This Toy Can Open Any Garage

Share this video on

What's Hot

What's New

Top Grossing

Top of the Chart

Recommend

spelunkerd : Embedded advertising ends at 1:45.

RedKB : but most of all, Samy is my hero

Lukas Zabrac : Did you just train a whole bunch of thieves to open my garage?

chargermopar : Good luck breaking in my garage. I have no lock on the door, no power opener and so much junk inside that no one can pass.

Tinfoilpain : Hacking is time consuming because programming is annoying... I'm a software engineer.

AuthenTech - Ben Schmanke : "Opens the door to other issues.." ;-) Nice. I see what you did there

aaro 345 : damn this guy is rich 😮

Oscar Muffin : 2:00 to skip advertisement.

Nick SB : I got an ad with Derek in it. Thought you might want to know that...

Sahil Pethe : I just thought of a nice way to avoid all this corporate system bull crap and still be a lot safer than this 8 bit and 12 bit nonsense. 1. Get a raspberry pi and a voltage controller to interface with the rollers that roll the doors. 2. Connect your raspberry pi to your home wifi 3. If your wifi range doesn't extend it near your garage door, extend it using a range extender 4. Write a basic Java program on raspberry pi that listens to a certain key phrase on a certain port number. When it gets the key on the port number, it will send the voltage signal to the roller system to open the doors 5. Write a one line piece of code for the phone to send the key to raspberry pi's IP and port number with the key as the message. Execute it using terminal emulator for android (not sure what the equivalent for iOS is). 6. Done If an attacker wants to hack your garage door, he will have to first hack into your wifi, figure out you use a raspberry pi to unlock your garage, figure out the ip and port number and then figure out the message. In case you are too paranoid about the key being too basic, write some extra code to generate private and public keys using RSA. Amazing solution. Edit: Another better way to generate a key is to use hashing on both sides. On both sides, the hash is calculated every second and the hash function also updates every second - > md5hash(current hours, seconds, date, month, year + some custom message). Since this 128 bit hash code updates every second and it's almost impossible to duplicate or brute force it every second, it's I think the most secure way of going about this.

Hacks and Security - NEW channel : Someone below is asking that the rolling code can't work the way its told here. As if the receiver accepts only the next code what will happen if the transmitter is out of range and someone presses the button of transmitter ? As now transmitter has moved ahead of receiver. Well the video lacks a few things here. Actually there is a synchronization counter C which gets increamented each time you press the key (of transmitter). Same way the receiver also stores the most recent validated synchronization counter it has received (N). Now when ever you press the key and send the pseudo-random number to the transmitter the transmitter also takes the synchronization counter C from transmitter (and to update itself will overwrite N with C). Now receiver will also produce the Cth code (corresponding to C i mean) and match with the code send by transmitter. There is also rolling window of acceptance for rolling codes say 100 or 1000 or whatever (depending upon which system you using for your garrage or car keys). Now also note that C-N <= window of acceptance. Hope you are getting my point here. Means if you window of acceptance is say 1000 and you press your key 1000 times when you were out of the range then the garrage (or your car or whatever) will ignore the key even if you come back to range. Also note that if press the key and hold it pressed it keeps emitting same bits, its only when you press it again (press, release the button and press again) that you are generating a new code. The attack works because the tranmitter checks if the next number is what falls in the sequence and there is no concept of expire due to time here (like we have in one time passwords sent to phone).

amazing_dude : Pro tip: get 256 garage keys, modify each one to every possible combination for 8 bit, use it on ur neighbors. Edit: nvm, you only need 1

e-Sharp : I'm getting tired of all those commercial communications. No matter where I go; here goes brilliant, skillshare or whatever. I would donate money so you stop putting those. I don't care if they're revelant or not; they are annoying period.

Mound-Maker : Yes sure let me give a company all my passwords.

boson96 : I never realised before that Derek was like super rich!

Mark Warbington : My uncle drove a late 70's Datsun pickup truck with a really noisy ignition system. He managed a residential construction crew so he would drive through the same neighborhood every morning about the same time. Whenever he passed by a certain house, the garage door would open. Eventually the homeowner flagged him down and confronted him about it. Of course it wasn't malicious. The guy just had a really shitty garage door receiver. :)

mopore : Thumbs down. Too long of a shill for your sponsor at the start of the video. Try to keep your shilling to 15 seconds max. Thanks.

