He hacked into North Korea and stole their operating system. He hacked into Microsoft and stole 43,000 confidential files. He hacked into Vtech and compromised 6 million accounts. He then hacked into Nintendo and caused the biggest leak in Nintendos history
….All before the age of 24.
Today we are talking about the hacker Slipstream.
_________________
This video isn’t meant to slander North Korea, Vtech, Slipstream, Microsoft or Nintendo. All of this information I found available through interviews and articles online.
(I'm trying to use Patreon funds to hire editor on the team so i can put more QUALITY videos out!)
Give your Support on Patreon!
Patreon - / vincevintage
If you enjoyed the video message me on Twitter!
Twitter- / _vincevintage
If you liked what you saw, donate here!
Donate via Venmo- venmo.com/u/vinceVintage
Have an idea? Want to do some business things together? Email me.
email- vincevintageYT@gmail.com
@SomeOrdinaryGamers video on Red Star OS
• RED STAR OS!?! - Virus...
Mental Outlaw’s video on RedStar Os
• Redstar OS Installatio...
Sources
Vtech FAQ
www.vtech.com/en/press_releas...
Verge
www.theverge.com/2019/3/28/18...
BBC
www.bbc.com/news/technology-4...
Troy Hunt
www.troyhunt.com/when-childre...
Vice
www.vice.com/en/article/xygg9...
ArsTechnica
arstechnica.com/information-t...
Wired
www.wired.co.uk/article/vtech...
Small correction, a Flash login form is not especially vulnerable to SQL injections. Nothing client-side can help you against those, not Flash, not an HTML form, not JavaScript, reason being that you can't actually control what runs on the clients in any meaningful way. The server the form sends its data to must handle all user input with special care, usually with prepared statements or input filtering.
exactly this. I didn't see your comment so I wrote my own little rant about the false statements in the intro.
I was just thinking the same. SQL injection has nothing to do with the login method used and if it has, you're doing it wrongly since the beginning.
This is why sanitizing inputs is so important for webforms that use any type of database.
I was thinking this whilst watching, honestly hearing stories of these big organizations or even governments not sanitizing their input is ridiculous, it's literally one of the easiest attacks you can do and it's ridiculous it still happens
yeah it's like the client web app sends malformed data with the REST API. It's like...so? That should be expected as a possibility. Flash and the web browser are both the client. You don't just trust the client.
So you're telling me this guy is responsible for hacking one of the biggest children's companies in the world, the hacking of Microsoft, the nintendo gigaleak and the only version we have of North Korea's operating system? That's a hell of a track record...
And he is still on his 20's
And he's in his early 20's
Young people do better at this, you need to have huge amount of time and do lot of trial and error to get some way into the servers, and it does involve certain amount of creativity too. In contrast, very few young people do well in realm of hacking intricate computer architectures, since that calls for lot more technical aspects, which only few young people ger around, if any does at all
@@zaytaz9331 dude's autistic so most likely he's a savant
That man is an inspiration
The fact that the hacker who started this entire story is ALSO the hacker who dumped the historic Nintendo Gigaleak is the biggest plot twist of all time holy shit
That hacker must've had a good gaming chair to do that
@@AgIsANoob gaming socks & gaming underwear
@@Vyclops he definitely had the programmer socks
Proceeds to hack north Korea
man has gaming gloves and gaming mask
If I was a multimillion dollar company, I'd hire this guy for security reasons. He's seriously amazing at what he's done, huge props for the vtech thing too
They *do*. MalwareBytes Labs does analyses on security breaches for companies.
If I was the CCP, I'd use Vtech as a front for getting information on Americans through their children. It's sinister
He could be eventually. Some cybercriminals have been hired by large firms due to their experience.
And then he would hack your entire database for shits and giggles
@@Dumb_KilljoyI know the best money counterfeiter was hired by the U.S government to catch counterfeit bills
someone needs to hire him 😭 my jaw dropped when you said he hacked into north korea
I'm crying laughing at that
Difficult to comprehend the damage Slipstream could have caused if he had malicious intent.
Exactly my thoughts
I never heard of Vtech before. But the CEO is dumb. The problem with this world, intelligent people are full of doubts, while stupid ones are full of confidence.
@@fynkozari9271 V-Tech are basically the people behind Leapfrog which were the most popular K-5th US assisted reading tools. Basically books that had speakers where if you touched the page in certain spots would read out the pages, which included a bunch of little games. Once computers were easy to manufacture, V-Tech then started branching out into using full on low quality tablets with a standard Linux based OS. From what I understand, they basically just used and modified Android OS kernels just like Amazon did with the Kindle series. Basically they had a great learning platform and then over engineered it and middle class parents ate that shit up in the US.
Exactly, its not that bad, dude did more good than harm tbh damn greyhats
A massive difference between white hats and black hats but sure governments, treat them all the same.
Giving young children a device that connects them to the internet, while most of the adults around them don't even know what a phishing attempt is? No way this could go wrong.
Ah yes let’s give children a thing that responsible adults don’t check or understand
@Heidinfinite " "
I just can't understand why they thought collecting the data was a good idea.
