Stealing Your Private YouTube Videos, One Frame at a Time

Turns out you can exfiltrate every possible thumbnail of a private video via an Adwords account.

Previously, previously, previously, previously, previously, previously.

Tags: , , ,

One Response:

  1. Jon says:

    According to the timeline at the end of the article, that particular bug got fixed. But just like with screen locking, it's a failure in design. If you have an unencrypted video on a third party computer in the clown, I don't see how it can be considered "private" in any meaningful sense, no matter what the database attached to the service says.

Leave a Reply

Your email address will not be published. But if you provide a fake email address, I will likely assume that you are a troll, and not publish your comment.

You may use these HTML tags and attributes: <a href="" title=""> <b> <blockquote cite=""> <code> <em> <i> <s> <strike> <strong> <img src="" width="" height="" style=""> <iframe src="" class=""> <video src="" class="" controls="" loop="" muted="" autoplay="" playsinline=""> <div class=""> <blink> <tt> <u>, or *italics*.

  • Previously