemon...was disappointed...
+Luiz Sarchis It's the same principle, when you use the glitch to encounter Missingno. on the coast of Cinnabar Island the game goes to pick a random pokemon from the list of pokemon that can be encountered in that area. However the programmers never put in a list of random encounters for that certain area of Cinnabar Island so the game ends up reading some other data as encounter data (It actually ends up reading a part of memory that stores the players name) which causes things to happen that weren't expected.
+Alex Golembeski Close, but not quite. The game never reads any different part of memory, it's that the part of memory in question contains something it normally doesn't. How this works exactly is: you go to Cinnabar Island and surf across the east coast. The programmers accidentally set this strip of water as being equivalent to grass. Water routes have no specific data related to wild grass encounters, so data that was in the section of the memory related to said encounters is never overwritten when entering the route and whatever was there before stays there.
That's where the classic "talking to the old man" part comes in. Because when you're being taught how to catch Pokemon the name of the character changes from yours to the Old Man's, yours has to be temporarily saved somewhere else. Since Viridian has no grass encounters, that section of memory is where the name is being written into. Normally it would've been overwritten as soon as you enter some route with grass encounters, but because you Fly directly to C. Island which, like Viridian City, has no grass, the data (currently your name), as stated before, stays where it was.
Here's the actual Missingno./M. part. You have your name saved to the grass encounters section of the memory. Fly from Viridian to C. Island, still no grass encounters, data stays where it was. Going from island to the shore, same story, data stays where it was AND, because we're now on a grass-like tile according to game's logic, we can encounter Pokemon with in-game values corresponding to wild encounters data or, in that case, characters in our name. Problem is, our name is 7 characters at max. Random encounters section reads up to 11th and because in most cases characters after 7th (or however long your name is) are blank, we get the buffer underflow-like scenario and an encounter with M. Pokemon at level 0. The Missingno. are a bit different since they are leftover data from removed Pokemon and don't appear because of blank data being where it shouldn't, but that another story :).
i was disappointed by the lack of ACE(arbitrary code execution) in this video.
I really don't mind buffer overflow, at all. it gave me 128 master balls, so I see no issue!
And all the rare candy 😈😈 everyone on level 100
That's value underflow.
Hope you don't mind the Hall of Fame...
@@PyPylia When you encounter Missingno, the sprite decompression causes a buffer overflow and corrupts your Hall of Fame.
@@usualunusualkid7149 underflow**
that sinister smile at the end... :)
That smile at the end as it's fading to black though... Bwahahahahahahahaha
This video about Heartbleed was so much more understandable to me than the Computerphile video. From CP I just didn't gather what the whole heartbeat thing was at all, but you worked the way up there. Thank you, Tom.
While I appreciate your paranoia, I think the better question is, "How the hell did they forget to check the length of the input?" I mean, alright, sure, we all make mistakes. But it's a security library; you'd think they'd be careful to sanitize and verify all input >_< .
Yeah, unless they did, and then some malicious guy intentionally removed that check.
Binary10100 But even then, that needs to go through revision you'd reckon
I haven't read the code myself, but from what I've heard from people who have, it's daunting spaghettified mess. Or to use their words, _"after a few hours, I wanted to stab my eyes out with a fork"_.
It's equal measures human error, and equal measures horrible, convoluted code base that let's these error go unnoticed for so long.
OpenSSL is in desperate need of an audit and a re-write.
I think OpenSSL needs more support. As it is with all open source projects, they are only as strong as the number of eyes conveying the code.
The best question is: "Where's the next bug?"
MissingNo is not a buffer overflow error. The technical side of the error is that different segments of memory have different roles attached to them depending on the part of the game you're in. For example the same part in memory that stores what pokemon are in certain routes also stores trainer data in battle (well probably not but that's just an example). For example the mew glitch works, because you cheat the game into thinking you're in battle while you're not, so other segments of memory are used for different things than normal. And this is an explanation how the old man missingno glitch works: When the old man in the virdian city shows you how to catch a pokemon, you see the battle from his perspective. To do that, the game does a temporary change to your trainer data, while storing the regular trainer data in an unused space - the wild pokemon data space and it doesn't clear it from there. That would be normally no problem, as entering any region with wild pokemon will replace the data. The glitch happens, because shore in cinnabar is coded as place where you can fight wild pokemon. But the Cinnabar City itself has no wild pokemon data so it's not loaded. That means that this little part of the map will use any wild pokemon data provided in memory. Normally it's the last place you visited (neat trick for easy safari zone pokemon in R/B ) but if you have trainer data in there the game will try to make sense of it as wild pokemon data (both are stored in hexadecimals after all). This is why pokemon outside of the regular 151 show up. This is not a buffer overflow because nobody tries to put input longer than place provided for it.