Right its SUCH A GREAT IDEA
This has been happening before the internet was thrown into their hands, just differently packaged through school assignments, surveys and questionares. Also being socially engineered and indoctrinated by sandbox framing or other words secret concentration camps by corporations... It's a big slap to the face if free will and freedom of thought were living things and were in fact not being infringed and violated by generations before us. (Classical violation of private conscience begins from the beginning of all things.) It's questioning and researching through observation and empirical data that you realize everything taught isn't necessarily true and many times contains embedded commands and I statements that programs individuals to believe they are not what they are but rather what operators / the hidden enemy working against them want them to believe so over time they become unrecognizable to even themselves.) The enemy is lurking everywhere, could be right in front of us and never know it. Science is the enemy. The Bible holds so many algorithms and scientific evidence that can be proven by many great thinkers and artists before us.
You know you're security protocols are broken when even the 21-year-old hacker is like "This is like all kinds of fucked, I should probably tell someone about this."
As an autistic 25 year old not familiar with coding, i am both offended by and proud of this man. Keep it up slipstream!
The fact that VTech is still making camera-based kids toys is wild. Like I'm not surprised since it happened a while ago but still, that seems like SUCH a risky move 😂
2 dodge
Ikr
I used to have one 💀😭
They just hid the important files within more files labeled something inconspicuous.
The more fucked up thing is vtech, to my recollection, has a history of being hacked
Remember, when companies do these illegal acts it's a civil crime; however, when you do it, it's criminal. Double standards are fun kids
Like how it's illegal to expose the illegal things your government is doing
Attach an LLC to your name. Make some money then incorporate the bloodline. You're welcome. Also look into the rights of private clubs. Secret societies are a thing for a reason.
I’m going to become a company and eat a plane on the runway.
It is?! I never knew that. But, what's the difference
Who is a really simple exclamation why hackers want to see kids faces Hackers who do this are a paedophile
It's kind of insane that there isn't a law around how people's data is stored, the fact they're allowed to root around in our data is even more insane, imagine walking into a shop and they grab all your belonging and then list down all your information. That's literally what happens each time you load up a website.
There is
@@SioxerNikita there's not really though, you have targeted ads meaning they store tons and tons of data on you and share it across other sites. Shops don't write down what I have in my pockets and about receipts from other stores I may have on me, then share that info with other stores and give a picture of me from their cctv so they can identify me. I also don't have someone pushing products in my face as I enter the store, I browse and buy what I want to buy. The law is very light on what data they can actually store, it protects kids more but that's why they want minors to lie or lock them out of the full use of the websites.
@@TheCutiePatrol Well, there is laws on how to store data... You can get criminally prosecuted for not storing the data proper. Also, so you even have an idea what the customer cards, store memberships, etc. are for? It is to store your specific data to see individual people's spending habits at their store...
@@TheCutiePatrol Also you didn't write what is stored, you wrote how is stored
@@SioxerNikita bet you're proud of yourself lol
i just found out about this channel this week, simply stumbled upon one vid and kinda went thru a rabbit hole w your content. ngl youre an amazing storyteller o: your content is very compelling
It always drives me nuts when they "crack down" on hackers that find issues like this, especially when they make it apparent they have morals. They should be hired.
this.. the company should applaud them for finding said breach and reporting it.. most people would have sold it for a profit
The problem is that you can't prove they never sold anything or hid more files somewhere else no matter how ''morally correct'' they seem.
@@timovandenheuvel9502 you can't prove that of anyone.
@@SuperDuckyWho Yes, so until we have way to prove it they are cracking down on them as it is an illegal act.
@@SuperDuckyWho You cannot prove they didnt lol. Tf kind of logic
Slipstream should be hired by some of the biggest firms. Like holy sh*t.
He was at Malwarebytes and committed multiple federal crimes. No company is willing to lose it all because one employee thought it would funny to commit federal crimes. Maybe the government would hire him for Cyberwarfare.
He seems more like a liability.
@@BiigiieCheeese lmao look up Kevin mitnick and that alone should instantly prove you wrong on this point
@@BiigiieCheeese also look up defcon or any of the other hacking conventions, people are very public with some of the shit they've done, or even revealed major exploits at them Im not an expert on the hacking community, but I'm confident he won't have any issues with employment
If he’s working for the government, we wouldn’t know
Just discovered this channel and it’s an instant sub. Love the editing style
Finally, an actual content creator!!! Just subbed man!
Slipstream was genuinely just a curious guy. It's terrifying to think that if someone with malicious intent gained his skill and knowledge, they may have caused a lot of damage.
Pretty much anyone who goes to school for cyber security could decide to ruin anyone's life in an instant. It's something you need to be very responsible with lol I've heard tell of people who will gain remote access to a targets phone and computers, and implant CP onto them. Then alert the police, provide them enough evidence to get a warrant, and boom your life is over
@@GlorifiedGremlin holy fuck
@@GlorifiedGremlin What? I need to know more about this, this sounds horrifying.
I'm trying to google this incident but can't find anything.
Where is your pfp from? i see a lot of people using it and i wanna know the origin
12:52 bro wanted to check if he still had it in him 😭😭
What an absolute genius Slipstream is! So impressive! Great video, thanks a lot for putting this together.
