00:00:00
tiny 11 has problems and honestly so
00:00:04
many people are recommending it now that
00:00:06
I have to make this video just to
00:00:07
balance things out because you should
00:00:10
never use a custom windows ISO on an
00:00:12
install I can tell you I've done it work
00:00:15
for over 20 years and I've seen so many
00:00:19
problems with these custom isos from
00:00:21
botnets Key loggers other things that
00:00:24
make you compromised when installing
00:00:26
them it may not happen immediately but
00:00:29
it probably will happen and I want to go
00:00:32
over why that is why you should never
00:00:34
use a tiny 11 even if your favorite
00:00:36
YouTuber recommends it heck I like ETA
00:00:39
Prime I think he makes great videos but
00:00:42
this is a terrible video by him and I've
00:00:44
made terrible videos not to just call
00:00:46
him out but there's other people here
00:00:48
ghost Specter reverse tiny 11. this is
00:00:51
something you should never do but let's
00:00:53
break down why uh why are the people
00:00:55
doing this why would you reduce you know
00:00:58
distribute a custom ISO and the risks
00:01:01
you take when you do use one because
00:01:03
I've seen a lot of YouTubers starting to
00:01:06
say hey tiny 11's okay I'm using tiny
00:01:09
11.
00:01:10
and you know we've also seen an uptick
00:01:12
in YouTube hacks maybe some correlation
00:01:14
there but let's get into the problems it
00:01:16
has we have YouTubers here we have
00:01:18
companies recommending time 11 and why
00:01:21
is it you always download it from kind
00:01:22
of like a not an official site it's like
00:01:24
archive.org or uh usually some kind of
00:01:27
like MediaFire you know
00:01:30
Omega you you get it from all kinds of
00:01:32
places but never really an official
00:01:34
Source usually from Shady Shady spots
00:01:37
the big thing is what can happen with it
00:01:41
main problems botnets viruses key
00:01:43
loggers cryptominers all these can be
00:01:45
bundled into these small packages and
00:01:49
exceptions can be made in Windows
00:01:51
Defender to bypass it most people know
00:01:53
I'm not a big fan of Windows Defender
00:01:54
I've made videos on that but at the same
00:01:57
time it's uh any virus is just a layer
00:02:00
of security too many people rely a
00:02:02
hundred percent on any virus and that is
00:02:04
just a recipe for disaster uh security
00:02:08
is all about the layers and Antivirus is
00:02:10
just a very very small layer in in your
00:02:13
security footprint so let's get into why
00:02:15
they would do it uh and why you should
00:02:19
not trust any custom ISO I don't
00:02:21
personally make any ISO even though I
00:02:23
have a ton of deep bloat utilities and
00:02:25
GitHub repositories showing people how
00:02:27
to deep bloat their system it's not
00:02:30
something I ever will redistribute
00:02:32
mainly because it's illegal and that's
00:02:34
the big thing any modified Windows is is
00:02:37
legal there's a guy that actually got
00:02:38
sentenced to 15 months in jail there's
00:02:40
even a Vox video on YouTube that went
00:02:43
into it uh and here's a polygon article
00:02:46
where he actually was just salvaging old
00:02:48
Windows systems with legit Windows keys
00:02:51
and then just supplying a recovery CD so
00:02:54
he wouldn't even modifying Windows
00:02:56
really he was just redistributing it
00:02:57
with already good licenses from from
00:03:01
systems that were getting thrown out and
00:03:03
he went to prison for 15 months so now
00:03:06
let's think okay so these these
00:03:08
developers are risking prison time
00:03:10
redistributing Windows the biggest thing
00:03:13
when they redistribute these things is
00:03:14
it can't have a huge footprint you the
00:03:16
user needs to feel better about
00:03:18
installing these and they do a pretty
00:03:20
good job of this but just a key log of
00:03:23
running in the background is really not
00:03:25
something that's really easily detected
00:03:28
especially if it's done as a root kit
00:03:29
