Greatest Moments in Hacking History: Samy Kamkar Takes Down Myspace
Vložit
- čas přidán 31. 05. 2016
- In this pilot episode of Greatest Moments in Hacking History, hacker Samy Kamkar talks about the time he created a worm in 2005 and accidentally took down Myspace.
WATCH NEXT:
Is Uber Killing the Yellow Taxi in New York City?: bit.ly/25xMeW4
Subscribe to MOTHERBOARD: bit.ly/Subscribe-To-MOTHERBOARD
Follow MOTHERBOARD
Facebook: / motherboardtv
Twitter: / motherboard
Tumblr: / motherboardtv
Instagram: / motherboardtv
More videos from the VICE network: www. vicevideos - Věda a technologie
Why would you animate his face when you can have the real Samy in-front of the camera
Really shitty animation aswell
Dope
To actually have content for this bullshit
For the parts they can't record.
Because Samy fell out of the ugly tree and hit every branch on the way down
me after clicking "inspect element": You know, I am something of a hacker myself
Der Fuchs lol yep
11 year olds in school: *OMG GUYS I JUST HACKED THE SCHOOL SYSTEM*
lol
Pan Lis lmaooo
I used to
Do that to get me a shit ton of coins in a game of school
Moral of the story: if you are addicted to your computer, hack a social media site, then you'll get out of the house more. :)
Guess I will have to learn hackig now. Otherwhise im gonna be stuck behind my pc forever.
or just give $100 to a friend with the following deal:
if you turn on your computer in the period of X, then your friend is gonna keep those money
but if you succeed in not turning on your computer for the X period then you will get your $100 back...
make the X period large enough that you will stop being addicted to your computer...
It won't work. It will just pull you in deeper. Well,other than leaving the house to do some IRL recon,once in a while.
k good, goin to hack facebook, never gona leave this pc :(
I just have 2 questions: Kurzgesagt: What Are You? CGP Grey: You Are Two?
About the Porsche;) what color and do you still have it?
Imagine if he went to jail:
Prison guy: So what did you do?
He: Oh I found a flaw on MySpace and made it so I would get a million friends, you?
Prison guy: Killed 20 people
**unfriended**
jail and prison are 2 different things my guy
Prison guy 🤣 man just put prisoner
@@Micah.Moeller how?
@@hannes8978 Jail is a group of cells which is less protected and for small crimes, whereas prison is a huge police station type of thing in which it is very hard to escape and very tight security, and is for people who have done way worse crimes
1. Don't use your real profile
2. Don't use your personal internet
3. Trash the computer afterwards
true lol :D
Crush it afterwards
VPN and/or Proxy. You’re welcome.
@@hunterbruyere5052 today you can trace a VPN without a problem
@@nobies2620 true, you should learn how to connect to public proxies with lots of users connected to it :)
Something exactly like this happened to Facebook as well, done by a guy named Chris Putnam. But instead of fining the guy, facebook actually hired him because of his intellect. This is the reason Facebook is in the top right now, and myspace is a graveyard of deserted profiles.
Lesson: Always value the talent and the people who show you your flaws.
But, did he release it into the wild, causing them to take it down temporarily?
@@aritrosaha1616 yes
This.
I thought Google has always offered money and a contract to anyone who can show them a backdoor into their system
@@Evergreen1400 indeed Telegram is doing so too. Fuck MySpace they were focused too much on commercialisation back then
this is bullshit, its myspace's fault that their code had a vulnerability, not his. He didnt gain anything from this he shouldn't have gotten in trouble.
So when a someone don't locks his front door you can go in his house and take all the stuff?
+Mr Nice he didn't gain anything. It's more like wandering into someone's field if they don't have a fence around it and then accidentally stepping on a couple plants
No. When someone don't lock his front door, you open it wide open, which causes a chain reaction that makes all the other doors slam against the walls the doors are mounted(like when you open a window and the nearest door slams, thanks to a change in pressure). Now, accidentally, one of your doors' door hinges are not screwed on, which makes the door fall on the floor. The floor now gets severely damaged.