SmilingIpad : Are there any resources to learn more about how the chip inside the toy was reprogrammed? It seems interesting.

Hayden Timmins : Why do you only have good security on ONE DOOR. Makes zero sense

Adresse Poubelle : I think that any honest advisor would tell you that you need not a password manager but a personally made up algorithm to help you remember your passwords or generate new ones. It can (and should) even be complex, after all you only need to learn to master it once and for all. For a user, it is as easy and convenient as having a single password. For a hacker, it is even harder to hack than your password manager. If you use a password manager you might as well worry yourself sick about protecting your computer against malicious software because having it hacked would be seriously catastrophic. No need to mention the risk if synced across all your devices. All you need to do is lose one, or use it on an unencrypted network. If you have an algorithm in your head, with one single parameter (easliy remembered, unguessable, that you could even implicitly write down somewhere innocent-looking) for each of them, it is absolutely unbreakable unless intercepted when the password is entered (and that only risk is just as high with a password manager). On top of that, if you are burgled with a laptop containing 320 passwords you haven't a clue of, there it all goes. Even if the passwords aren't discovered, you can no longer use them yourself. So you need to know your passwords anyway, so password managers, regardless of how unsafe I claim them to be, are pointless. Don't be over-reliant, be smart and wary.

II : Now we all have to upgrade the security of our three-garage mansions.

Vineet Mohan : Bruijn is a Dutch name and is pronounced close to 'brown' not 'ruin' with a 'b' in front of it

TheEgg185 : 99% of the general public don't have the intelligence to do any of this. The ones who do are making 6 figures and don't need to break into your stupid garage.

aiRCoft : This dude looks a little like Elon Musk.

Leon Krug : Sammyyyyyy where have you been. Please upload more to your YouTube channel

JD : that is a really nice house. congratulations Derek

Smourbif : Sells of IM ME up to 9000 %

tripjet999 : A crescent-pass oscillator will solve that problem.

Zach Reitz : A video about hacking into stuff that begins with an advertisement for a product to keep all your passwords in one place. Hmm. Nothing suspicious about that at all.

not amouse : AH, the old barbie pager trick. LOL. I am not going to say what else you can do with these, know only that it is very bad.

Don B : That’s Samy kamkar he was banned from using any computer with internet access in 3 years for hacking MySpace lol

Sakonema : Oh yea. I have at least 200 accounts.

にゃあエイリアンMeowAlien : 2:30 that sounds in the background... I thought Harry Potter theme is about to start xD

haxhxm : Samy the guy who broke down myspace

BreezyGamer92 : Once Lastpass gets hacks you have to change all your passwords. Genius! I write all mine in a notebook.

Hypercube9 : I have a brick that can open any window!!

Terry Nicknig : I've been a subscriber to your chanle fir years but not any more. I would stay but I'm tired of you advertising format. You give me your intriguing bases for the video then stop to sell me something before giving me your content. I love your content but im not going stay with your format. Put your advertising at the end of your video like any good and honest to your subscriber youtubers bo. By

ZyloxHD : Just watched your documentary on arte! Really well done! I really enjoed watching it! Looking forward for another one!

Mark Chang : 0:00 Susie's first hacking kit!

ROBERT ANDERSON : Consider doing a video about the 15 frequencies used in most Chip Keys in today's modern cars. If you build a Passive RF transponder that emits all 15 frequencies, all you need then is to pick the lick and the modified chip instructs the fuel rail to deliver fuel...

Naganachiketh Chinnamuttevi : Can't hack into a garage door when you're too broke to have a garage

yakurbe 0112 : Sammy is my hero.

Ivan Chu : Sammy is my hero!

Gai Gai : Video 1:47

Keiran Roles : Sammy is my hero

Matt 24 : Just wait till you learn about the 300 year old key technology we use to secure our homes.

zmasterx : do you need a password for a last pass account?

PARANOID ANDROID : samy is my hero

HoLLy : Samy is my hero

usbgus : Samy is my hero