Slipstream doesn’t seem malicious. He should be hired to test the encryption and privacy or certain companies
he works for malwarebytes lol
He put malware in Microsoft’s servers💀
I’m surprised he wasn’t assassinated after hacking into North Korea
@@canofbeans7631 Good thing 👍 That shows that Microsoft has bad security
@@canofbeans7631 thats what these kinds of hackers do though. it's basically telling them "hey, you have a problem. im gonna put a virus here to show you that you need to fix it." if anything, it's a good thing. people aren't gonna fix anything until something breaks.
That Nintendo hack confirmed that “L is real” in SM64
Hey its that one guy who does that one thing on the internet. Cool!
@@Charlie-hv3dh CONNOR6SUS
Hey, that comment wasn't spooky
Wahoo
It confirmed "L is real 2401"... 24 years and 1 month after Mario 64 was released in Japan.
Man? I am so mad I just found your content. I love it so much. Thank you!!
This is crazy, love this channel.
This is the most chaotic good person I've ever heard of. I think he is pretty much a cyber Robin Hood. He steals data from the mega companies either to give fans access to things the company didn't want them to (like the Gigaleak), or leaks things to the media to try and get awareness of how messed up these companies are. It makes sense it's illegal but I wish there was a way he could go about this without getting arrested.
I think that it shouldn't be illegal, a special case should me made for cases like these, where as long as they themselves don't leak to the public the personal data and inform the authorities they are exonerated from the crimes required to do it, and not only that they get a medal and a cash price. This would incentivice individuals to hack non malicously to get the medals for their resumee or the cash if they are bad on cash and at the same time it would incentivice companies to invest more in security to avoid legal problems and PR blows
@@diablo.the.cheater I agree this. I think I'm more so talking about copying the data to yourself instead of just finding out you can copy the data and reporting it in which case that should be legal. When he took the Vtech data he could have very easily made multiple copies and sold them off anywhere and it wouldn't be traceable so having that information on a civilian third party computer is quite dangerous itself. This solution is messier though because than you don't have the evidence about the leak and the police most likely won't have hackers who can retrace your steps.
Making being a whistleblower not suck is a nice start, but neither corporations or the government want or will allow such accountability
Chaotic good is whistle-blower energy
That's actually just a classical whitehat hacker leaning to gray. Which probably all are chaotic good, though.
Most insane thing about this story is that a Motherboard reporter had journalistic integrity.
Lol
not even really journalistic integrity, more like covering his ass. If he had published an article claiming a data breach of a massive company like that without proper confirmation he could be sued into the ground.
What's the reputation of Motherboard?
@@WonderfulBoness whatever vices reputation is. Not good....
@@samholdsworth420 oh lol
he hacked into a country. How has he not been hired as head of security somewhere
Now that started slowly but when it took a dark turn then it just escalated so quickly...
The first line of defence of protecting user data is not storing it in the first place. All the huge companies seem to forget that part.
Dumb comment
How are they gonna sell it under the table if they delete it
Sometimes it can't really be helped though. (Stuff like medical history and bank and police records for example, for those companies that work with that kind of data.)
i know why they collect it, but why is it so damn hard for companies to just... not have the sensitive info of their customers stored... it would create a LOT less headache for the company AND the consumer...
@@SomeOrdinaryJanitor mony
craziest part is if he sold all of the data he would've never gotten in trouble. He became a criminal after being punished for doing the right thing. We need international powerful whistleblower laws.
He saw it could get hacked easily followed through stole data
Didn’t do anything but still took data
@@uknown1546 No Vtech stole the information in the first place. This information did not belong to Vtech, it wasn't theirs. They should have been held accountable, not the hacker who exposed them. That mentality is just fucked up!
Well, I mean he did get off with a warning the first time, which is hardly being punished.
@@Yourebeautyfull I think he did the right thing morally to start. Often though morales and the law dont see eye to eye. Thats like saying someone whos caught in the act of robbing a drug dealer wouldn't or shouldn't get in trouble too, cause the drug dealer was selling drugs illegally. What he did was against the law, he knew it when he did it. At the end of the day he did steal personal data, doesnt matter if they should not have had it.
Bro went from 1 to 100 from hacking companies to entire countries
Love your editing style
A hacker better than that guy 4chan
Haha first 😎😎😎😎😎😎😎
Now I’m going to get pinged every time someone replies to the comment
@@creeperdash2967 haha second 😎😎😎😎😎😎😎
Replying so the guy who said first gets pinged
@@creeperdash2967 sup
Dude he's not a criminal he's a valuable asset. I bet the government really wants him to work for them
The fact that he only got slap on the wrist prove that he's already did
uh doubt it
@@SpanishArmadaProd he hacked multiple giant companies and didn't do anything malicious (for the most part) Who the heck wouldn't hire him?
@@SpanishArmadaProd every country would want him in their arsenal,even north korea knows his value
@@thalassaer4137 North Korea ESPECIALLY knows his value. XD
Love your channel bro, from a new subscriber.
New to your channel. Very entertaining. Cheers ❤
"why would someone want pictures of children?" Given her line of work and the types of people that she has probably covered for, she knows damn well what the answer to her own question is.
She asked it so that the answer would said on air. That happens all the time.