You did something unethical, and should definitely pay for the damage, but you should not go to jail, as the damage on the floor was an accident.
The internet =/= a home.
+Hunter Tinsley Haha, of course. However Mr. Nice's analogy was not appropriate.
Samy is now an ethical hacker, as most hackers are. He looks for and solves vulnerabilities to keep people safe. Be like Samy.
Samy is my hero
If I were him, I'd have told Myspace about the worm immediately upon realizing its impact. At the same time, with the kind of cybersecurity negligence on Myspace' part necessary for this to even be possible, and the fact that Kamkar clearly wasn't malicious, being banned from the internet for 3 years is way excessive. IMO he absolutely shoul've gotten a fine, and maybe some civil liability for the damages, and maybe he could be banned from posting public content to the internet, but killing private use is a major social disability, especially depending on Kamkar's career.
I agree that a fine (albeit a much larger one, judging by how much he surely cost MySpace) would've been sufficient. Luckily, losing internet access in 2005 was quite a bit less major than it would be today.
yea like how is this his fault ?
He actually did do that. He wrote an anonymous email to them explaining in detail what it did and how to stop it.
curious what the charges were for Samy at that time? Hindering corporate profits?
If spreading viruses unintentionally and without malice is a crime, then why aren't they arresting kids in elementary schools whose parents sent them in sick and spread their cold to the student next to them?
from the sounds of it he didn't do it maliciously but it was careless/reckless since he was smart enough to write that himself in the first place. it's not like he was a telemarketer who got through to the pentagon because he dialed a random computer generated phone number.
+CajunCoding I agree, but we never see an independent citizen who was hacked get the response a corporation does under the same circumstances. If my bank account gets hacked, there is no federal case.
For real, he didn't even cost them anything. They could probably undo it within ~30 minutes of noticing it and fix the exploit in a day or two.
From what I've read the feds saw him as a possible threat to national security because of how fast it spread. They used the patriot act to get a warrant. Total bullshit
+TehOktro exactly.
Wait.. how do you buy a porsche at 19?
Rich family would be my guess.
He founded a software company at 16 that raised over 64 million in private funding.
oh my fucking god
If only i could code..
If only the internet could teach you how to code, but alas...
I suppose it could. Although me being uninterested about it doesn't really help....
The animation makes me uncomfortable the way his mouth moves
his shoulder :c
Dudley look up “toast boy.”
Thats how my gf pussy moves
shisir pathak r/nobodyasked
@@shishirpathak2123 hahahahaahahaha
Just because you had more friends than them
hehe I was going to bring them doughnuts like sorry guys
He should have, it's not a big deal. Maybe they wouldn't have gotten butthurt if he had.
and maybe gave him a job as security checker
+Davis Odom think about what a big company like myspace makes a day. when somebody is to blame for the loss of money they obviously will let him pay.
Ninten Nol But.....I ate the donuts before I got to MySpace headquarters!😎
l didnt do anything wrong and has for my space on every body computer in search bar
It's absolutely absurd how you were treated.
3 years of his life disconnected from the internet. And during his years of transition from a teenager to an adult with proper goals. This guy could have contributed significantly to the progress of technology (programming-wise), much more than he already has, considering how smart he was. How in hell can he be okay with what he was put through? The potential for his mental growth was blocked completely for 3 years.
I'm glad that MySpace became the wreck that it is. Pieces of shit
@@Ripcode2233891 "The potential for his mental growth was blocked completely for 3 years." I agree. However, people should also learn communication skills. If you can make an excellent program that'll solve big problems, but you can't communicate it, what's the point? In my opinion, him having 3 years to gain better (or even learn as he said he was stuck to the computer) social skills with others.
