Pewdiepie fanboi printer, Chromecast haxxx0r retreats, says they're 'afraid of being caught'

Re: What TheHackerGiraffe has accomplished

Attackers of what, exactly? The otherwise-peaceful and generally bonhomous atmosphere of YouTube? the hardened and professional security practices of people who previously had no idea what "UP&P" even was? the sheer pristine purity of goodwill on the internet?

Pewdiepie is an arsehole, and TheHackerGiraffe is just some kid. Now hopefully a little wiser.

Re: What TheHackerGiraffe has accomplished

I'm late to the party

But in a world of Jake Pauls - https://www.youtube.com/watch?v=9wO2RIEKMSg

Think there's something quite nice about the #1 Youtuber recommending books by Japanese authors to 'the youth" - https://www.youtube.com/watch?v=pNar3Dh9zDk

Re: What TheHackerGiraffe has accomplished

> I now consider him and his fans to be actively harmful attackers.

I've considered him and his fans to be actively harmful attackers ever since he got some randos to carry cards calling for the extermination of Jews a few years ago (remember that?)

Re: What TheHackerGiraffe has accomplished

Some jail-time will sort him out.

Re: What TheHackerGiraffe has accomplished

His fanbase is pathetic, they go type hateful stuff on Tseries, honestly his channel should just be deleted, cancerous.

Hybrid

Makes sense, his actions were shellfish

Re: One wonders ...

Script kiddies are just people who want to be hackers without wanting to actually put the effort in to learning the required skills.

Re: Got it

How about go get a job instead of hacking printers to support a YouTuber, god this is pathetic

The Internet is the world.

Re: They forgot one small detail....

"Given what they did, I think they might have a valid fear."

The rumors (and they're just rumors) that I've been hearing in the security world about this is that an FBI investigation had begun after the printer hacks took place. If true, then this event is just adding more counts to any indictment.

Also, if the rumors are true, you can bet that the FBI already knows who and where these clowns are.

Huh??? Whut???

Waseem Alkurdi,

See Title ^^^

@Waseem - Unauthorized use of an IT asset

is an abuse, no matter your intention. How would you like someone to take your car for a ride just to show you the doors were unlocked and the ignition key on the front seat ? Irrespective of the law, the (only) civilized way to do it is to communicate with the owner and describe him your findings.

"I renamed the printer to "Hacked" and printed a couple pages to the same effect. [...] because I was a good guy"

But you weren't a "good guy". You were an attacker.

"But still, one of the two must be dealt away with: protection by password/security/whatever, or protection of computers by law."

I'm not following you at all. Why shouldn't there be both? Just because I can lock my house up doesn't mean there shouldn't be a law against trespassing.

Re: Dumb 'Follower' learns life lesson ....... yet again !!!???

"Pewdiepie is NOT bigger than the law and will not be sticking his neck out to 'save' idiot 'Followers'."

But it would go far to making him look like less of a horrible person if he were to publicly and loudly condemn their actions. His silence on this is deafening.

Re: Dumb 'Follower' learns life lesson ....... yet again !!!???

If you're going to stick your neck out, then selecting a moniker containing the word "giraffe" seems appropriate if you're going to make a massive target of yourself.

Re: Dumb 'Follower' learns life lesson ....... yet again !!!???

"The law is blind and does not generally care about ..... 'I was only ...' type excuses.:

IANAL and all that.

For some things the law does care quite a lot about intent. The difference between murder and manslaughter, or for the left pondians difference between murder one and murder two as an example. Same applies for consent, if you voluntarily engage in a boxing match then you punching the other chap isn't assault. Punch the same chap out of the ring and it is. Cutting someone's ripcage open then chopping out and replacing parts of their heart is GBH/attempted murder, unless it's being done by a surgeon on a patient that has agreed to the procedure (and the risks involved).

As noted in the article, the Computer Misuse Act doesn't contain an automatic exemption for intent.

But thanks to the wonder that is Common law, a judge could choose to exercise their judgement to rule that in a specific case a crime was committed, but that it was part of an action that justified the crime. The example often given is seeing a house on fire with a person trapped in it, then breaking down the door and getting them out. It's breaking and entering, but since the intent was clearly to help someone and not nick their stuff, and the person would probably have wanted you to do so, then it would be highly unlikely you'd be prosecuted.