You ask even obvious questions so that the answer will be given. She may know, everyone watching may know, but it gives like a reminder people like that exist that do want kid photos. It's like a "People want your kid's photos and this company made it easy for them to gain access to it!"
I may be dumb, but why DID she need them?
@@colepalmer4744 Perverts want them.
@@colepalmer4744 she needed the answer to be said publicly so it builds awareness of child-watching creeps (p3dos possibly)
The "hacker" SlipStream is actually the hero of this story. His curiosity and his general well being has made this huge security flaw to the public. Instead of being prosecuted, he should be given rewards.
Yea that’s true
yeah but why continue hacking?
@@lampy1801 your honor, he's based
@@fel524 never said he wasnt, i respect him because he never had any bad intentions in the first place and hes a genius (or they were just so fckin easy to hack)
@@lampy1801 There is a fine line between brilliance and madness and it often overlaps.
I love coming back to this video, the glimpse of slipstream's lore at the end is just way too interesting
Bro I was already subscribed what the heck. I didn’t even know because I wasn’t getting your vids in my algo. Well now I know
Slipstream is a genius. He just needs to be more careful, as it seems that they always tracked him down.
Maybe he let them
Honestly he should be hired by these big multies. They should beg him to hack them so they can avoid the embarasemt later.
Tbh he probably done like he did with vtech and tell them “yo get better security”
he was being the good guy imo.
@@galacsinhajto I think you trust multies too much.
SlipStream shouldn't have even gotten a warning. They should have given him a reward for finding this and not exploiting the data. Good people like that shouldn't be punished. Edit: I don't usually do edits but goddamn I feel like my comment has become a general discussion war. I'm still getting notifications lmao
true, he could have easily sold that data but he didnt and just made everyone aware that the security is poor
I mean if you broke into a bank to prove how easy it was to break into a bank, you'd still be breaking in even if you didn't take anything. I agree with this statement but also Slip did basically trespass and go somewhere he wasn't supposed to, even if it was for good
@@TarigonTetradactyl correct. But he didn't just break in and didn't do something. He warned the owners of the bank giving them the chance to improve their security. Had he not warned them, he wouldn't have been warned. He gave them the warning and basically told them they should upgrade their security here and there.
@@NeeNiekVG He was lucky that he got a warning and not a sentencing for hacking into all the data stores of a 2 billion dollar company
@@Marshall1q. they were lucky they didn't get their asses sued by billions of angry moms noticing their child's faces were just so insecured like that
So glad this video is back
I know I’ve seen you before your voice was super familiar watched the Eddie lotto fraud guy first now this I’m definitely subin and fixing to fall asleep binge watching these the lotto story had me hooked in
Damn. Didnt know the nintendo and microsoft gigaleak was by the same guy. Mad props to him. As far as im concerned, this guy did an amazing service to the world by publicly archiving history of some of the biggest and most important companies in the world who'd be glad to let old stuff rot away and die without seeing the light. Any archival of man's creation is important and a global good imo so i have nothing but praises for him.
Absolutely all of this
Did he leak people's personal data? Cause that's not good. Discretely disclosing major security flaws of big companies to authorities, said companies and responsible journalists: good. Publicizing people's private information: bad.
I always wondered how the fuck redstar os was publicly available, this man is such a big chad
@@ReddoFreddo If you noticed in the video, he refused to leak anyone's private data. He exposed V-tech without releasing any of it to the public, only giving some of it to a professional in data security as proof that it was real.
We are entitled to this content. We deserve it. The fact that these companies considered it "their" property, and tried to keep it from us, just shows that they had it coming.
Instead of arresting this guy, someone should hire him. This is raw talent that could be a very valuable asset to any IT company. Friggin Google, for instance.
It was said in the video that he already works for MalwareBytes as a researcher and yet I see so many people saying "lol someone should hire him". Someone already did lmao.
@@zephyfoxy lmao, the only step up would be working for governments.
@@ThatGuy-kz3fx my guy he hacked into north korea wtf u mean "not that impressive" lets see you try to do that
@@fuyumi4309 not the only time North Korea has been "hacked" the entire country was once hit offline for a long period of time from a group of people. Lizard squad I think back in the day. But still slipstream is pretty impressive
@@SomeOrdinaryJanitor that is a step down. Working as a researcher in the private sector, you can hack kids toys for LOLs, get contracted to work on serious industrie products... lots of things to do. No limits, little red tape, as long as you not reapitadly step on the wrong foot. You can even earn goverment and military contracts if you really try. Goverment? Red tape every where. "this is system is safe - no body has hacked it - no you are not allowed to try" "no, you can not publish that - as goverment employee, your always represent the goverment" "no, you can not use unapproved software, that would be unsafe" "we recently upgraded our system - it still runs code written in the 1960s on 2010 era hardware"
I had known Wack0 as a humble but very knowledgeable member of a pokemon glitching forum in my youth... only knew about how "in"famous he was when the gigaleak happened and the glitching community was sent into scrambles. We thought it was just Spaceworld 97, then other Pokemon leaks, but soon enough it was everything Nintendo. I was only aware of his responsibility behind the gigaleaks even then, I had no idea he had such a storied history. I didn't even know he went by Slipstream until you mentioned he was behind the gigaleaks. Then everything came together. It's very very wild to have passed by so closely to him. I feel like I brushed with a famous celebrity in their youth lol
This dude is a legend, savage as hell. Great story man thank you. Hope all is well with you and yours and your trails lately with the crazily obsessive "fan". Stay safe and well man.