World's richest people do not have very good social skills. If they're smart enough they'll get it done, find other ways, etc. communication isn't this fundamental thing for success.
You see. The punishment being excesive is done like that to state a model. Don't mess with stuff online or you'll be heavily punished.
That's a way to keep other folks away from doing such things.
Pls make this a series. Great video.
ya
YAYA
Ya
@@eatadick5647 ya
Y-You know those times where you just get bored and managed to take down Myspace with a makeshift worm and the FBI puts you on probation for 3 years and you never touch a computer for like a year after probation? I love those times.
Fuck that, it was myspace fault for having such a huge exploit on their website, its not his fault for noticing and using it. infact without him it never would have been discovered and if it did it could have been really malicious. he should be paid for finding the exploit not having to go to probation and paying $20,000
Probably true if he didn't use the exploit and report as soon as he find out. But he brought myspace down so it's a no-no.
It's not as huge as you might think. It comes from a slight syntax error that isn't detected to be a problem by the compiler. If he had written harmless code to find the bug and reported it to myspace he probably wouldn't have faced charges. However, we knowingly wrote a virus. A virus that myspace had to shutdown the website for a time to remove it, causing them to lose money.
@Valesto93 theft is theft, but without those hackers you will continue to have weakness in your system.
I remember seeing the stories about they guy with a million friends, didn't know this was how it went down lol
Good stuff! Would love to see this as a series! :-)
They diluted a genius, it’s sad.
Dude, look Samy up. He's not suffering.
a simple xss worm isn't exactly genius
@@inx1819 Back then it was I guess.
Spent five minutes trying to find more episodes, realized this was a pilot. I would watch all of these.
Great story there :) loved how casual it was told.
Exactly what law was broken tho
I mean he did kinda shut down the entire server, which caused their service to shut down, ultimatlely losing several users and potential profit. He kinda did do them a favor by finding it, and I dont think any penalty like that is deserved. But theres a point to everything. Also its been a year :)
Unauthorized access to computer (myspace server)
@@micahrogers7536 He didn't access their server
@@wifinesesi dude thats literally like saying if u invade a country its the country's fault for getting invaded because they're military wasnt good and were exploited?
what a stupid comment ..... "what law was broken tho" ... srsly ?
Great pilot! This should become a keeper! Great job and idea!
The only ridiculous part about this story is buying the porsche boxster as a 19 y/o.
Alessandro Carcione fr like he must have some rich parents or made some real money,probably some rich parents.
He started a software company at 16 that got over 40 million in private funding.
@@SoFxEquinox WTF . That story' that muat be tell not thiss one
@@memesfromdeepspace1075 yeah bro 😂
You can buy a used porsche boxster at like $8000
This was the best story, I have heard in a long time. thank you
this is what happenes when you show a corparation a security flaw, instead of hiring you or giving you a reward for finding it and showing it to them so they can patch it before its exploited, they sue you and send you to prison. And then they complain that "cyber attacks" are rampant. no shit you scare everyone off from not only helping you but just exploiting it instead. Then its even harder to get into the feild of security analisis because of fear of arrest for trying to learn
some companies pay people to find security flaws in their websites.
others try to send you to prison for finding their mistake. then when they loose personal information of its users "its not our fault!"
he didn't disclose it to them, he was like "oh yeah, lets release this worm into the wild! idk what it'll do, but oh well!". if he properly disclosed, he'd most likely gain a reward.
It's like how Kim Jong Il executed any scientists who failed missile tests.
but Kim Kong Un didn't and simply celebrated getting closer to their goal.
Who ended up as a better leader?
But...he didn't show them. He just exploited the fla flaw. That's the difference in a white hat hacker vs a black hat (or grey hat).
That's cause people who find such security flaws are not 'helping' in any way. They're often trying to scam someone or getting advantage off someone.
In cases like this where there were no obvious malicious intentions, they still manage to make companies lose a lot of money while the services are down. Of course they're angry.