Actually, The buffer overflow happens when it tries to write that you have caught that pokemon to the pokedex. Instead of it going to the pokedex, it goes to the amount of items in the 6th item slot.the "buffer" is the memory that the Pokedex occupies and the item data happens to be stored near the pokedex buffer. so there is actually a buffer overflow happening here
@@herrkatzegaming It is not the capture flag that causes the item duplication, it is the encounter flag. You can run away or beat it, and you will still receive the item duplication. And from my understanding Dawwy is indeed correct that is is not a buffer overflow; it simply writes to the wrong location in the memory, rather than sending a value that spills over into neighboring data.
Also, the Pokémon shown in this video, contrary to what the title says, is in fact not MissingNo. It is 'M, a Pokémon that shares certain traits with MissingNo, but is in fact different in many aspects.
@@kodekristian The hall of fame corruption though is caused by a buffer overflow because when it decompress the big glitched sprite, the game writes the sprite way pass the pokemon buffer
It's my understanding that MissingNo is a buffer overflow error in the pokemon generating step - it's reading pass the buffer of indicated Pokemon, because it doesn't know what to wrap around the valid space of Pokemon.
Ergo, "Missing Number", because the Pokemon doesn't have a number where it should be, and the image sprite is based on whatever it can read there, which is why sometimes the name and sprite change depending on which version you find.
Who put that bug there in the first place. Grab your pitchforks 'cause we're bringing out the ol' git blame.
That evil grin at the end...XD
01:56 Because I'm from Germany I didn't get the joke with the glitchy Image until the Bluescreen. Our Interne is so shity that this is normal.
Great video, love how you keep things simple yet are still so informative. More of this Tom!
GameDevSPS oh hi there
1:56 I totally started cursing at my internet connection.
Fucking genius :D
I panicked more than that before I realized what happened. Tom Scott (or perhaps Brady)...you are evil.
*EDIT* Okay, not Brady, this isn't Computerphile after all...
i was pissed, cause this was the first video in a time i watched using windows and for a second t thought it was going to crash. Until that bluescreen came up. We are not using XP anymore. Todays bluescreens have smileys on them
It was Tom all along!
Coming back to this 2 years later, and I still love the Cheshire Cat grin at the end.
I remember this... I remember going out in pijamas driving like crazy down to my office to check the server... update (downgrade) OpenSSL, and recheck, then I had to change all my certificates the next day. #HappyTimes
+Luis Daniel Mesa Velasquez That sounds like a fun day of doing everything you didn't want to do
We totally need more of these! :)
Wow, I loved this video. My favorite part: that grin at the very end. Was scarier than all the horror movies I've ever watched in my entire life put together.
You scared me with that fake crash! :D
OMG yeah I thought that, too! omg that was fcking scary!
Me too. I had to go back and make sure it was part of the video.
Sc2mapper117 my wi-fi was crapping out right before he did the blue screen too.
Nice job, Tom! another great video! this certainly has been an interesting day. please do make more like this, computerphile doesn't film you often enough!
5:47
That smile at the end.............
It basically means...........
“You're screwed”.😁
1:52 For nostalgic feeling. (Thanks...)
I had to make sure I wasn't on Computerphile for a second
I only noticed because of comments like yours.
Oh, wait, what? Hey, look at that, this ISN'T Computerphile. Totally didn't realize that.
This is five years old and I think taht last line will never get old.
4 years since your comment, and XZ utils makes it stand out even more.
Thank you. This has actually helped me understand what's been going in in these past few days.
Love videos like this. The more technical the better.
I was waiting for him to come back on screen and say, "it was me, i put that bug there ;)"
that smile at the end
The stressful bit is Tom waiving around an uncapped Sharpie
"If you are using a high level language like JavaScript you don't have to worry about a buffer overflow"
WebKit exploit for Nintendo Switch...
Still doesn't exist
Thanks Brady. I just updated my BIOS before watching this video and the BSOD at 1:59 almost gave me a heart attack!
You sir, just dropped my jaw with that last line. Well done.
Such a good explanation that the hardest bit to comprehend was a solitary tab on a browser window…
OMG! That ending! I love it! I need to show this to my conspiracy theory friends.
Great explanation of Buffer overflow and general exploits.
He who smelt it dealt it. Has Tom been a naughty boy?
really?
No, not really, It's a joke!
Eric Taylor i know but...
Fullyverified
Butt? I guess Tom HAS been naughty.
Eric Taylor yes yes quite right
as far as I remember, missingno wasn't a buffer exploit but a design fault temporarily storing the user's name at a location that's referenced as a pointer elsewhere, so you're not really overflowing data into RAM, but redirecting later pointer dereferencing.
Kyra Zimmer The Item Duplication when you “See” Missingno. is a buffer overflow, its setting the high order bit of the 32nd byte of something a lot smaller then 32 bytes.
5:50, that smile! :D
Very well done video!