Slipstream has got to be the most based man I've seen on the entire internet. I love this guy. When he hacks a database that's sensitive to innocent people, he tries to break the story, but when he's hacking companies, he just goes wild with it.
EXACTLY
YES XDD
He is just a hell of a awesome guy.
@@desirelabelle2199 cringe asf
@@yazzy3177 you look like an ego filled white nationalist. You don’t know the meaning of that symbol you’re using as a pfp. Be quiet scrub, and go learn C++
I believe slipstream 100% is that hacker from the movies who just casually hacks into the aecurity data of a base opening all the doors and locking the cameras by just pressing random buttons
That would be hilarious!
I think you're talking about Samy Kamkar, that's the one who randomly whistles into toy radio to open garage doors.
Slipstream: this is very simple hacking a baby could do it! *literally hacks north korea*
*press space 3 times* I'm in the OS
*I'm hacking into the mainframe, and I'm disabling their algorithms* *I'M IN*
If it can be destroyed by the truth, it deserves to be destroyed.
Fun fact: right now (October-November 2023) this video has 6.4 million views.
he's like the batman of the internet. he exposed a children's company for vulnerabilities, leaked info from both Microsoft and Nintendo, and stole the only OS from north korea and published it. a true anti-hero
not what an anti hero is but ok
Anti-villain would be a better term!!
This has happened to me when I was little somehow I literally heard talking from it
it's all vrtech fault and the fact that there has been no justice for the six million children getting they privte information is truly disguesting
Slipstream: whats the most ridiculous thing I can do with my skills North Korea: exists Slipstream: *p e r f e c t*
He went from "Malwarebytes is such a cushy job" to "COME ON BOYS I GOT THE OPERATING SYSTEM OF FUCKING NORTH KOREA"
Lol
frl lmaooo bro he's the goat 🐐
he's a man of focus, commitment, and sheer fucking will!
oh god that dude
@@aparanoidbw ... with a FOOKING PENCIL!!! ✏
Slipstream should become a CEH (Certified Ethical Hacker), because there’s a lot of people who want to hire people like that, and you can make actually really good money depending on your skill. He might even make more money than his other good job.
With his expertise he totally should go into pentesting
@@HappyBeezerStudios Yeah, some CEH’s do pentesting for companies, one of the many jobs CEH’s can do.
he worked for Malwarebyte (antivirus software)
I -can't- believe that these companies didn't already have someone like that on the payroll.
THIS DUDE HACKED AN ENTIRE COUNTRY
Slipstream really be doing the biggest side quests in life
Slipstream should be credited for finding this out and being a hero for his curiosity
Oh, THIS IS THE GUY WHO GAVE US THE SOURCE CODE FOR NINTENDO. this guy is beyond a legend
I feel like we should all be eternally indebted to this man for introducing us to beta Wooper
Ah yes, the source code of the Nintendo company building, there are a lot of brick and cement assets tho
And yet are man slipstream here confirmed l is real 2401
So, the guy who did this fiasco also did a legendary discovery
seek help
14:00 that plot twist. yeah hacking nintendo is crazy yeah hacking microsoft is crazy BUT HACKING INTO NORTH KOREA AND STEALING THEIR ONLY OPERATING SYSTEM THEN LEAKING IT TO THE PUBLIC IS TRULY INSANE
Lol
Frankly though he should've done something that would force an auto-update and kill the OS; anything to cause the Nork's problems is ok in my book ;)
Man's a legend
Hacking North Korea? How is man not dead? That’s like a international crime! Wouldn’t UN NATO, etc. Have to talk to the United States to arrest him?
@@_The_RFG_Club_ isn’t North Korea not in the UN or NATO?
imagine figuring out a company has a big security flaw and the first thing you do is immediately accidentally steal millions of personal information from children
Slipstream is a fucking menace ☠️ Every time he gets caught doing something insane he goes back for more. I absolutely love it
i just love the fact that some guy who was barely an adult casually hacked into all of these corporations
and countries
and hes autistic. Who said autistic children are problematic? I bet his parents are like urgh, its the police again.
Let me fix this statement. I just love the fac that some guy who barely was an adult casually hacked into NORTH KOREAS SYSTEM SOMETHING THAT USA GOVERMENT OFFICIALS COULD NOT EVEN DREAM OF.
Holy sh*t! My little brother had this tablet when he was younger and he took pictures ALL the time. He eventually threw it away and we all got mad at him but thank god he did… he knew something we all didn’t.
His photos and information are still in cyberspace and God knows where else.
you should tell him what happended
I don't think that is a correlation
@@travisconfer2255 not to you 😂
@@NovaQuinzel shit* Don't censor.
The fact that he managed to hack a north Korean database is F**king unbelievable
I n kw right I'm crying laughing when he said that
god i remember the nintendo gigaleak. one of the wildest lesser known pieces from it is documents pertaining to how nintendo stalked and harassed a prominent 3DS hacker with a private investigator and pressured him to stop.