Since open ports on home devices are probably not a matter of life and death, I wouldn't expect these guys (I'm assuming they are male...) to have sort of cover from that.

I'm not familiar enough with code Napoleon systems to say if there is an equivalent, but intent often matters a great deal legally.

Re: talk to the manufactures about default port options

I agree with this. UPNP is a security nightmare, but it does at least have some use in a LAN. While I argue that it should just be disabled, period, at the bare minimum no router should be opening a UPNP port to the internet at large. Doing so serves no purpose and opens a gaping security hole.

This is 100% the fault of the manufacturers.

Re: Mystified

It's a tradeoff between security and convenience, and people have different opinions on what level of risk is acceptable. It's also difficult to know the real level of risk without someone skilled investigating the details of a specific router model and firmware version. Without such an investigation 'turn it off' is the only safe advice. Last November's 100,000 router botmet used a bug in Broadcom's UPnP software affecting 116 router models from a range of manufacturers, so it's not just a hypothetical risk.

What UPnP on a router does is inherently a bit risky - it lets programs running inside your network ask the router to change firewall and port forwarding rules. That's fine if it's something you want (Skype Chromecast) but not so good if it's flash malware on a web page opening your computer to the internet. unfortunately UPnP can't tell the difference. To make matters worse some routers have mistakenly made this possible from outside your network as well as inside. I don't know if anyone's tested your BT one or what it's 'security' tickbox does.

Bugs in UPnP software on the router are another problem, compounded by router manufacturers being notoriously bad at releasing fixes, and router owners rarely applying the fixes when they are released. By 'bug' I mean things like allowing someone on the internet side to run whatever they want on hour router. I don't know if anyone's checked your BT router for such bugs.

Re: Mystified

"I find vociferous arguments about whether it's safe for me to leave UPnP enabled on my home network. "

Maybe I can help here -- UPNP is a serious security problem, but if you're only allowing it on your LAN and not exposing it to the internet, you're probably OK (as long as your other security measures are reasonable).

You should never be exposing it to the internet at large, though. Doing so gets you nothing and provides a wide open door to your systems.

My advice is that you just shouldn't use it. If the convenience of it is irresistible, though, then you should double-check that the UPNP port is not open to the internet.

Re: What the did is grey at best

" what you are suggesting of "just tell them instead of doing" can also be counted under a computer miss-use act"

Only if you actually intruded on their system. If you discovered the vulnerability without intruding, then you haven't violated the law. The proper thing to do is to tell them. If they ignore you, what's the problem? You did your part.

"It's more on the lines of them knocking on your door to inform you that keys been left in and you calling the cops because he is "trasspassing" in your property"

No, it's not. To go with your analogy, it's more like someone tried to open your door, found it unlocked, and came into your place to leave a note for you saying that you left your door unlocked. In other words, it's wrong and illegal, and the person who lives there is fully justified in pressing charges for trespassing.

Re: What the did is grey at best

Ah, well, setting the house on fire is more of a Mrs-use act.

Re: Youtube channel subscribers

I'm not sure if the number of subscriptions affects what google pays out. Perhaps that's a factor.

However, it's more likely that you'll notice a new upload (because google can remind you) and therefore substantially increase their viewing figures. This in turn affects their income.

So it's a way to reward your favoured channel operator, if you so wish.

Re: Youtube channel subscribers

I really don't see how "bookmarking" anything can be compared with subscribing to a YouTube channel, which results in any new video uploaded by people you subscribe to appear on a single page you can go to whenever you want to catch up with things. Trying to keep revisiting each and every channel of the several dozen I subscribe to in order to figure out whether they have any new videos I haven't seen yet borders on unfeasibly impractical compared to refreshing one single page occasionally. That's not to say I automatically watch anything that comes up, but this sure serves up anything available in a nice single-page format as a grid of thumbnails, helpfully tagging stuff I've already seen. It also lets me one-click hide anything I have already seen or have no intention of watching. There's just no comparison IMHO.