and it can just sit there and grab all
00:03:32
your passwords credit cards you type
00:03:33
into the web it could grab session
00:03:35
tokens you saw a whole bunch of like
00:03:36
Linus getting hacked the other day they
00:03:39
said it came from an actual person
00:03:41
saying here you go but hey who knows it
00:03:43
could have been a tiny 11 install in his
00:03:45
environment and then someone logged into
00:03:47
that computer that's possibility uh you
00:03:50
know these are things we need to think
00:03:51
about you also have just spreading chaos
00:03:53
installing viruses for the fun of it and
00:03:56
that's probably less of a thing these
00:03:57
days uh more often than not maybe you
00:04:00
are a zombie or a part of a botnet where
00:04:03
you're like a sleeper agent and then you
00:04:04
get activated whenever they want because
00:04:07
you can do that all these things are
00:04:09
possible and many people are like well
00:04:11
I'm scanning tiny 11 for viruses or I'm
00:04:13
scanning ghost Specter or whatever
00:04:15
system you want to use here fill in the
00:04:17
blank and it's not coming up with
00:04:19
anything using Windows Defender or or
00:04:22
I'm not seeing anything well the system
00:04:24
itself is modified I can write programs
00:04:27
to control you and your windows and then
00:04:30
distribute that ISO and know any virus
00:04:33
is going to catch that because it's at a
00:04:34
system level it can be loaded before the
00:04:36
windows even starts up there's a lot of
00:04:39
ways to get into to system as I've shown
00:04:41
in the past in many other videos as well
00:04:43
so that's really the reason a rationale
00:04:46
behind Distributing these custom isos
00:04:48
and why you shouldn't trust them but uh
00:04:51
what about building it yourself and this
00:04:52
is where I kind of like
00:04:54
tiny 11 Builder uh and I wanted to kind
00:04:57
of share this Builder with you guys and
00:05:00
just say if you do like tiny 11
00:05:02
reproduce it yourself uh into Dev which
00:05:06
I'm not saying hey this is totally what
00:05:08
he's doing but he does give out his
00:05:10
GitHub that has all these things now
00:05:13
this executable file anytime you have an
00:05:15
executable file even with GitHub it can
00:05:18
be a little sus like I downloaded this
00:05:20
and I wanted to talk about digital
00:05:22
signatures because there's another thing
00:05:24
that's happened recently that you
00:05:26
probably might draw correlation 3cx
00:05:28
being hacked they were using a false
00:05:31
signing or false digital signing to
00:05:33
basically get through and infect a lot
00:05:35
of people as well
00:05:36
and I wanted to show this executable
00:05:39
file and its digital signature because
00:05:41
this file I can't find in any of the
00:05:44
Microsoft servers or packages and it
00:05:47
looks to be modified I'm not saying that
00:05:50
that's what's happened but uh it's
00:05:53
something that you don't really need
00:05:54
this file and if you need to use an
00:05:57
official Microsoft tool download it from
00:05:59
Microsoft in my little article here I
00:06:01
actually give you the adk that where you
00:06:04
get osc demg from that builds the the
00:06:07
iso get that from the official Microsoft
00:06:10
Source you can go ahead and use these
00:06:12
scripts in here as I did go through
00:06:14
these batch files and I did not see
00:06:16
anything malicious with them so these
00:06:18
scripts are actually pretty good I would
00:06:20
just replace the executable and use the
00:06:21
official one from Microsoft as I just
00:06:24
don't trust this modified one as when we
00:06:27
pull this up and I have all these pulled
00:06:30
up here we go right click properties go
00:06:33
to digital signatures
00:06:35
timestamps not available we go to
00:06:38
details you can see 140 kilobits this is
00:06:41
the actual uh version so we will match
00:06:44
up this file version and the size should
00:06:46
match when we get it directly from uh
00:06:50
Microsoft so that's a cute things one
