Set as Homepage - Add to Favorites

日韩欧美成人一区二区三区免费-日韩欧美成人免费中文字幕-日韩欧美成人免费观看-日韩欧美成人免-日韩欧美不卡一区-日韩欧美爱情中文字幕在线

【hd ??? ??】Google patched a major security flaw that could've exposed YouTubers' email addresses

Google has fixed a security flaw that exposed the email addresses of YouTube users,hd ??? ?? a potentially massive privacy breach.

Google — which owns YouTube — has confirmed that the vulnerabilities discovered by cybersecurity researchers, who go by Brutecat and Nathan, have been addressed, according to a report in BleepingComputer.

Aside from the breach of privacy that would've affected all YouTube accounts, many YouTubers like controversial content creators, investigators, whistleblowers, and activists keep their identities anonymous to protect their safety. Exposing such users' emails could have had huge ramifications.


You May Also Like

SEE ALSO: Google is reportedly developing a ‘fake’ email feature to help you avoid spam

Brutecat discovered that blocking a user on YouTube revealed a unique internal identifier Google uses for each user across all of its platforms (Gmail, Google Drive, etc.) called a Gaia ID. They then figured out that simply clicking the three dot icon of a user's live chat profile to access the block function triggered an API request that revealed their Gaia ID.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

This in itself is already a security flaw since it exposed the unique identifiers for YouTube accounts that is only meant to be used internally. But now that Brutecat was able to retrieve users' Gaia IDs, they set out to see if they could reveal the email addresses associated with each ID.

With Nathan's help, the two researchers surmised they could do this with "old forgotten Google products since they probably contained some bug or logic flaw to resolve a Gaia ID to an email." Using Google's Recorder app for Pixel devices, they tested sharing a recording with an obfuscated Gaia ID and blocked the user from receiving an email notification by renaming the file with a 2.5 million letter name, which broke the email notification system because it was too long.

Now that the hypothetical victim wouldn't be notified, the researchers sent the file sharing request with the Gaia IDs, effectively converting the ID into an email address.


Related Stories
  • Apple Maps follows Google, relabels Gulf of Mexico as America
  • Google: We're not participating in European fact-checking rules for Search or YouTube
  • YouTuber GamersNexus sues Honey over alleged scam

Thanks to Brutecat and Nathan's sleuthing, Google was able to lock down that vulnerability and prevent hackers from accessing everyone's email address associated with their YouTube accounts. The vulnerability was disclosed to Google in Sep. 2024 and was finally fixed on Feb. 9, 2025. That's a long time for potential exposure, but Google confirmed to BleepingComputer that there were "no signs that any attacker actively exploited the flaws."

In exchange for their work, the researchers received a cool $10,633. Phew, crisis averted.

0.1201s , 9714.734375 kb

Copyright © 2025 Powered by 【hd ??? ??】Google patched a major security flaw that could've exposed YouTubers' email addresses,Public Opinion Flash  

Sitemap

Top 主站蜘蛛池模板: 男女又黄又刺激B片免费网站 | 九九热线有精品视频99 | 亚洲日韩国产成人精品 | 精品亚州毛片在线免费观看 | 亚洲中文久久精品无码浏不卡 | 亚洲欧美一区二区三区久久 | 欧美日韩精品一区二区免费看 | 麻豆AV网站免费进入 | 国产激情一区二区三区在线 | 91看看影院| 久久精品无码一区二区综合 | 中文字幕人妻少妇引诱隔壁 | 久久精品国产三级不卡 | 国产喷水美女网站福利在线播放 | 亚洲丁香婷婷综合久久六月 | 国产亚洲欧美日韩不卡 | 国产精品久久久久久99人妻精品 | 特级做A爰片毛片免费看无码 | 国产欧美日韩一区二区加勒比 | 精华液一区与二区适用人群分析 | 久久久久久精品成人 | 成人三级视频在线观看不卡 | 国产精品va在线观看视色 | 中文字幕精品视频在线 | 国产熟女一区二区三区五月婷 | 人妻洗澡被强伦姧完整国产 | 欧美一区网站 | 巨臀人妻中出中文字幕在线 | 欧美日韩国产一区二区三区精品 | 日韩精品午夜视频一区二区 | 亚洲精品国产品国语原创 | 国产又色又粗又黄又爽免费 | 国产精品99AV在线观看 | 国产精品美女一区二区三区 | 日韩激情综合一区二区在线 | 亚洲国产精品无码久久秋霞 | 深夜国产成人福利在线观看女同 | 色情亚洲AV成人小说 | 四虎永久在线精品视频免费 | 欧美色欲精品一区二区三区 | 欧美性猛交aa一级 |