"I'm not paranoid" just makes me think you're paranoid
Love that little grin at the end ahahaha
As always, great video and also very fast, when i was just getting up to date with Heartbleed. Thanks!
I wasn't worried at all till that devious smile at the end
Needs more missingno.
i loved the ending sentence :D and i wouldn't be surprised at all if the nsa just lost 95% of their data sources
Is it really so paranoid to think that someone did find this bug, but was smart enough to exploit it on a small scale during those 2 years?
"did someone notice it and not sat anything?"
3 years later we hear about the CIA doing just that...
oh, really?
@@absent612 it was another bug, but that NSA kept quite about for 5 years until it was leaked. Called EternalBlue and is what made the ransomware attack back in 2017 possible.
That smile is almost as terrifying as that of Cumberbatch’s Sherlock Holmes.
Very nice explanation. Your closing thoughts also made me smile - like you, I'm not that paranoid but it's an interesting thought! Many thanks.
That grin...
I got terrified by it more than by the bug...
Another winner, Tom. Thanks much.
I'm gonna go with The NSA for 200 Alex.
Eddy Proca Only shitty websites were affected (Yahoo) and frankly dont care that Homophobic cunts might be exposed (Yahoo Answers)
Andrew Boz
open ssl is used by about 66% of the internet, sure, not all will be using the problem versions, but the problem has been there for 2 years, I'm pretty sure more than yahoo were effected.
***** Using it does not make you vulnerable yet. It was only an issue for specific 1.0.1 versions.
*****
turns out that the FBI were effected hehe
+Alexander Soloviev
So.... was the NSA spying on the FBI? XDDDDD
the smile at the end. it feels like this was just one convoluted movie trailer.
that was the creepiest smile at the end of the video.. lol when he said "who put the bug there in the first place?"
Wow. Back in 8th grade I watched this video, then again in 10th grade, now again in 12th grade, and only now after 5 years experience in programming did I actually understand it fully, and now I see why that is such a massive exploit.
Hehe. Love the cheeky grin at the end, almost like you yourself know who put the bug there. Or even put it there yourself.
It was you!!! You put it there. :)
Turn of events I've just experienced, Watched video - got tinfoil hat and went on to make many a conspiracy theory.
only Tom Scott can say something really unsettling right at the end and then follow it with a adorable smile
That ending was absolutely perfect.
That smile at the end... However, this is a very good explanation, thanks, :)
xDDDDDDDDDD
It's hexadecimal and binary. They're the best. :P
This somehow reminds me of this XKCD comic, this is my favourite one :D xkcd.com/505/
Seriously though, LISP solved this buffer overflow problem a very long time ago.
still depends if you give it hardcoded more then it can handle, but then you are just doing for it
ohhhhh dude, this is a very dangerous exploit! thanks for the very clear and detailed explanation.
Did he say this bug's been in there for 2 years!?! A bug this significant? In a product used by millions of people? How is that possible?? Maybe he's not being so paranoid ...
that smile at the end confirms my suspicions.
Tom made heartblees
That's a rather chilling grin you got at the end of the clip Tom! 😂😂😂
It is a bit simple, but I didn't cringe. Well done explaining something rather complex in a way that is both understandable and still rather technically correct.
That smile is gonna haunt my dreams
Excellent explanation and very interesting, Tom. Thanks.
So, at 1:38 is that kind of overflow caused by something like while(nextChar != EOF){} or something like that? Just carelessly reading everything it's given, or is it more complicated than that?
I read somewhere that the bug was written by someone still working on new year's eve, just goes to show the dedication people have to open source software.
That last question reminded me of an incident in a south american bank where a programmer modified the code of the banks ATMs just so that with a private code he could extract any amount of money from the machine.
The exploit went unnoticed until after the employee retired - and - some ATMs were missing aertain amounts of money
now, im not a paranoid person, but that smug smile at the end...
Love that bit of trolling at the end.
When you described the "buffer underflow", it's basically a buffer overflow except that it occurs while _reading_ from memory instead of when _writing_ to it.
C programmers know the pain when you get a SIGSEGV
That very last grin in the end is going to haunt me in my dreams 😂😂
that ending felt like the beginning of a movie, i started to hallucinate an epic "DUN DUN" type intro song to a national treasure vibe movie haha
That glitch thing less than halfway through the vid is terrifying at 3 am
I really like the paranoia bit at the end.
Buffer underflow is like Yoshikage Kira: when threatened, it starts explaining its life story
Tom is non-paranoid in the most delightful way!
That last smile scared me...
Love this video like all of them, but found I learned a lot more in this one then most :D
The dreaded BSOD has returned! RUNN!!
at least its the kind of friendly version that has the press key to continue thing
Thanks Tom, well explained. How am I supposed to go to sleep now!
Not sure why, but that ending gave me a sense of impending doom.
Thank you for posting this video.
Thanks Tom für the explanation!