So, let me get this straight : The company which was caught collecting data from more than six million children didn't even have to admit that they did anything wrong, but the hero who alerted the public had to admit that he did something wrong? The irony here is that if he stayed silent he never would have been caught because they didn't even know a breach had occurred which means they just taught a lesson to whistle blowers everywhere to stay silent. I don't think it's fair to say that he caused damage to vtech. I mean, yes that had to shut down the servers but only because they screwed up. That would be like suing a police officer for making you fix your broken light on the basis that you can't drive it for a few days. It's not the officer's fault that that you have to fix something. I absolutely condone his actions.
Except that he did take the data. An ethical hacker would see that the login is vulnerable to SQL injection, stop there and inform Vtech so they could fix it. Then again, seeing how hard it was to get ahold of anyone there, they probably would have ignored it until some actual malicious hacker stole the data and sold it all.
@@joemck85 Sure he copied the data, but the data itself was illegally collected by vtech. They collected video and images and names and addresses without informed parental consent. Even if vtech fixed their login system it would change the fact that vtech was collecting information they had no right to. By not holding vtech accountable that gave the green light for other companies to do the same thing. Google collects audio through its smart TVs via the "Google Assistant" even when Google assistant is set to off and I personally caught a smart TV record audio while the screen is on. There is no way to stop it short of ensuring the microphone isn't functional and the newest smart TVs also have cameras. Maybe we wouldn't live in a world where your own TV will spy on your children if companies like vtech were actually held accountable.
This guy was lucky as hell, he basically just got a slap on the wrist and still continues to do his thing. We have much more serious examples of whistleblowers getting fucked over like Julian Assange, Edward Snowden and others. It's wrong, but being a whistleblower is a high risk and often times zero reward/outcome type of endeavor. There's lots of these stories of ethical hackers pointing out a vulnerability and getting in trouble or receiving legal threats from the companies called out. They should be rewarded but often times they are uncomfortable for the people in power.
@@joemck85 data theft, it should be called securing evidence
@@seperempat4325 When the cops do it, it's collecting the evidence, though this would be done through the legal system, not hacking. When random people do it, it's breaking in, theft, and possibly tampering with evidence. After all, there was question as to whether the data was even real before it was reviewed. To be usable in court, evidence needs to have a documented chain of custody as it's transported and analyzed.
It's disgusting how Slipstream got arrested for exposing one of the worst corporations ever.
Unfortunately Hacking to get an open door to a big website is still a crime It doesn’t matter if you’re a villain or a hero it’s still against the law
@@SinAster_19 yeah but people deserve to know the truth.
@@SinAster_19 LOL so is collecting millions of people & their children's data without their consent.
@@JoeMemes I know they do im not on the side of the law im just saying unfortuantetly no one is above the law
@@SinAster_19 it being the law isn’t enough The law is bad the law is flawed
I remember when I was around 5 I got a small yellow vtech camera for Christmas and I never even knew that that was happening with the company
this man is a living legend! hacking microsoft, nintendo and north korea, how ???
The analogy of him firing a gun in an airport is incorrect. What he did was demonstrate he COULD walk into an airport, fire a gun into the air and receive no security response. They should have thanked him massively.
He uploaded malware to Microsoft's servers. That is firing a gun.
He basically did a no russian mission with airsoft rifles
I mean, he *did* copy the data. It's not like he just verified he had full permissions and left. If actually transferring data off server side isn't at least firing the gun, I don't know what is.
@@DigiMaster236 Microsoft is malware what did he do shoot a gun at a shooting range?
Well, they should have thanked him if he went to them first when he found a vulnerability. The way he did it made sure to harm their public image first.
And my family thought I was crazy a few years ago to reject the creepy V-Tech "stuffed animal" that wanted to know WAY too much information about my child, connect to the internet, and talked. That is not a cuddle buddy; that is a potential spying device that can be hacked.
It's literally the equivelant to a creep putting a hidden camera in your room
I got one of those v tech tablets, thank god that we never connected it to anything or put info onto it, it was a game machine/calculator, so if it was hacked they didn’t get any info. Also I was too stupid to use the camera
Thats why I don't have a baby monitor. My family was insisting I should get one and I was like Nope!
@@sidneyboo9704 well audio based baby monitors that work on radio waves and have absolutely no form of wifi connectivity exist… if that’s what you’re after
im happy that im kinda poor so i cant buy that kind of stuff Anyway im watching this by my phone so lol im screw anyway xd
best security researcher to ever exist
Even as a person who knows nothing about codings knows Flash login, plain text secret answers and decryption keys on the same server is a disastrous idea
I just started laughing ENTIRELY too hard at “some guy figured out how to run doom on it, of course he did” thats just the funniest thing to me! Seriously, what HAVENT people ran doom on? I just love the maniacal obsession hackers and modders have with making every single object run doom!
If it has a screen and accepts inputs, someone has run doom on it.
@@FinalFantasyIXIIII and if it has a grid of at least 2 states it can play bad apple!
Someone got doom to work on an ATM machine
Didn't someone get doom to run on a pregnancy test device?
@@maku8608 w for elly I guess lol
As someone who is into game preservation, Slipstream is a goddamn hero for the Nintendo giga-leak.
giga-leak? giga-chad.
