Turns out you can exfiltrate every possible thumbnail of a private video via an Adwords account.Previously, previously, previously, previously, previously, previously.
Stealing Your Private YouTube Videos, One Frame at a Time
Turns out you can exfiltrate every possible thumbnail of a private video via an Adwords account.
Tags: computers, copyright, corporations, security
One Response:
According to the timeline at the end of the article, that particular bug got fixed. But just like with screen locking, it's a failure in design. If you have an unencrypted video on a third party computer in the clown, I don't see how it can be considered "private" in any meaningful sense, no matter what the database attached to the service says.