But hackers NEVER are like: "Hey, company, I was seeing your code and noticed there is a flaw that can be exploited. I'm open to discuss some terms to tell you how to fix it." THAT would be a different story.
2:55 I think I know where this is going
Can I get a 1,000,000 subs without any videos ? Underrated comment lmao
Oh no
😂😂😂
Lol what a trip. MySpace just sent me an email notifying me that a Russian hacker just stole a ton of information from users who made profiles prior to 2013. This video couldn't be uploaded at a better time.
love it. keep the series going!
Great story and vid ! Look forward to the next one !
The guy is a a good/fun storyteller too...which helps ! :)
That was really interesting, would love to see more. :)
for your own good I hope the uploader never wastes another minute of your life, or mine for that matter
man this was nice story, kept enterrtained throughout. good one peepz
this was AWESOME!
I would love to see more episodes like this!
This guy is a fucking genius, I love this story.
My runescape account got hacked back in 2008 that felt so bad, it should definitely be on the number 1# spot of hacks all time.
can't find a mass attack on runescape back in 2008. was it just you?
Definitely best one of the pilot week
Loved the animations!
What the fuck. What 19 year old has the money to drop on a Porsche in the middle of a recession and still has 20 grand to dump on a plea bargain?? I feel like the real moral of the story is when you're rich, you can get away with anything.
He didn't get away with it. In fact, he was punished with extreme prejudice.
A very smart one
Porsche Boxter is a cheap car, it's known as the crappy lowest level porsche. You're better off with a Honda. But he is successful, so that means he's good at saving money instead of buying a really expensive car.
he started his own software company at the age of 18 or after his 3 year of punishment?
That's so shitty, You were punished because the security system of myspace was shit? they should have paid you because you found out. Really really unfair.
You're an idiot.
And you're not? lol
PlatinumFlyTrap You have solid arguments...
There needs to be more in this series!
This is a really cool story, thanks for sharing.
2:08 Correct me if I'm wrong, but I don't think Myspace had in 2005.
NEW NEWS HEADLINE! "After posting new video on youtube. My space hacker shuts youtube down!"
L
L
L
XSS? This guy is a legend, imagine a bunch of professional developers on number 1 site embarrassed by a 19 year old... That kid should get an award, not a punishment
Awesome story, SUBSCRIBED!
I like how this guy is smart enough to create a worm and infect a million people on myspace, but not create a fake profile and use a proxy. He could have easily gotten away with this if he wanted too. Plus if he had just emailed myspace after about the exploit they should have paid him 20,000 for bringing it to their attention.
J It's because he didn't mean to fuck up their website, he was just playing around. And a simple proxy won't save you from the government.
this was fantastic! guess he should've brought the donuts and coffee
Best one so far
Loved it! More!
Back in those days I was one of the few people hacking social networking sites on that level. Hard to believe nowadays with so many people learning how to hack for very legitimate reasons. I had the same hack (executed slightly differently but with the same results) that Samy used. And it's actually not nearly as well known, but in november 2003, 2 years prior to Samy's hack, a similar worm ran through myspace named the lupidvirus, which is where I (and likely Samy) got the initial idea for such a hack. I remember brainstorming, trying to think about how it could best be used. I was never a malicious hacker, I never agreed with those people that would deface websites just because they got access, to me even as a kid that seemed childish and pointless. I played with websites at the time as a sort of puzzle brain-teaser type game, to see if I could outsmart those people making crazy amounts of money. Here I was, a kid who didn't even have to file taxes some years because I didn't make more than the $8000 minimum income limit, and I knew more about security than the guys making over $100,000 and running multi-million dollar websites. Needless to say, I ultimately never used the exploit I mentioned earlier, Samy beat me to it, and I saw how much attention he got for it. I've since mentioned this to him and anytime I see him remind him that drinks are always on me for that life lesson he taught.