What do you mean? Can you explain further? Did he hack into Nintendo or something?
@@burymeinjhenny918 If he's responsible for what I assume they are talking about, he hacked into Nintendos own servers and grabbed years worth of game development data. Not anything recent, but archive from the mid 2000s and earlier which solved a lot of game mysteries and lead to the preservation of a lot of lost material that would have never been seen publically.
more like tera-leak
Yep, hero. Nintendo is shit
I'm new to this channel im loving how they keep popping up in my feed after thinking I watch all the videos in the channel 😂😂
No idea how I found you but your content is stupid good.
That TOS is exactly why we need Privacy legislation passed in the United States. I cannot believe the hacker who only wanted to help almost gets major jail time but Vtech gets not even a slap on the wrist for ilegally gathering the data of millions of children.
Vtech: Oopsies didn’t mean two endanger chilwdren, sowwy government 👉👈🥺
@@MrDsktlldwn government: ish okay, i fowgwive yuwo ÓwÒ👉👈💖💖
he got no jail time dude he got a caution, very common in the uk for even the pettiest of shit, i stole from a store once and got a caution, theyre really really harmless and go away after a few years
@@azzzertyy but is stealing really something you would be proud of? :(
@@user-sp1sj3mv2u i was 17 and within the poverty line
I'm amazed VTech is even still around, and only got off with a fine in the thousands. They illegally spied on millions of children, downplayed it when caught, and had all their data (that they weren't even supposed to have) unencrypted. They should have been been severely punished for an error of that magnitude. If someone with more malicious intent had been the one to discover how easy it was to get into their data storage, I can't even imagine the damage they couldve caused.
There probably was room for a larger class action lawsuit, but I guess nobody cared enough?
@@kimgkomg absolutely should have happened.
It's because VTech is now supplying the government prunes with photos and videos of children.
That company should have been shut down
That's america for you
Just started the video, I'm French, we have those toys and we never heard of it but it seems like it's gone from stores now so it'll be interesting to finally know why.
The absolute madman this dude is good
Ok, that man deserves an award for the simple fact that he had the balls to hack North Korea of all places! And succeed!
Top line of his CV should always say “I hacked North Korea”
North Korea- Hacks Sony Slipstream- Hacks the whole of North Korea
@@scotttowers1759 Should've left the playstations alone
I'd be scared they'd send an assassin to kill me.
thepirateybay creators stole all of north koreas ip space making them lose internet access, just so they could make it look like the site was hosted in north korea for an april fools joke.
My opinion on this is that everything he did was fine. Yes, they did something incredibly illegal, but if their servers were so horribly protected that a 24-year-old was able to steal tons of their data, that's more on them for not patching their security vulnerabilities. As for the VTech hack, even I could've done that. Why the fuck were they using Flash for their login page???
He probably should have not looked at what the data was once he got in, but otherwise yes he was in the right
Everything else he did was wrong. Hacked into North Korea, Nintendo, Microsoft. That’s just wrong.
Yeah, I agree that a white hat would've been better, as in they just report the vulnerabilities and go, but seeing how hard it was to get ahold of VTech, I can't imagine they would've been able to. As I said, when your service is so easy to hack that a 24-year-old can get root access to all your servers and data by copying a script, then that's entirely on you, and you are the only one to blame for letting your service be that vulnerable.
Not only did they use flash, they also didn't SQL sanitize things. Also, you forgot to mention the fact that he also hacked into North Korea.
21 year old*
Gotta love the "hackers" who act without malice. Being able to acquire that data, let alone hold that much potential money in your hands and not have a malicious thought in your head... true power
This has the best ending to any story I have ever seen
Slipstream is straight up an anime protagonist. He gets away with breaking the law multiple times with barely even a warning, and still does the illegal stuff he does to protect people.
it's giving light yagami
He's light from death note
A caution basically has most of the effects of a prosecution without the prison time so not really getting away
Honestly, thank God he was able to hack into Vtech and let them know about it... could have been someone with more ulterior motives, a/k/a a creeper, who wouldn't bother to do anything about it. Anyhow, this guy sounds like a genius when it comes to computer stuff. Love your videos - thanks for the upload & enjoy the rest of your day!!
considering there was an active hacking community for the tablets it's very likely quite a few of them realized the vulnerability of using flash in the year of our lord 2020 slipped in did their thing and were never noticed every time you hear about a hacker exposing a vulnerability in a system, you gotta remember there's probably more than a dozen that abused it and did not report on it
What makes you think Slipstream was the only one who did it? If there was a security flaw as blatant as that it would be safe to assume other people might have also discovered it by themselves. All we know is that Slipstream was the first to publicise it, but that doesn't mean he was the first to discover and use it. Just food for thought.
@@arstulex yeah honestly considering he started the video by saying what a big community there was around hacking these things there's no chance other people didn't also get the data. And there's no way to know because Vtech didn't even notice Slipstream taking every single users information
or even if he report it, Vtech doesn't care he went to jail and someone else hack it in a most malicious way possible
as someone that's pretty jaded, the "Creeper" that would hack those systems likely would be looking for self incriminating photos of those children. because the law is stupid and when children have cameras, laws are broken, which puts v-tech in criminal possession and yeah... there is far more wrong and concerning with v-tech then just the fact their security was beyond crap and broken that easily.