00:06:53
timestamp might be available is a little
00:06:55
sus and then this size should match that
00:06:58
and when I pull up all of my searches
00:07:01
from installing the official one from
00:07:03
Microsoft using the windows kit you can
00:07:06
see none of the kilobytes actually
00:07:08
launch up and match up at all this one's
00:07:11
the closest one which looks to be the
00:07:13
AMD 64. you can see right here this is
00:07:16
the one you'd probably want to use we go
00:07:18
to properties
00:07:20
we match this up you can see from the
00:07:23
details that the size is not the same
00:07:26
the version is the same so that's
00:07:29
interesting digital signatures this one
00:07:31
does have a timestamp this one doesn't
00:07:33
have a time stamp so was this file
00:07:35
modified in some way yeah
00:07:37
uh I don't I don't get why
00:07:41
this is different and if this was just
00:07:44
maybe downloaded another time I'm not
00:07:46
calling this person out at all I think
00:07:47
what they've done is good with a lot of
00:07:49
the deep loading but at the same time
00:07:51
it's a little sus and that's one thing
00:07:54
that if you're going to use these
00:07:55
executables just grab the ones from
00:07:57
official Microsoft that will work the
00:07:59
same way and you know that that
00:08:01
executable is good not doing anything
00:08:02
malicious so kind of an interesting uh
00:08:05
tidbit there and you might be thinking
00:08:07
well how do you fake a digital signature
00:08:09
like they did with 3cx and there's
00:08:11
another article that I just kind of
00:08:13
interesting as well there's an actual 10
00:08:16
year old exploited bug in Windows that
00:08:18
cause that hack to happen and you can
00:08:21
actually read through this article I'll
00:08:22
link it down from bleeping computer but
00:08:24
it it basically allows you to modify
00:08:27
these files and then keep the digital
00:08:30
signature as if nothing happened and
00:08:32
that's what happened with 3cx as well so
00:08:34
you know 3cx probably a little bit lacks
00:08:37
security but also Microsoft's a bit to
00:08:39
blame here because this is a 10 year old
00:08:41
exploit that just was
00:08:43
uh used in this particular hack but
00:08:46
again I wanted to show that these
00:08:48
digital signatures well are good another
00:08:51
layer of security that can be
00:08:52
compromised much like your antivirus can
00:08:54
have uh compromises in it and when you
00:08:58
get into these custom isos there's so
00:09:00
much that you can do uh to basically
00:09:04
bypass all these layers of security and
00:09:06
you're entrusting that one person you
00:09:08
don't know the name of that has some
00:09:10
pseudonym that redistributes these
00:09:13
things what is their their purpose I
00:09:16
want you to think about that I want you
00:09:17
like why would they do this why would
00:09:18
they break the law so you can have a
00:09:20
deep bloated windows
00:09:23
and I think the answer is do they just
00:09:26
do it out of the goodness of their heart
00:09:28
or is there maybe another intent what's
00:09:31
the bigger probability I'm not saying
00:09:33
that that's the truth
00:09:34
but I'm just saying you're trusting this
00:09:37
person that you don't know their name
00:09:39
you don't know where they live you don't
00:09:41
know anything about them you just know
00:09:43
that your favorite YouTuber or some
00:09:45
software company or maybe a tech news
00:09:48
article recommended it
00:09:51
and you're entrusting your entire
00:09:52
security your entire livelihood is some
00:09:55
on some people's computers you're
00:09:56
entrusting it to that person
00:09:58
so when it comes to custom isos it is a
00:10:02
no-go don't ever do it I'll never
00:10:04
redistribute an ISO I'll never do any of
00:10:06
this these are just some of the things
00:10:08
that can happen and if you do install
00:10:12
Tiny 11 you do install custom windows
00:10:14
isos
00:10:16
there's a good chance you're going to be
00:10:18
compromised