That would make a good update for your blog
*searches up lupidvirus*
*nothing proper appears*
hmm
so in summary, an authoritarian police state used intimidation tactics to impose a plea bargain on a hapless hacker who merely increased a friend count on a public profile, leaving him emotionally unable to continue to explore the internet and finally drinking his feelings away at a local dive bar with some "friends". Hah! nice try NSA!
Bingo
that's retarded, it wasn't just a harmless bug... the virus could have crashed the whole server. it was growing expenemsially so in another day everyone would have been infected, and if he had the virus steal info he would have had a million+ people's info he could have sold.
sounds like the websites fault not his. ya know before the gov went big brother companies used to pay for this kind of testing now they get away with anything. according to you and a few others allsups gas station should go to jail for the skimmers put on their gas pumps.
endritiger you should send an application to the NSA
endritiger also, it was a joke..
Please make more of these
MAKE MOAR OF THIS!
new episode from Samy :-)
cool story, but I think he should've told Myspace the error in their code but hey whatever
This is great. More.
More please! I love it :)
i would've been the guy who went over to myspace headquarters with doughnuts.
I'm sorry i can't stop laughing at that drawing of a keyboard in the beginning
wow, the title is really reflecting exactly what happened. A GREAT STORY GUYS!!
More of this series!
Oh, FFS. I hadn't ever connected that the hardware hacking guy was also the Myspace worm guy.
He was only 19 years old and was able to buy himself a Porsche Boxster?
The Mad Mick Boxter is the cheapest porsche
@@aronkovacs1386 at 19 u can't even buy a Lada
Box of shit
@@Esteban-ss6wq You could buy lada for 300€ easily
This one is pure gold 💕
More like this please
Moral of the story: this is how they kill dreams and stifle dissent. Put him on a time out and changed him forever. "controlling people"
Mom: "Go make some friends"
Me:
I love those KRK monitors in the background :)
This story was amazing !
They drew him to look like Jared...
Dom B 😅😅😅
Soo..I opened my laptop and registered an account on this new site called facebook...and started playing around ;)
Still to this day this is one of the best created videos on youtube
The animations are fantastic lol
I like the animation.
Ok now I just need to take down facebook and I wil be free from that curse
Please.
please do
hit buzzfeed
yes that should be top priority
@@mika2666 *FACEBOOK IS NUMBER ONE PRIORITY*
This video is really good. and you are the men! enyoj :)
Whow. Really good stuff guyz.
Man he is so stoned in this Interview lol
It's funny how he accidentally fucks the whole thing up
*blows world up* uh oh great now how am I going to solve this *deletes MySpace account* "your account will be deleted in 24 hours" FFFFFUUUUUUUUUU!!!
Literally: you nailed it.
I love stories like this.
Like woopsie daisy
I expected FBI bust down his door in the middle of the night
The Mac startup sound took me back
I want to see more stuffs like thisss
GOING TO THE CAR...
FBI OPEN UP!
he would have had 6 months to destroy all his electronic evidence
make this a series
They are presenting this like it's the most interesting thing you will hear about today. It's the most boring thing I have heard all week.
wait, do you see two big guys around your car, you think you're probably getting carjacked...and your response is to walk up to them? lol, why?
looks like those guys are gonna rob me and possibly commit assault...I better go get close to them lol.
Thats only the animation.
@@NicolasTsagarides That's what he described, as well.
2:09 when your going onto Roblox and that pops up
You: NANI?!?!?!?
When you said "oh no" I literally said oh no as well in unison. LOL
Beautiful story ,😯😍
Samy is my hero!
Lmao
I wonder how much the story would differ if he just told Myspace about the exploit.
It would differ 100%. He wouldn't be in trouble, at the least. MySpace *probably* would have fixed the vulnerability. This guy would be working in cybersecurity now.
@@TravisTerrell he is working in Cybersecurity.
More Please
I watched this like 10000 times and still exciting