I remember this well; I revived the email explaining that there had been a data leak (I had two young children who used the VTech Innotab).
I laughed so hard of the idea of that guy just randomly waking up and deciding to hack north Korea, as if it was the logical next step after fucking Nintendo up
😂
Probably because it is the next logical step
the fact someone just instantly managed to run doom on it is just perfect
It's like a right of passage for a hacked device, run DOOM
@@PliskinYT it's actually been a meme for decades, the best memes age like wine. and my TI-82 with doom
@@PliskinYT if the hardware can run an OS, it can run Doom. Somehow.
You know the rules, if it has a screen it can run Doom.
@@grinningllama89 you know the rules, and so do i.
YES 🎉 The video is back!!!
The dude literally hacked into NK because “why not” 😂
I once worked with a Chinese tech company, I can verify that this type of complete lack of care and effort over security is rampant. At first I couldn't believe why they didn't care, until I realized the emergency exits from their office all had locked padlocks on them. If they don't even care about risks involving their own lives, imagine how little they care about the risk of customer data leaks.
Even though I moved away from Russia years ago and now work in Europe, emergency exits that are *actually* open are still a foreign concept for me. In Soviet Mindset, you dont keep any doors open you simpleton, are you just inviting homeless people?? Who cares about fire safety, what's the probability of a fire anyways? And if it happens people will just figure it out somehow, nah uh we're not keeping open doors on a company building /s So yeah, this might come as a surprise for you, but for a big chunk of the world emergency doors are essentially just another wall but with a door handle.
Not "their own lives". I'm sure the people at the top have no need to even set foot in those buildings.
Yup, that's how China works.
Funny to asssume the Chinese don’t lie and steal about everything
@@jeremiahsmith916to be fair i think they are 1 way. walmart is full of emergancy exit doors you can see outside the store but i dont think you can walk inside the store thru those doors. Many have alarms so if you do go thru the door it is extreamly loud which is good in a real emergancy. Most here just ignore them ive herd of a few people shoplifting than escaping thru those doors
Hacking into North Koreas Redstar OS should be it’s own movie
It already sounds like a movie title
He probably did it on a boring afternoon, wouldn't be an interesting movie
I don't care how much they would dramatize it, I'd watch
"For you it was the biggest security breach in your country's history. For me it was just a Tuesday afternoon."
@@anthonymcrooster3703 DAMNN
Few things. The Innotab doesn't connect to Planet VTech, it is a totally different project created in 2007, they share the same backend, thus allowing the entrance to an internal tool that has SQL injection vulnerability. Learning Lodge is what it is connected to, no flash there. 2ndly, the Learning Lodge was created in 2010, Planet VTech in 2007, so the security standard are very different back then and Flash was the norm on every websites. 3rdly, all the *data* that was acquired through the Kid Connect service was encrypted with AES, the decryption key was not in the DB and was never acquired, because each has it's own encryption key on device side, and the stored messages/photos are the ones that are unsent, sent data are deleted immediately upon delivery. Besides that, those *data* consists of an email address, city, country, zip...etc. No street address, and it's the standard you'll ask for creating an account back in the days. Child name was a "profile name", it doesn't require you to enter your child's full name. It could be anything. 4thly, the secret question thing, it was obsoleted data, there is no way on the front end to use those questions to reset / check password anymore. Still, there's no excuse for having vulnerability on their system. But you need to fact check a little. I am not giving them excuse, but this surely has blown way out of proportion because it is a toy company, and it involve kids. (Rightfully so) 5th, the FTC order involves a 20 years mandatory audit from 3rd party on their security systems. Implementation of ISO 27001/2, and Penetration tests each year, if any of them failed, FTC will hand out even more severe penalties.
I like how you highlighted "illegally" in the title like there was a legal way to spy on children.
How to legally spy on children: Step 1: Have children. Step 2: Spy on them. Thank you for coming to my TED Talk.
There is. They're called baby monitors 😂
Leaving the decryption key in with everything else is like putting a padlock onto a decorative doorknob
... or leaving the key in said padlock! lollll
He hacks into multiple companies and gets away with it. He lets people know of problems and they don’t fix them. He gets arrested. What? He’s doing us a service! He should be praised! I also just love the sentence, “He hacked into North Korea.” I’m very glad this guy is not trying to be malicious!
The moment in the videogame when you look at the friendly eldritch entity and think "I sure am glad that thing is not evil". What a gigachad.
How is he not malicious, the fact he uploaded malware onto the internet shows his intentions to make money by hacking innocent people. Don't make claims before watching the full video
@@redtortoisethe malware could have been light, a none malicious virus that alerts them to the presence of it and how it got in. Since he probabyl didnt want to get arrested again like with vtech
@@redtortoisemy brother in Christ, do you know what malware is? It’s not some scary evil Code that steals all of your money. It can be used for more than that, like warning Microsoft that they have a breach
@@dogman3362 *kirby*
H3 brought me here. Found me a new channel to binge.
ofcourse your information is the most valuable asset to companies, how else are they gonna sell your phone numbers to scammers?